Chris Peterson

In “Losing Face” I mention the technology of “privacy mirrors”, a concept which has been developed in the HCI literature over the last decade or so. Briefly put, a “privacy mirror” works just like a real mirror – by reflecting how your profile/data/etc appear to others.

There are two great privacy mirrors now available for Facebook users.

The first is Facebook’s ViewAs functionality, which has been available for some time but has been refined recently. It allows you to assume the “mask” of any Friend and see how they see your profile.

The second, by Berkeley student Ka-Ping Yee, doesn’t have a name, but it does the same thing for your open graph. Type in your username and this tool will show you all of the data that are available to everyone on the web with the new change. Most people will want to look closely at their Likes, Status Updates, and Photos, since they tend to get pretty squirrely.

Good luck!

The EFF had a good article up the other day about the new “Community Pages” functionality that was announced in a recent blog post. It’s a bit complex, but the upshot is that from now on, whenever you “Like” a Page (because “Becoming a Fan” is too involved and procedurally onerous for Facebookers), your “Liking” of that page is totally public.

Facebook has, in other words, restricted your privacy to your sphere, and redefined the sphere as being your profile. They say this in a way that sounds nice and community-centric:

Community Pages are a new type of Facebook Page dedicated to a topic or experience that is owned collectively by the community connected to it…Keep in mind that Facebook Pages you connect to are public. You can control which friends are able to see connections listed on your profile, but you may still show up on Pages you’re connected to.

But this is largely a way of reframing a loss of control such that users don’t even know they’ve lost what they once had the ability to control. Even the shills (and I say that with love) at AllFacebook recognize this as “New, Half-Functional Privacy Settings.”

That’s annoying – I went through and “Unliked” all of the Pages of which I had previously become a Fan – but not totally debilitating.

Today, though, Master Zuckerberg posted an update – with the anthematic title of “Building the Social Web Together” – outlining the new “Open Graph” initiative Facebook is undertaking.

Open Graph will allow website partners to detect your Facebook information and relate the data on their site to your social network. So, for example, if you are reading an article on CNN, you can see which of your other friends have also Shared that article, like this example from WaPo:

If it seems a little like Beacon, that’s because…it seems a little like Beacon, except somewhat the mirror-image. Rather than tracking what you do on other websites and importing it in to Facebook, Facebook is tracking what you do in Facebook (and, by extension, on other sites) and exporting it to other sites.

Now, it’s not yet clear what the extent of this will be. It could be that this only exports links you’ve shared, in which case it’s less offensive – after all, they’re simply locating your action (sharing content) with the content more directly, which can be a nice service, and may add some serendipity to the web.

It potentially gets scary pretty quickly, however. What if you simply read an article or access a webpage? And, potentially more subversively, how closely will the Open Graph respect the convoluted (and in many cases multilayered) privacy preferences of Facebook?

This is a question I myself just emailed to Facebook:

Hi –

I’m in need of clarification on the new Social Graph:

So suppose I go to CNN.com, and I share a link on Facebook.

Now, I’ve set up my privacy preferences carefully. I know that my friend Alice, who is on my “Trusted Friends” Friends List and can see my wall, can see that I have shared that link on Facebook.

And I know – or at least hope – that complete stranger Bob CANNOT see that I have shared that link – I’ll be one of the anonymous number of people who shared it.

The question I have, though, is about Carl. I’m Facebook friends with Carl, but he’s on my “Scrubbed” Friends List. Carl can’t see anything on my Facebook – no pictures, no video, and definitely no wall or status updates.

If Carl goes to CNN, would Carl see me as being one of the people who has shared the website? On the one hand, I am his friend; on the other hand, he can’t see my status updates on Facebook.

In other words, does the new Social Graph functionality respect the Friends Lists or only Friendship/NotFriendship?

Thanks. This is very important to me and the answer will affect whether I (and I imagine others) will continue to use Facebook (or at least its social functionalities).

I hope that whatever answer I (do not expect to) receive will tell me that they respect Friends Lists. If not, I don’t think I will be able to continue to share links or content through Facebook, because there will be no way for me to differentiate between my social contexts outside of the Facebook environment. If that happens, it will remove tremendous utility for me, and I expect many others as well.

Which brings me to my next point – why am I still using Facebook? I’m wearying of it. Every time something new is introduced, I find that I have to go through great lengths to reestablish my environmental equilibrium, if indeed I can at all. I can’t be the only person who feels this way: trapped between the network effects of Facebook and the concern that it’s leading you down the garden path to privacy catastrophe.

Something’s got to give.

Via AllFacebook:

While you may never have signed up for a specific site, Facebook may begin giving away some of your data without your permission according to a new privacy policy change the company is considering. While it may not be a Beacon fiasco yet, it’s a similar idea. As the company writes, “In the proposed privacy policy, we’ve also explained the possibility of working with some partner websites that we pre-approve to offer a more personalized experience at the moment you visit the site.”

…

Granted, we are not totally clear about the instances in which Facebook will share your information, but it’s pretty clear that this is another sort of “opt-out” feature that led to a heated privacy debate years ago. In addition to potentially sharing your data with participating sites the moment you visit them, Facebook is announcing some other privacy changes, including a previous emphasis on adding “a location to something you post.”

So it’s Beacon, except launched with a savvier approach to avoid the Beacon backlash.

I’ve met profoundly deaf people who are more on pitch than the Facebook privacy people.

