Losing Face: An Environmental Analysis of Privacy on Facebook

by on Jan.06, 2010, under papers, rfc

Yesterday, I submitted Losing Face: An Environmental Analysis of Privacy on Facebook to a variety of science and technology law reviews. Its abstract is as follows:

This Article contributes to the ongoing conversation about privacy on social network sites. Adopting Facebook as its primary example, it reviews behavioral data and case studies of privacy problems in an attempt to understand user experiences. The Article fills a crucial gap in the literature by conducting the first extensive analysis of the informational and decisional environment of Facebook. Privacy and the environment are inextricably linked: the practice of the former depends upon the dynamics and heuristics of the latter.

The Article argues that there is an environmental element to the Facebook privacy problem. Data flow differently on Facebook than in the physical world, and the architectural heuristics of privacy are absent or misleading. This counterintuitive informational environment waylays privacy practices, opens a gulf between expectation and outcome, causes a crisis in self-presentation, and facilitates what Professor Helen Nissenbaum calls a loss of contextual integrity.

The Article explores possible interventions. It explains how regulatory solutions and market forces are themselves hindered by the the deficient privacy environment of Facebook and can’t solve all of its problems. This Article recommends renovating the design of Facebook to privilege privacy practices and proposes specific interventions drawn from the computer science and behavioral economics literature. It concludes with a message of cautious optimism for the emerging coalition of engineers, academics, and practitioners who care about privacy on networked publics.

The Article is a heavily revised adaptation of the thesis I conducted for Ethan Katsh and Alan Gaitenby at the University of Massachusetts, Amherst. If you’ve read my thesis (entitled “Saving Face”; title changed to avoid confusion with James Grimmelmann’s excellent Saving Facebook, recently published in the Iowa Law Review), then you’re familiar with the broad contours of the idea.

Losing Face, however, has been both greatly refined in its argumentation and noticeably reworked in its format (bah Bluebook) over the last year or so. I received invaluable feedback and assistance over the last from many people during this drafting process, including Helen Nissenbaum, researchers and interns at the Berkman Center for Internet and Society, but most indispensably James Grimmelmann, who helped me navigate the convoluted and mystified norms and logistics of the publication process.

I’ve posted a copy of the Article here and on BePress for further comment while it wends its merry way through the editorial process. This is a draft only, and should not be used for citation. I’ve endeavored to make all references as clear as possible, though some are not as clear as they will be in the final version because I haven’t nailed down all the infras and supras yet. If you have any questions, comments, or concerns about Losing Face, please feel free to drop a comment here or shoot me an email.


Facebook, Network Effects, and the Birth of Giants

by on Jun.04, 2012, under general

Benjamin Mako Hill, an excellent activist and academic associated with the Center for Civic Media and Berkman Center (among others), has a widely-circulated blog post up entitled Why Facebook’s Network Effects are Overrated. This is something I wrote about in Losing Face.

Ben makes a lot of really good points, but there are a few with which I disagree, and I wanted to comment on them further here. He writes:

And the relationships between services aren’t always peaceful coexistence. Remember Friendster? Remember Orkut? Remember Tribe? Remember MySpace? MySpace, and all the others, are great examples of how social networks die. They very slowly fade away. MySpace users signed up for Facebook accounts and used both. They almost never just switched. Over time, as one platform became more attractive than the other, for many complicated reasons, attention and activity shifted. People logged in on MySpace less and Facebook more and, eventually, realized they were effectively no longer MySpace users. Anyone that has been on the Internet long enough to watch a few of these shifts from one platform to another knows that they’re not abrupt — even if they can be set in motion by a particular event or action. Users of social networking sites simply don’t have to choose in the way that a person choosing to boot Windows and GNU/Linux does.

First, Facebook is bigger than these other examples. A lot bigger. So much bigger, in fact, that I would argue the difference is of character, not of degree. Metcalfe’s Law tells us that the value of a telecommunications network is proportional to the square of the number of connected users of the system. If this is an accurate way to think about social networks – and I believe it is – then the fact that Facebook now contains almost a seventh of the world’s population is very meaningful. Remember: Ma Bell never died. She had to be killed. And her dismembered bits and pieces are slowly oozing back together.

