Slashdot Mirror
A Contrarian Stance On Facebook and Privacy
macslocum writes "Amid the uproar over Facebook's privacy maneuvers, Tim O'Reilly offers a contrarian view. He writes: 'The essence of my argument is that there's enormous advantage for users in giving up some privacy online and that we need to be exploring the boundary conditions — asking ourselves when is it good for users, and when is it bad, to reveal their personal information. I'd rather have entrepreneurs making high-profile mistakes about those boundaries, and then correcting them, than silently avoiding controversy while quietly taking advantage of public ignorance of the subject, or avoiding a potentially contentious area of innovation because they are afraid of backlash. It's easy to say that this should always be the user's choice, but entrepreneurs from Steve Jobs to Mark Zuckerberg are in the business of discovering things that users don't already know that they will want, and sometimes we only find the right balance by pushing too far, and then recovering.'"
Facebook has confirmed it is working on more changes to its privacy policy in response to feedback from users.
In other words, the end users should be the guinea pigs in a social experiment? I don't think so...
It's easy to say that this should always be the user's choice, but entrepreneurs from Steve Jobs to Mark Zuckerberg are in the business of discovering things that users don't already know that they will want, and sometimes we only find the right balance by pushing too far, and then recovering.
That's an OK philosophy for developing a product, but when it comes to personal data and privacy, once it's "out there on the internet" (either publicly or for sale by companies who sell to the internet), there's no getting the genie back in the bottle.
There is no recovering when it comes to personal data on the internet.
He uses the example of how we give up our location for turn by turn GPS directions. But the difference there is that we're sharing our location with the company giving us directions, not the company, it's partners, it's advertisers, the whole internet and the guy named Moe on the corner of a dark alley.
And when we decide who we want to share data with, we dont want the company just deciding since it's Tuesday they can change their policy and go ahead and share^H^H^H sell our info anyways.
meep
"Don't tread on me"
So in your opinion, there's no such thing as private communication (because communication is shared with at least one other person by definition), and it's no problem if governments or corporations listen in on phone calls, e-mails or other kinds of communication?
I'd rather you rationally disagree than irrationally agree.
First of all, security is not a destination, it's a process. You can never reach a destination called "security". Privacy is the same type of thing. You can never achieve privacy, only increase it, or decrease it. It's always a multi-point balancing system where things like ease of access, functionality, and popularity, among others, are balanced in regards to how they increase or decrease privacy.
Sure, I might be loosing a bit of privacy using Facebook, but really, none of the information that I post there is anything I would be afraid or ashamed of handing out flyers containing that same info on a street corner. If you are putting your phone number up on it, it is just like having a listed phone number in the phone book. Same goes for your address. Ever posted a resume to a job listing site? All of your employment history is there.
This is not to say that Facebook is blameless, but like any public forum, treat the information you post there as if you were putting it up on a clear and open page on the internet that anyone can read or find in a simple Google search, and you will preserve an important amount of privacy.
ttyl
Farrell
CAN-CON 2019 - Ottawa's only book oriented Science Fiction Convention! October 18-20, Sheraton Hotel, Ottawa, Canada h
Tim O'Reilly is O'Reilly Press... which also has an enormous online presence. People comment based on their perspective. What would be the impact of better privacy to an online business like O'Reilly Press? Would it be better for Tim's business if there were less privacy?
-- I ignore anonymous replies to my comments and postings.
So here it is:
1. Users do not know the boundary conditions until someone's privacy has been abused - if they're paying attention and understand the issue.
2. At that point in time, most users will have already shared too much - and once their privacy has been breached/sold, there's no undo button.
3. Users have to spend time demanding their privacy rights which may or may not be given.
4. We don't need to research where the boundary conditions are because once you know who's likely to access what information, it's not that complicated.
The only question here is whether Facebook et al have a duty of care to their users. Morally they do, legally they generally don't and, financially, they're best of selling as much as they can get away with.
Witness the clash, and hopefully the prelude to the exodus. If Google had their act together, they could clean up. Perhaps it's a good thing they don't.
