Nick Reddyhoff
The way privacy is encoded into software doesn't match the way we handle it in real life.
Each time Facebook's privacy settings change or a technology makes personal information available to new audiences, people scream foul. Each time, their cries seem to fall on deaf ears.
The reason for this disconnect is that in a computational world, privacy is often implemented through access control. Yet privacy is not simply about controlling access. It's about understanding a social context, having a sense of how our information is passed around by others, and sharing accordingly. As social media mature, we must rethink how we encode privacy into our systems.
Privacy is not in opposition to speaking in public. We speak privately in public all the time. Sitting in a restaurant, we have intimate conversations knowing that the waitress may overhear. We count on what Erving Goffman called "civil inattention": people will politely ignore us, and even if they listen they won't join in, because doing so violates social norms. Of course, if a close friend sits at the neighboring table, everything changes. Whether an environment is public or not is beside the point. It's the situation that matters.
Whenever we speak in face-to-face settings, we modify our communication on the basis of cues like who's present and how far our voices carry. We negotiate privacy explicitly--"Please don't tell anyone"--or through tacit understanding. Sometimes, this fails. A friend might gossip behind our back or fail to understand what we thought was implied. Such incidents make us question our interpretation of the situation or the trustworthiness of the friend.
All this also applies online, but with additional complications. Digital walls do almost have ears; they listen, record, and share our messages. Before we can communicate appropriately in a social environment like Facebook or Twitter, we must develop a sense for how and what people share.
When the privacy options available to us change, we are more likely to question the system than to alter our own behavior. But such changes strain our relationships and undermine our ability to navigate broad social norms. People who can be whoever they want, wherever they want, are a privileged minority.
As social media become more embedded in everyday society, the mismatch between the rule-based privacy that software offers and the subtler, intuitive ways that humans understand the concept will increasingly cause cultural collisions and social slips. But people will not abandon social media, nor will privacy disappear. They will simply work harder to carve out a space for privacy as they understand it and to maintain control, whether by using pseudonyms or speaking in code.
Instead of forcing users to do that, why not make our social software support the way we naturally handle privacy? There is much to be said for allowing the sunlight of diversity to shine. But too much sunlight scorches the earth. Let's create a forest, not a desert.
Danah Boyd is a social-media researcher at Microsoft Research New England, a fellow at Harvard University's Berkman Center for Internet and Society, and a member of the 2010 TR35.
People divulge more sensitive information on sites that look less safe.
Nice post. "People who can be whoever they want, wherever they want, are a privileged minority." With this statement, I think you hit upon something grand. This is, to my mind, the goal of how we should be developing the technologies that surround and permeate our lives. Everyone, a privileged minority.
Surprised no mention in the article of Helen Nissenbaum's book (2010) on this. It's called Privacy in Context: Technology, Policy and the Integrity of Social Life.
Our identity and reputation flows around like waves in a lake. Offline is a perfect analogy, rings of stream following usual fading with distance. Online analogy? There is no one. Or even worse, the technical metaphora created by Facebook and similar is not accurate at all.
You've suggested a forest. I like that idea. I'm also aware that folks can't block the Zuckster from their FB accounts. But that has little meaning, as the Zuckster likely doesn't have the time or mental stamina to look into each and every user's mundane private information. Not all FB users are that interesting.
But in a way, the "forest concept" involves a degree of human ethical integrity. I suppose, to come out from behind the trees, it must be as Tim Robbins suggested. "In a free society the biggest danger is that you'll become afraid to the point where you censor yourself."
There are several groups around the globe working on these issues - how to map the diversity of human relationships and privacy expectations into an online service.
Binary "on/off" friendship is an artifact of another era which needs to be dispensed with. Each relationship is a continuum defined by each participant, ranging from stranger to acquaintance, co-worker, neighbour - each has a different level of communication expectations and trust. Some are primarily one-way communiques, others bilateral; and each has different "attention levels" and can see different aspects of our own personas.
Rather than service-wide privacy controls, we really need per-person controls. What can this person see of my online life? How often do I want to "check in" and find out what he/she is up to? Would I recommend this person to meet my friends?
I know of at least one online social network which does all of this today. The problem we've seen in adoption is one of confusion. It's too radical a concept to easily describe to people that are now trained in one-click friendship and on/off global privacy. It isn't familiar, therefore it has the appearance of being complicated. So while the concepts are solid, the user interface needs to be dumbed down to the bare essentials - and take at most three clicks to completely define a relationship.
Thank you for this excellent post. It seems to accord with the argument of Professor Helen Nissenbaum in her recent book, Privacy in Context
Technology, Policy, and the Integrity of Social Life http://www.sup.org/book.cgi?id=8862 .