I don’t think the appropriate comparison for Facebook is MySpace, or Friendster, or Tribe anymore. Those sites remind me, in hindsight, more like Path or Instagram or Pinterest: much smaller, segmented, affinity communities for particular populations. Facebook has become something almost more like electrical current or railway gauges, or even the TCP/IP stack: yeah, there may be global variations, but generally speaking everyone is using the same thing.

Ben was talking about network effects; I’d like to add in the concept of a natural monopoly. It seems to me that it makes sense for there to be one big social network site for everyone. It doesn’t need to be the only one (and Ben makes this point about Diaspora having its own valuable niche). But just in the same way that we’ve realized it doesn’t make sense to have multiple Internets (goodbye CompuServe, goodbye AOL), I’m not sure it makes sense to have multiple social network sites of global aspiration. Facebook is there already. And if Google can’t beat them – with more users worldwide than Facebook has through search, GMail, etc – then no one can in the foreseeable future.

Second, I don’t think the switching costs are lower for social network sites. The Data Liberation Front and Facebook’s archiving system are nice. But they’re also trivial. They’re trivial because the point of privately enclosed social intermediaries is not the things but the people enclosed within them.

Network effects + Metcalfe’s Law means the social network site which contains the largest subset of my set of friends is the most socially useful site to me. There may be design or affinity differences which add a weight to the equation but the general arithmetic holds true. I might have stopped using Facebook a long, long time ago, except that even if I wanted to I can’t; it’s where all of my friends are, where they plan events, where they post links that I find useful / informative / entertaining, and until they are elsewhere I must remain.

That’s a much harder decision to make than what OS to boot into. I can boot my Macbook into OSX / Windows / Ubuntu. For that matter, I can emulate any of them in VMWare. And, because of hard-fought interop battles (and the economics of software publishing houses) I can increasingly rely on some cross-platform compatibility in key software tools. Every day there is less vendor lock-in in the software space that actually limits me. Tableau is Windows only? Fine. I’ll install XP on VMWare and run it under Unity View. To me, the user, it’s transparent. I’m not trying to trivialize interop / OS wars / lock-in here. I just think that, for me, the decision to drop Facebook is about a billion times more difficult than what OS I boot into.

The real thing that is interesting to me, though, is something Ben mentions only in passing, presumably because it is such a complex and difficult question to grapple with:

Over time, as one platform became more attractive than the other, for many complicated reasons, attention and activity shifted.

What exactly did happen here? How the hell did Facebook get so big so fast? How did it penetrate so many markets so completely? And could anyone else do what Facebook did (which it would need to do in order to replace it)?

I don’t know all the answers to all these questions. But I think I’ve got a dim sense of one.

In June 2005, when I was graduating from high school, I remember standing in the high school cafeteria with my friend Erica Getto. We were practicing the graduation walk and chatting idly about life in college. Erica asked me if I had heard of TheFacebook. She had, from her elder brother, and she said that “all college kids are on it” and it was how they kept in touch.

When future historians go back and try to figure out what the key was to Facebook’s success I’d be willing to bet money that it was in their (completely accidental) market positioning. They went very, very deep into the college demographic, which is different from going deep into the hipster demographic or goth demographic or punk demographic because while college students are certainly demographically distinct from their age cohort a lot of different people go to college at one point in their lives. It’s as if rather than Facebook trying to capture one branch of a social tree, they instead caught one four-year long segment of the trunk. The thing is, as time goes on that segment graduates, and then goes out into the world, but still has a Facebook account with all of these ties, and a new group comes in.

In other words the thing that made Facebook a success (I think) is that it deeply penetrated a broad set of people in a narrow set of time / life experience. This meant that people who graduated could still use it, and people who were entering college would get indoctrinated in, and it just grew from them.

Incidentally, I think the same thing is about to happen to Apple. At MIT and at every other college where I have spent time Macs are used at a rate disproportionate to the adult professional population. Most of industry, enterprise, government, etc is still old PC boxes. But Apple has had such deep penetration into a generation of college students that I have to think they will demand (and eventually receive) Macs in the workplace going forward. Anecdotally this has already begun to happen.

