James Grimmelman Writes About Facebook Privacy Controls

I came across an interesting paper by James Grimmelman, entitled “Facebook and the Social Dynamics of Privacy”.  He writes thoughtfully on the subject, balancing negatives with positives:

The negatives (and I quote):

  • Leaving matters up to “the market” doesn’t produce an optimal outcome; users’ social and cognitive misunderstandings of the privacy risks of Facebook won’t disappear any time soon.
  • “Better” privacy policies are irrelevant; users don’t pay attention to them when making decisions about their behavior on Facebook.
  • “Better” technical controls make matters worse; they cram subtle and complicated human judgments into ill-fitting digital boxes.
  • Treating Facebook as a commercial data collector misconstrues the problem; users are voluntarily, even enthusiastically asking it to share their personal information widely.
  • Trying to restrict access to Facebook is a Sisyphean task; it has passionate, engaged users who will fight back hard against restrictions.
  • Giving users “ownership” over the information they enter on Facebook is the worst idea of all; it empowers them to run roughshod over others’ privacy.

The positives (I quote again):

  • Not everything posted on Facebook is public. Users shouldn’t automatically lose their rights of privacy in information solely because it’s been put on Facebook somewhere.
  • Users’ good names are valuable. There’s a commercial reputational interest in one’s Facebook persona, and using that persona for marketing purposes without consent should be actionable.
  • Opt-outs need to be meaningful. People who don’t sign up for Facebook, or who sign up but then decide to quit, deserve to have their choice not to participate respected.
  • Unpredictable changes are dangerous. Changes that pull the rug out from under users’ expectations about privacy should be considered unfair trade practices.
  • Strip-mining social networks is bad for the social environment. Bribing users to use a social network site—for example, by giving them rewards when more of their friends sign up—creates unhealthy chain-letter dynamics that subvert people’ relationships with each other.
  • Education needs to reach the right audiences. Targeted efforts to explain a few key facts about social network site privacy in culturally appropriate ways could help head off some of the more common privacy goofs users make.

I recently wrote a post on Facebook’s privacy controls versus other SNSs.  Grimmelman reaches similar conclusions as I did (but words them more eloquently and thoroughly):

“Facebook’s experience provides strong evidence of the limited usefulness of technical controls. One of Facebook’s two “core principles” is that users “should have control over [their] personal information,” and it implements this principle by offering users a staggeringly comprehensive set of privacy options presented in a clean, attractive interface. Chris Kelly, its Chief Privacy Officer, called its controls “extensive and precise” in testimony to Congress, and emphasized that Facebook’s goal was “to give users effective control over their information” through its “privacy architecture.” He’s not blowing smoke; Facebook has the most comprehensive privacy-management interface I’ve ever seen. Facebook users have greater technical control over the visibility of their personal information than do users of any of its major competitors.

“Not that it matters. Surveys show that many users either don’t care about or don’t understand how Facebook’s software-based privacy settings work. One study by the UK Office of Communications found that almost half of social network site users left their privacy settings on the default. Another study, by a security vendor, found that a similar fraction of Facebook users were willing to add a plastic frog as a contact, thereby leaking personal information to it. A study of college students found that between 20% and 30% didn’t know how Facebook’s privacy controls worked, how to change them, or even whether they themselves ever had.”

Grimmelman rightly identifies the forces involved:  SNSs trying to reach critical mass, individuals trying to just share with friends, policymakers who can’t and probably shouldn’t do much, privacy advocates who see a hopeless task, and everyone else in between.  Grimmelman condenses it down to identity, relationships, and community.

Perhaps a solution is a personal information management system, open-sourced but encrypted in its stored info, requiring everything to be opt-in to grant access to other sites?  Grimmelman writes that individual education has shown to be useless on the issue of privacy.  Target the communities, he says.

Perhaps privacy groups should be given more leverage to push SNSs not to abuse users’ privacy, since users are so indifferent to their own privacy until it hurts them?

At any rate, Grimmelman covers all the key issues, so I’ll be sure to refer back to his paper repeatedly in the future.  What’s clear is that Facebook is the major player right now, and it’s butting into a lot of peoples’ private spaces.

  • I didn’t read the paper, but when he talks about giving users “ownership” of data being the worst option, is he saying data portability is a bad idea for privacy? I think that’s a weak critique – there is personal data, like my favorite movies or interests, and social data, like my wall-to-wall with you. Personal data should be portable, obviously. Social, well, that’s a different story.