Danah-
We have very personal, real life needs not met by today’s Internet. We all want to access, explore and learn from a full range of possible relationships…professional, social, sports, cultural, etc. But it is impossible and impractical to relate to everyone. Nor would we want to. We want to choose what parts of our “inner-self” we share and with whom we share it.
People want to know something about who they are connecting with. But we must let them mutually decide, as in their real lives, what parts of their passions, thoughts and personalities they want to share and relate with…anonymously or otherwise, one-on-one or as part of a like-minded group.
What the Internet lacks is the ability to explore your true and often contradictory self. Where you can be, express and connect different aspects of your personality with different individuals and groups of your own choosing. Where you can find others that share your views and thoughts. Where you can be what you can be. No limits. Voluntarily transparent.
As I have pointed out, in a reply to Jeff Jarvis...
It’s more importantly about being able to present ourselves in multiple ways depending upon the venue, conversation and audience. We may have an inner-self, but we choose what elements to make apparent according to the situation.
I think I know how we might do that.
Bonjour
I translated danah's article because it is really good, and short ;)
https://docs.google.com/document/edit?id=1zBgQ771vPlP-jd2_H9SvOuaqcf4E1bjBPj4TD6o3mFY&hl=en
I am not sure though that I understood well the final metaphor about "the sunlight of diversity" and the "forest"
Hope this helps
Tilly
Back in the pre-browzer days of the WELL (Whole Earth 'Lectronic Link)it was said not to post anything you didn't want to see on the front page of the NY Times - it still applies.
How Microsoft and others undermine social media privacy
The online environment has been purposely architected to undermine privacy in order to favor digital marketing and advertising. Users cannot control a vast personalized data collection system designed to empower the largest global brand advertisers. Take the dramatic use of social media marketing surveillance tools that spies on users and their networks. For example, Microsoft Research has created "LookingGlass...a tool that makes social media data actionable." Microsoft tells advertisers that: "Marketers are very intrigued by LookingGlass’ deep workflow capability to make social media data actionable and by its platform nature, allowing integration of various systems and data (e.g., online ad spend, offline ad spend, call center, POS, CRM) to build deeper consumer insights. Agencies are eager to engage with their clients and Microsoft to jointly experiment and bring LookingGlass to the next level." Microsoft is not alone in deploying such tools, which are at the core of Facebook's business model. Experts such as Dr. Boyd need to address what the online ad industry--and their own employers and corporate supporters--are actually doing to undermine privacy.
For an example of what Microsoft collects for marketers, see: http://advertising.microsoft.com/premiumsolutions
I think that Helen's work is phenomenal and I strongly encourage everyone to read _Privacy in Context_. There is a lot that I would've liked to add (including a discussion of privacy in context) but the word limit on this article was extremely short. So I was forced to stick to the topic and not discuss how my arguments build on previous work. There's no doubt that I'm building on Helen's great arguments.
;)
I think that the privacy in context issues you describe will be significantly highlighted by location...it's certainly how we've strived to design our entire system (http://echoechome.wordpress.com/2010/08/22/if-mark-zuckerberg-cared-about-privacy/)
It seems as though (at least in the location space) most sharing systems are designed to benefit the network or a commercial advertiser rather than the people doing the sharing themselves.
Or as I put it another way on a recent GigaOm article about privacy (that we were both quoted in ;)) in face to face interaction we naturally process hundreds of minute sociological cues so (if we’re paying attention) we can tell if a person is lying, uncomfortable, happy, distracted etc etc…
In such an environment there's no need for a baked-in privacy "setting" as such - you just wing it as you are talking/interacting...
In digital environments we have to learn how to read (and send) new methods of signalling...so yeah a form of privacy control is more ad-hoc rather than baked-in...precisely because that's how human beings mediate and perceive privacy.
I wrote about this in a bit more detail here - http://echoechome.wordpress.com/2010/06/01/how-to-solve-privacy-issues-with-location-sharing/
I enjoyed the way this article cuts through the clutter. Lately, discussions about online privacy just seem to fall into the same rut - and so many people adopt quite a defeatist attitude, which you avoid.
I quoted from this article in my new "ethics and technology" blog. I hope it is OK for me to post a link? Here it is: Ink Bomb
Manufacturing in the United States is in trouble. That's bad news not just for the country's economy but for the future of innovation.
On Twitter
Become a Fan on Facebook
Subscribe to the Feed
JQanmlstyl
1 Comment
Fascinating Post
I love the way you frame social media privacy within the context of non-digital human interaction. It's a fantastic analogy.
What are your thoughts on this subject with respect to the latest geolocation craze?
Reply