Again, this isn’t the only explanation. It’s one explanation in a complex ecology of explanations. But I think there is something to this idea of deeply penetrating a broad-base, time-slice cohort, and then hoping that it grows and networks out as it moves in time. The takeaway is: build a tool that’s useful for a slice, and they, like Rick Astley, will never want to give it up.


Frictionless Facebook

by on Sep.27, 2011, under general

pkoms sent me an editorial today from ThisIsMyNext by Laura June on the subject of “frictionless” sharing in the context of the new Facebook Timeline feature.

Excerpts:

The feature that I find most unsettling, however, is the connection which Facebook now has to applications such as Rdio, a streaming music service which already served as a type of social network: you can have friends and followers, and share your listening habits in a closed off network. Rdio is a tiny service compared to Facebook, but was already connected with it, and had the ability to share a song with the click of a button whenever you wished.

[The] one way I actually enjoyed using Facebook was to share, via Rdio’s little sharing button, a song or two a day, posted to my wall. To be clear, sharing that song was always a conscious choice, based on numerous other little choices I made within the blink of an eye: what time of day is it? How am I feeling? Have I shared this same song before? In effect, I was “saying something” with my click.

The new relationship between Rdio and Facebook — based on the nefariously named Open Graph which debuted last year — is one of “frictionless sharing.” What this means is that the same act of connecting my Facebook and Rdio accounts now presents me with only one real option: I will now share every song I listen to, automatically, via the news ticker on the right column of the Facebook dashboard, with every single one of my friends (or customized groups).

What we see here is a manifestation of the ideology of radical transparency and its effects on privacy-as-performance, performance-constituting-contexts.

Put more concretely:

Ms. June used to consciously choose which songs to share. She chose based on a variety of social cues, but always with some level of (sub)conscious awareness of the message the sharing of the song would send. And through each decision to share or not to share, she constructed her identity at that time, by arranging her data as a social performance.

Now, however, the process is automated. She can either choose to opt-in to all of the service, or opt-out of all of it. Granularity – temporal granularity anyway – is not an option.

If this example seems trivial – who cares about music choices? – take the principle and move it laterally to a parallel hypothetical. Facebook currently gives me the option to share any website I visit with my Facebook friends. I click a share button and it populates my News Feed. This is something I love about Facebook. In fact it’s one of the few reasons I still use it. It’s building a less-robust del.icio.us service into my social network. And I know a lot of people who use it.

Suppose, though, that you’re someone who loves the Share functionality. What if Facebook were to simply change the structure so that it automatically published, in your News Feed, every website you visited?

It’s perfectly technologically possible. Unless you take pains to block it, Facebook already tracks every website you visit that has a ‘Like’ button on it. They could very easily add this functionality to a published News Feed.

Now Facebook would have to be insane to do this, because the uproar would be fantastic. But here is the question: why would the uproar be fantastic? Isn’t the ideology of radical transparency in play in the Rdio example in play here? Sure, the spectrum of content might be different, but the mechanics of information dissemination – whether or not you have an affirmative role to play in constituting your identity, or whether it is automated – are identical.


Facebook’s Timeline

by on Sep.23, 2011, under general

So Facebook has announced a redesign.

The update, as I understand/conceptualize it, consists of two elements.

One element is a redesign of the user’s profile aesthetically. This is known as “Cover”. The user profile now has a big banner image, a small mugshot, and two columns of content along the page. I like Cover a lot. It’s a much more visually appealing use of the space. Feels very modern and clean.

The other element is “Timeline.” As I understand it, Timeline works by allowing your friends to basically experience highlights of your time on Facebook by scrolling back chronologically.

Here’s their video demonstrating it:

I think Timeline in many ways represents my biggest privacy fears about Facebook. I’ve written a lot about Facebook has collapsed the spatial contexts that define social situations; now, it’s launched an assault on the chronological contexts as well. Of course, it was always possible to just click through the bottom of a user’s page to see old wall posts, or to photostalk into history. But it wasn’t this simple, and degree of difficulty means everything in this space.