(Apologies for the alliteration. The sad truth is that I once attended a session at the NEYWC run by a senior Sports Illustrated editor. When he reviewed my journalism samples he told me that, whatever other weaknesses my style might have, it was refreshing free of the tropes that had haunted his early writing, mainly alliteration, bad puns, and catchy clauses jammed into sentences where they didn’t belong. He then gave me a sample of that bad writing so as to not emulate it. And I’ve been writing like that ever since).

(Anyway,)

Via James Grimmelmann, the tragic story of yet another individual who found himself tripped up by the confusing design of Google Buzz.

Except, in this case, the individual was Andrew McLaughlin, i.e. the Deputy Head of Internet Policy for the White House and former Head of Global Public Policy for Google itself.

Quote:

Maybe Mr. McLaughlin needs to read Grimmelmann’s Privacy as Product Safety so he can get to regulating his former employer!

edit: immediately after hitting submit I saw this blog post from Google Public Policy about the changes they made to Buzz. Good. But not good enough.

I’ve been pretty haggard with work lately, so I’m a bit late on this, but James Grimmelmann has written a great paper called “Privacy as Product Safety”, to be published in the Widener Law Journal. It’s an adaptation of his “Myths of Privacy on Facebook”, and it’s quite good.

In his “Saving Facebook”, Grimmelmann explained the “social dynamics” of privacy problems on Facebook. He canvassed the social science literature to explain how and why people used Facebook, and what their behavior could tell us about proper regulation and privacy protections.

But in this article, he’s honing in on what I’ll call the “design dynamics” that he explored in his first article – that is, how the design of Facebook (or other such services) relates to its privacy problems. This idea isn’t new – he calls them “privacy lurches” in Saving Facebook, and they’re somewhat the focus of my “Losing Face” – but what is really great about this article is how Grimmelmann maps product liability law onto the scaffold of social network sites.

For example, on Google Buzz:

“Buzz as a whole is a powerful, possibly revolutionary product—but it also launched with a serious design defect. Just as an otherwise-useful buzzsaw is still unreasonably dangerous to life and limb if it sports a flimsy handle, the auto-add feature made the otherwise-useful Buzz unreasonably dangerous to privacy.”

In “Losing Face”, I mostly gave up on law as a tool to fix the defective designs of social network sites. I’m interested, and excited, by Grimmelmann’s effort to adapt liability law to achieve an admirable end.

Yesterday, I submitted Losing Face: An Environmental Analysis of Privacy on Facebook to a variety of science and technology law reviews. Its abstract is as follows:

This Article contributes to the ongoing conversation about privacy on social network sites. Adopting Facebook as its primary example, it reviews behavioral data and case studies of privacy problems in an attempt to understand user experiences. The Article fills a crucial gap in the literature by conducting the first extensive analysis of the informational and decisional environment of Facebook. Privacy and the environment are inextricably linked: the practice of the former depends upon the dynamics and heuristics of the latter.

The Article explores possible interventions. It explains how regulatory solutions and market forces are themselves hindered by the the deficient privacy environment of Facebook and can’t solve all of its problems. This Article recommends renovating the design of Facebook to privilege privacy practices and proposes specific interventions drawn from the computer science and behavioral economics literature. It concludes with a message of cautious optimism for the emerging coalition of engineers, academics, and practitioners who care about privacy on networked publics.

The Article is a heavily revised adaptation of the thesis I conducted for Ethan Katsh and Alan Gaitenby at the University of Massachusetts, Amherst. If you’ve read my thesis (entitled “Saving Face”; title changed to avoid confusion with James Grimmelmann’s excellent Saving Facebook, recently published in the Iowa Law Review), then you’re familiar with the broad contours of the idea.

Losing Face, however, has been both greatly refined in its argumentation and noticeably reworked in its format (bah Bluebook) over the last year or so. I received invaluable feedback and assistance over the last from many people during this drafting process, including Helen Nissenbaum, researchers and interns at the Berkman Center for Internet and Society, but most indispensably James Grimmelmann, who helped me navigate the convoluted and mystified norms and logistics of the publication process.

I’ve posted a copy of the Article here and on BePress for further comment while it wends its merry way through the editorial process. This is a draft only, and should not be used for citation. I’ve endeavored to make all references as clear as possible, though some are not as clear as they will be in the final version because I haven’t nailed down all the infras and supras yet. If you have any questions, comments, or concerns about Losing Face, please feel free to drop a comment here or shoot me an email.

Marshall Kirkpatrick of ReadWriteWeb (syndicated to the New York Times) had a great article about Facebook privacy today that incorporated some stuff from my thesis/working paper. Marshall was nice enough to contact me before he ran the article to ask what I thought about the new Facebook Publisher.

Basically, Facebook is introducing a new Publisher that gives people easier access to (and more granularity over) what they publish to whom. While I don’t have access to the new Publisher yet, here’s what I told Marshall yesterday:

(continue reading…)

Sorry, I couldn’t resist.

Professor James Grimmelmann of New York Law School was kind enough to give my Facebook working paper a shoutout on his blog. In case you haven’t read it, his article on Facebook and the Social Dynamics of Privacy (forthcoming in the Iowa Law Review) is probably the best work done in this field thus far.

He’s a swell guy who has been very helpful orienting me in academic space and teaching me fun new words like desuetude, which is really the point of an intellectual mentor anyway.