?

Log in

No account? Create an account
Trevor Stone's Journal
Those who can, do. The rest hyperlink.
Reasonable Expectation of Privacy Stability 
24th-Apr-2010 10:27 pm
bad decision dinosaur
Facebook announced this week that when you visit Pandora for the first time, they'll hand over all of your friend information so Pandora can set up your station with music your friends like. This is the sort of "What were they thinking!?!" news I hear about Facebook every six months or so. The frequency of such moments is the main reason I don't have an account on Facebook. For the most part, Facebook's march toward making all your social information public wouldn't be a big deal if it had started that way. Nobody gets upset about Twitter followers or LiveJournal friends being public because they've always been that way. But when people provide information on the assumption it's private and then all of a sudden it's public, they tend to feel betrayed.

Tech Crunch included a screen shot of my Buzz post referencing that link in an article about Google engineers concerned about Facebook privacy. I don't know if they also write stories about Microsoft employees blogging about iPhones or Qwest employees tweeting about their Sprint service or Subway employees declaring the Double Down is gross.

On the other hand, Facebook made some positive announcements at f8 (is their conference really pronounced "fate?"). With Open Graph, you'll be able to build a social network out of pieces that aren't all housed in one place. So if you decide you don't like Facebook, you can move to a different site, but people can still "friend you." And you can add a little HTML to your blog and then someone can "like" it on Facebook or any other site supporting Open Graph.

The following is a Slashdot comment I posted in response to the assertion
once something hits the internet its out there, no privacy promise by a huge corporation is going to protect it.

BS. People send millions upon millions of email messages a day and have a reasonable expectation that their email providers and any SMTP hops along the way are going to keep them private. If a webmail provider suddenly decided that everyone's email address and all the addresses of all their contacts were to be public (unless you opt out), that would rightly be perceived as bad behavior and a violation of users' sensible assumptions. The path of least resistance opt-in flow for Google Buzz had the end result of publicly listing the names of some of folks frequent contacts (who'd also opted in). It created a big uproar and Google quickly changed the wording to make it clearer what would be public and how to keep it private.

I access my banking records through the Internet on a regular basis. I use this convenient system instead of paper and phone calls precisely because I trust the privacy promise provided by my bank. A bank that suddenly decided to make everyone's financial information available to the world on the web by default would quickly lose a lot of customers and get a big fine from the regulators. I don't think we need a Federal Department of Regulating Facebook, but I do think we have a right to expect companies to stick to their privacy promises and suffer customer-based consequences if they fail to live up to them.

One thing The Cloud can do better is give users control of their data. Google's Data Liberation Front is a good model: If a user decides they don't want to use a cloud provider's services for whatever reason, it should be easy to get all their data out of that company's control and import it in to a different cloud provider (if desired). Take it a step further: As a user of service A, I should be able to select certain information to share privately with my friend who uses service B. Like telephone companies and the post office, the service providers should transmit and present that information, but they should have no option to change the parties who can see it.


Caveat: Court orders and other legal actions can force a provider to reveal private information without the approval of that information's owner. This is true of banks, cloud providers, and internal IT departments. So yes, if you're planning an elaborate murder scheme on the Internet, don't assume it will only be seen by your co-conspirators. But if you're closeted at work and out to your friends, you have a right to expect your social network won't suddenly decide to make "Orientation: Gay" the first thing people see when they Google your name.
This page was loaded May 23rd 2018, 10:49 pm GMT.