I’m still trying to sort my thoughts out about this, and this blog post is as much about organizing my thoughts as anything else. But I am coming to think that there is a trend across Facebook design decisions, and that trend could be loosely characterized as follows:

In the beginning, Facebook essentially served as a platform for establishing and maintaining weak ties. Not only was the technology not nearly as advanced as it is now, but the audience – remember, limited to just college students – was also very thin. Both the simple technology and the thin potential audience meant that it was pretty difficult to collapse contexts, because the limitations of the space and audience effectively (not identically) worked like the informational constraints of the real world.

As time has gone on, both of these things have changed. One thing which has changed is the fact that Facebook is now delivered to a much broader audience. And the other thing which has changed is that the technology now supports a much deeper interaction among members of that audience.

This Wired interview with Chris Cox, Facebook VP of Product was very informative:

Cox says that instead of that brief conversation you used to get by scanning the previous version of the profile, visiting the profile will be the equivalent of going to a bar to have a long overdue five-hour soul exchange. “It’s that conversation where you play the jukebox till it runs out, the bar closes, and you walk about and say, ‘Man, that was really deep,’” he says.

But here is the thing. There are a lot of people with whom I am friends on Facebook that I would not go into a bar with five hours and bare my soul to. That is not what Facebook was historically for, and I don’t think that’s how most of its users want it to work.

Cox’s conception of Facebook is as if it were connecting a bunch of people with strong ties. And it is true that I am Facebook Friends with my very best friends in the world. But it is also true that there are 600 people with whom I am Friends that I like maintaining loose contact with but wouldn’t bare my soul to.

When you think about it this way, it’s a striking transformation. What began, by design and audience, as a social utility intended to facilitate the maintenance of weak ties has become, by design and audience, a social utility built around profound sharing with supposedly strong ties. It’s a complete overhaul of the entire social ecosystem, and a complete reversal of Facebook’s mission and role in people’s lives.

Still trying to think through all of the implications of this, and would love to hear other’s thoughts as well.


The Facebook Disease: Real Identity, Radical Transparency, and Randi Zuckerberg

by on Aug.03, 2011, under general

Via Eva Galperin for EFF:


Speaking last week on a panel discussion about social media hosted by Marie Claire magazine, [Facebook Marketing Director Randi] Zuckerberg said,

“I think anonymity on the Internet has to go away. People behave a lot better when they have their real names down. … I think people hide behind anonymity and they feel like they can say whatever they want behind closed doors.”

Let me note at the outset that Randi Zuckerberg was not completely wrong. People do tend to behave better when they have their real names – or, more specifically, their “real life” – attached to the things they say or do on the Internet.

That’s because shaming works. I don’t think that’s a controversial statement. And Facebook has gotten a lot of mileage out of shaming. They don’t call it shaming, of course. They have some fancy name for it – RealSocial or something, I forget – but Chris Kelly, the former Facebook Privacy Officer, used to talk about it all the time. Here’s him describing the policy in high-minded terms in The Facebook Effect:


We’ve been able to build what we think is a safer, more trusted version of the Internet by holding people to the consequences of their actions and requiring them to use their real identity.

So, premise: tying people’s online identities to their “real” identities will, through shaming and social norms, make them behave better, or, more precisely, more like they do “in real life.”

I don’t think anyone disputes that.

The problem is in the conclusion: that, because this premise is true, “anonymity on the Internet needs to go away.”

Eva, the author of the EFF post, already hit most of the usual (but worth reiterating!) points why the conclusion is total bullshit: because “activists living under authoritarian regimes, whistleblowers, victims of violence, abuse, and harassment, and anyone with an unpopular or dissenting point of view that can legitimately expect to be imprisoned, beat-up, or harassed for speaking out” benefit from anonymity and pseudonymity (which the Facebook policy also prohibits). It goes without saying that anyone with an elementary education – and I mean literally an elementary education, we’re talking Federalist Papers here – should be able to appreciate the importance of hiding your name in order to speak your mind. And it goes without saying that we should all be glad that Randi Zuckerberg is not part of the IETF.

But I’d like to make one other connection here.

This fetishization of onymity (yes, that is the antonym of anonymity!) is not an isolated blemish on the face of Facebook. It is but one of several symptoms of a deeply rooted disease: Facebook’s love of radical transparency.