The essence of my argument is that there's enormous advantage for us, when users are giving up some privacy online
There, fixed that for him
The day they started requiring real names was the day I left. No fucking way I am trusting FB with that when I won't even trust Slashdot with that. I have never used my real name even once online on any form, website or registration; well except for financial transactions but the point is I'm not going to change.
Facebook is a placeholder for whatever allows people to do what its doing as anonymously as they wish and will be here shortly, its already about as loathed as MySpace was when it started losing 5% market share a month.
An Education is the Font of All Liberty
You can't see someone's micropenis AND what he's doing, including the shit-smeared back of what he's doing. I call bullshit.
.
That's fine but, don't force the loss of privacy who do not want to be subject to that loss of privacy.
For example, I use a "frequent shopper" card at my supermarket. I give up some privacy in using it, but I still use it because I like the benefit of doing so.
On Facebook, when I give up my privacy, I see little benefit, and a lot of downside.
Facebook needs to allow its users to set the level of privacy they are comfortable with, and stop allowing third party access to private information without the users' consent.
Similarly, anonymity was unique to the 20th century. In the 19th century, due to transportation constraints, everyone knew who you were and what you did. Welcome to Facebook and the 21st century.
My expanded list is as follows (and apologies -- I don't recall which of mine are original, but I believe the original Slashdot comment listed only three examples):
The issue with their experimentation, is that they change the privacy settings of a person to be more open. Any changes should be an opt-in and not an after-the-fact opt-out. Finding those settings is to change them back is also difficult. It should be easy to set one's privacy settings and to know what is open and what is not. I am all for responsible experimentation that allows me to make informed choices about my privacy.
[X] I like my rights to control my own data, you insensitive clod!
Yep, that's one of the bullshit argument types - it's not a question of one extreme or the other. Hopefully, people are smart enough now to name it and shame it when someone tries this crap.
It's about:
"giving up some privacy online and that we need to be exploring the boundary conditions"
In the real web 2.0 world you face spooks, army intel, gov workers, politicians, state and federal informants and corporate types.
What do they have in common in many parts of the world?
Your online blog can make your life difficult, end in a shallow grave ect. after simple web 2.0 online comments.
Much of the "web 2.0" is crawling with gov types trying to join different activist groups long term or make up their monthly arrest quotas.
Entrepreneurs will always sell your data for profit, pride, faith, patriotism or access.
So when US entrepreneurs make high-profile data handling mistakes it can have interesting flow on results.
Domestic spying is now "Benign Information Gathering"
> there's enormous advantage for users in giving up some privacy online and that we need to be exploring the boundary conditions -- asking ourselves when is it good for users, and when is it bad, to reveal their personal information
For some reason I suspect that this guy would not be so cool about "giving up some privacy" if the proposition came from the Department of Homeland Security.
Seriously, it's a dangerous path and being edgy, 3.0 and Apple-ish does not make it right.
lucm, indeed.
In politics, there is something referred to as the "Overton Window". Essentially, the range of policy positions that are considered "serious", "practical", "respectable", etc. This doesn't mean that everything in the window has a chance of being executed(the opposition party(s) for instance, are virtually always inside this window, and they often don't get what they want); but anything outside the window doesn't even need to be argued against. It can simply be dismissed as "extreme", "unrealistic", "out-of-touch", and so forth.
However, groups outside of the window, while they cannot get what they want(under the political process, nothing stopping them from just shooting some people), do have the effect of gradually pushing the window in one direction or another. I'm not sure whether this happens because people use frequency of hearing an opinion as a heuristic for its popularity, or because having an extremist to point to allows former extremists to claim moderate credentials: "No, my plan to privatize virtually every state function I can is wholly reasonable. Look at those crazy libertarians... Now there is extreme." "No, I just support solid common sense and common decency to our fellow citizens, I'm not a wacko like those communists."
In the case of "online privacy"(such as it is), Facebook's little two-steps-forward-one-step-back-I-apologize-to-anyone-who-was-offended game is playing out an essentially similar dynamic. Every time they do something extreme, the new "moderate" position they "retreat" to is just a little bit further in the direction they want. They aren't just feeling out public opinion, they are working to shape it.
There's a difference with creating a product which fails in the market and causing, in some cases, irreparable damage to someone's life as part of your market experiment. I hate this business attitude which cares more about shifting paradigms than professional ethics in regards to stockholders.