Read danah boyd on Facebook and radical transparency before you read any more of me, but the practical upshot is that Zuckerberg – Mark this time – has said repeatedly that, basically, the world would be better off if everybody was open about everything all of the time, and that anything short of that was a “lack of integrity”.

Now, anyone who has read their boyd, Warner, Goffman, Meyrowitz, or even Jarvis (or even me) will realize how almost unbelievably dumb – or shall we say “conceptually incoherent” – this statement is. No one actually lives like that. That’s not how social norms work. That’s not how privacy works. And Zuckerberg, of course, does not himself live a radically transparent lifestyle either, or else you’d be able to see a whole lot more on his Facebook profile.

But I want to underline the fact that the Zuckerbergs are not merely wrong in their pathological obsession with radical transparency and “real identity.” They are wrong in a way which actively hurts people. Again, not to crib too heavily from boyd here, but there are reasons why things like pseudonyms and privacy settings matter. They don’t really matter to people like the Zuckerbergs – people who have money, education, protection, and prestige. They matter to the subaltern.

Think about it for literally one second. What it means to be “radically transparent”, and how it affects one’s lived experience, depends entirely on one’s position in society. More concretely: being “radically transparent” about, say, sexuality, means very different things to a straight male student and a closeted gay student in a homophobic, conservative high school context. That’s a very simplistic example, but a very powerful one. And dismissing those concerns is more than merely incorrect. It harms those who are the most vulnerable.

If you ever wondered why Facebook is one of the most hated companies in America, you can stop now. The answer is evident. It’s captained by fools – or brigands. And when (not if) the karmic collapse comes – when something finally arrives to take Facebook’s place – there will be no love lost for it.

Nor will it deserve any.

e: a Facebook employee who I know and trust sent me some thoughtful comments via email. Without quoting them in full, they boil down to: despite whatever crazy things the Zuckerbergs might say to reporters, we engineers actually spend a lot of time trying to work within the existing privacy infrastructure, and to make it better as we can.

And I believe that’s true. Facebook has actually has pretty powerful privacy settings for a long time, even if they are hidden and poorly publicized. But I don’t think (most) of the rank and file engineers at Facebook are into radical transparency. I think they are basically smart people working on a really tough and complex piece of software, and they’re trying to keep it working and keep making it better, and don’t have enough time to make grand announcements about anonymity or really set policy going forward.

I just think the fish is rotting from the head.


So Facebook Failed At Groups

by on Oct.08, 2010, under general

A few days ago I posted about the new Facebook privacy “features”.

One of them – “Groups” – Facebook had described as such:

With Groups, users can essentially partition their interactions (passive or active) with Facebook and create multiple, customized Facebook experiences. For example, a user who participates in a “neighborhood” group can – with one click – view a newsfeed that is visible only to members of that group, post status messages that only members of the group can see, and peruse a list of profiles that includes only group members. This new functionality will make it much easier for groups (lowercase “g”) of friends to keep in touch and will likely accelerate the use of Facebook as a platform for organizing everything from bake sales to protests.

And I said this seemed “inoffensive enough.”

Well –

Facebook is being battered by critics who say the popular social network made a big mistake in failing to let people opt-in by default to its new feature that lets people form private groups around a particular interest.

The controversy reached a head on Thursday when a person created a group called NAMBLA, the name for a nefarious pro-pedophile organization, and started adding friends.

One of the person’s added to the group was well-known tech blogger Michael Arrington, who in turn added Facebook Chief Executive Mark Zuckerberg, Chester Wisniewski, a senior security adviser for security firm Sophos, reported on the company’s blog.

While not actually from NAMBLA, the group was formed to make the point that Facebook was wrong in choosing to let people automatically add their “friends,” and leaving it up to the added person to opt-out of the group.

via InformationWeek.

So Facebook can’t even let users click “yes, please let my friend add me to this group” before doing it.

How can one company fail at variations on the same thing so many times?

(cynic: because it is their intent to fail)


Facebook’s ‘Google Killer’ – The Right Stuff?

by on Jul.07, 2010, under general

From AllFacebook, on a presentation by Google on a rumored new social utility:

The overall theme of the presentation was consistent: we have multiple groups and within those groups there are individuals who we have strong ties with and many more who we have weak ties with. There are also even temporary ties, like the person at the restaurant who served you food last night. While getting the system right on this is extremely difficult, the strong vs. weak ties is something that Facebook has yet to enable users to control.

If Paul Adams’ presentation is accepted as one of the primary perspectives of Google on social, perhaps the argument for Google’s new “Facebook killer” would be that there needs to be a more effective user-interface (UI) which helps users to control these various groups. Rather than dismissing it as a service for “advanced” users, perhaps the interface has simply not evolved far enough to give users the actual control that they want.

That would support the argument presented by Paul Adams in the slide below which states “If your privacy practices aren’t transparent, then you introduce doubt. Doubt leads to lower usage.” Only Facebook knows how great of an impact the latest privacy fiasco had on the company but it’s clear that Google sees this as a weakness.

If this is true, then Google has precisely the right privacy perspective to outflank Facebook on this issue. And they’re about the only company with the muscle to do it.


Facebook Knows Your Phone Number – But Who Else?

by on May.26, 2010, under general

There are many ways in which Facebook might know your phone number. The easiest (and most common) way is to give it to them, by including it in your profile so that your Facebook Friends can look it up when they need to give you a ring.

So your Friends have your number, but that makes sense – after all, they probably already had your number, or could’ve gotten it easily. And Facebook has your number, and while I don’t think it makes sense to “trust” Facebook anymore, I think users can trust in the fact that even Facebook is not so colossally stupid as to do something like sell your phone number to used car hucksters.

But who else has access to your number?

Think no one? Think again. Are you sure that only your Friends have access to your profile info?

What about those Groups and Events – you know, the ones that start “I dropped my phone in a pond, send me your numbers!” Have you posted in them? Do you know their privacy settings? Have the privacy settings changed since you posted?

The ever entertaining Tom Scott – creator of invaluable Internet entertainment such as StupidFight – has just produced the privacy equivalent of a horror film. It’s called – simply and appropriately enough – “Evil”.

As Scott explains:

This site randomly displays the private phone numbers of unsuspecting Facebook users.

There are uncountable numbers of groups on Facebook called “lost my phone!!!!! need ur numbers!!!!!” or something like that. Most of them are marked as ‘public’, or ‘visible to everyone’. A lot of folks don’t understand what that means in Facebook’s context — to Facebook, ‘everyone’ means everyone in the world, whether they’re a Facebook member or not. That includes automated programs like Evil, as well as search engines.

Evil uses the graph API to search for groups about lost phones. It picks them at random, extracts some of the phone numbers, and then shows them here.

Here is Scott’s screencast of what Evil looks like when it is working:

So what should you do? Scott says:

Go into all the “lost number” groups you’ve ever joined. Ever. Delete your posts. (You might want to try searching for your own phone number on Google, too; it might turn up in unexpected places.)

The thing to remember here is that the fault doesn’t lie with the users. That is to say, the fault doesn’t like with the users any more than someone can be faulted for stepping on what appears to be a solid deck only to have it collapse under their feet because it wasn’t built to code.

It is patently ridiculous and unreasonable to argue that all of these users wanted their cell phone numbers and names to be accessible to the entire Internet. But that’s what has happened, because of stupid, unsafe, and (indeed) “evil” design.

(h/t Ian Brown and PVN)


Some thoughts about thoughts by danah boyd on Facebook

by on May.15, 2010, under general

danah boyd – the goddess of all things social media – has had a couple of really good posts about Facebook privacy in the last few days, posts that are definitely worth reading and thinking about.

First, in “Radical Transparency”, danah brings up a really great point that had not occurred to me before: that the transparency Facebook encourages in its users does not align with the lack of transparency of Facebook’s counterintuitive design:

Over and over again, I find that people’s mental model of who can see what doesn’t match up with reality. People think “everyone” includes everyone who searches for them on Facebook. They never imagine that “everyone” includes every third party sucking up data for goddess only knows what purpose. They think that if they lock down everything in the settings that they see, that they’re completely locked down. They don’t get that their friends lists, interests, likes, primary photo, affiliations, and other content is publicly accessible.

If Facebook wanted radical transparency, they could communicate to users every single person and entity who can see their content. They could notify then when the content is accessed by a partner. They could show them who all is included in “friends-of-friends” (or at least a number of people). They hide behind lists because people’s abstractions allow them to share more. When people think “friends-of-friends” they don’t think about all of the types of people that their friends might link to; they think of the people that their friends would bring to a dinner party if they were to host it. When they think of everyone, they think of individual people who might have an interest in them, not 3rd party services who want to monetize or redistribute their data. Users have no sense of how their data is being used and Facebook is not radically transparent about what that data is used for. Quite the opposite. Convolution works. It keeps the press out.

Emphasis mine. And this is the key here. I talked a lot in Losing Face about how the counterintuitive design of Facebook stymies and waylays privacy practices by preventing people from appreciating the consequences of their actions. And danah is absolutely correct that Facebook is deceitful and unethical in demanding radical transparency of its users while not practicing it themselves.

In a followup, “Facebook is a utility; utilities get regulated”, danah points out that Facebook markets itself as a social utility and IS a utility in the most basic sense of the term, but that we regulate utilities precisely because they wield such control over our lives:

Your gut reaction might be to tell me that Facebook is not a utility. You’re wrong. People’s language reflects that people are depending on Facebook just like they depended on the Internet a decade ago. Facebook may not be at the scale of the Internet (or the Internet at the scale of electricity), but that doesn’t mean that it’s not angling to be a utility or quickly becoming one. Don’t forget: we spent how many years being told that the Internet wasn’t a utility, wasn’t a necessity… now we’re spending what kind of money trying to get universal broadband out there without pissing off the monopolistic beasts because we like to pretend that choice and utility can sit easily together. And because we’re afraid to regulate.

If Facebook is a utility – and I strongly believe it is – the handful of people who are building cabins in the woods to get away from the evil utility companies are irrelevant in light of all of the people who will suck up and deal with the utility to live in the city. This is going to come down to regulation, whether we like it or not.

Emphasis mine, again. This is another point I discuss in “Losing Face” – Facebook is anticompetitive. Social network sites are complementary, not substitute, services. The network effects are keeping people there, not the quality of the service, and that’s the functional (if not legal) definition of a monopoly.

As a historical footnote, this question (of whether Facebook is a monopoly) was the first thing Ethan Katsh (my thesis advisor) and I talked about doing for the thesis project that eventually ended up being “Saving Face.” We ended up deciding to do privacy rather than monopoly because when the Friends Lists came out I thought it would be cool to explore the idea of contextual integrity and Friends Lists. It obviously expanded from there, and I think it’s gone interesting places, and I’m very proud.

But frankly, the monopoly question may end up being the really important question in the long one. And it may be our best hope.


Grimmelmann and Privacy as Product Safety

by on Mar.03, 2010, under general

I’ve been pretty haggard with work lately, so I’m a bit late on this, but James Grimmelmann has written a great paper called “Privacy as Product Safety”, to be published in the Widener Law Journal. It’s an adaptation of his “Myths of Privacy on Facebook”, and it’s quite good.

In his “Saving Facebook”, Grimmelmann explained the “social dynamics” of privacy problems on Facebook. He canvassed the social science literature to explain how and why people used Facebook, and what their behavior could tell us about proper regulation and privacy protections.

But in this article, he’s honing in on what I’ll call the “design dynamics” that he explored in his first article – that is, how the design of Facebook (or other such services) relates to its privacy problems. This idea isn’t new – he calls them “privacy lurches” in Saving Facebook, and they’re somewhat the focus of my “Losing Face” – but what is really great about this article is how Grimmelmann maps product liability law onto the scaffold of social network sites.

For example, on Google Buzz:

“Buzz as a whole is a powerful, possibly revolutionary product—but it also launched with a serious design defect. Just as an otherwise-useful buzzsaw is still unreasonably dangerous to life and limb if it sports a flimsy handle, the auto-add feature made the otherwise-useful Buzz unreasonably dangerous to privacy.”

In “Losing Face”, I mostly gave up on law as a tool to fix the defective designs of social network sites. I’m interested, and excited, by Grimmelmann’s effort to adapt liability law to achieve an admirable end.