...you have nothing to worry about, right?
Until, of course, people start thinking you are up to no good because you don't want to participate in Facebook. I'm already getting some static from people since I closed my account. Fuck that noise, and fuck that way of thinking, but people are becoming more willing to give up freedom for the sense of protection from 'bad people' and privacy for convenience. It's pretty sad.
Blar.
I think everyone agrees that it is okay for some spaces to be public. No one moans about Twitter basically being a free for all. We, on the other hand, would be pissed if our personal instant messaging, e-mail, or private conversations were shoved out into the world. The issue with Facebook is that as it was originally presented, it was an in club for you and your friends. It was a way of posting to a limited circle of people that YOU chose. What has made the changes in Facebook so utterly distressing is that it has rapidly switched to something more "twitter" like in that by default it spews info on you to anyone who looks.
I didn't join Facebook to meet people or advertise myself. Facebook was a centralized place to post pictures of funneling a beer while dressed as a chick for Halloween. Now, due to its utterly arcane and cryptic privacy settings and tendency to opt you in to sharing more, you need to treat it like any other public information on yourself. That is to say that instead of behaving as you do around friends, you need to be as private as you might be at a meeting in work. That, at least for me, is the truly upsetting thing about the changes to Facebook.
I can live with it. I have no trust in Facebook's ability to keep my information confined to my friends. So, I have more or less nuked my profile and made Facebook a glorified address book. If that is how they want to run their business, more power to them, but I have little desire to participate. That said, it is a shame. A unique company that offered a truly innovative way to keep in contact with friends has turned themselves into a glorified address book. Hell, my LinkIn profile is more exciting than my Facebook these days. Eh, no loss. I am sure something else is one the Horizon. Giants falls. Facebook is going to go the way of AOL and MySpace. The tech elite will find the "new" thing and jump to that. They might keep their Facebook profile in the same way I theoretically have a MySpace page rotting on the Internet, but it will fall into disuse. The early adopters of Silicon Valley and Austin will jump first. The second wave of tech savvy will follow and let their Facebook pages rot. By the time mom, dad, and grandma show up I am sure the new thing will be dooming itself and the search will be on.
If there is one wonderful thing about the Internet, it is that creative destruction happens at lightening pace. Facebook is at or has nearly reached its full AOL/MySpace bloat. Time to let that part of the Internet begin its inevitable rot and find something new.
he is asking people to think? That will work.
comment first, facts later. http://chem.tufts.edu/AnswersInScience/RelativityofWrong.htm
To me, he's right. There is a trade off between convenience and privacy, and I'm okay with that. What I am not okay with is changing the rules once you've got my content, just to benefit yourself.
It should be a law (or something), that privacy options cannot be changed without your consent. Hell, I can even be bribed - you can sell my data, but I get a cut.
Let's go through this guy's arguments.
Facebook's privacy policy is at best a distraction, since it only says how other users can access your data, not Facebook itself. They still reserve the right to "bulk out" your profile by using it as the basis for web searches, and if they get this wrong there's no comeback or method where a user can even see their own profile. Someday soon, Facebook will be sold to someone else who is willing to use that data to maximise their profits, and no-one who has "agreed" to their terms will be able to do anything about it. Enjoy the fun while it lasts...
May Diaspora be successful! This social networking platform is the answer to Facebook's contentious privacy policy. I am going to vote with my wallet, not sit here and complain about that which I cannot really change.
I have no problem with giving up some privacy... as long as I get to choose.
The problem with Facebook is that if you put your information in there, they unilaterally and unpredictably disclose it to others.
Often, they seem to do that in a way that I do not benefit from, but that actually endangers me.
You can not expect to take part in an online social networking site without ceding some bit of privacy. Otherwise, the "social networking" part of the deal is void (sociableness and privacy are antonyms, fwiw). Likewise, while the services may be provided to users free of monetary charges, there is a price to be paid, and that is privacy. Just because we don't have to break out our wallets to support these sites doesn't mean that someone doesn't have to. If Facebook can't make money off their users, they can't pay their bills. It's really that simple. In this respect, I agree with a small part of the article: we do need to expect, and accept, a certain amount of openness.
That said, we should expect the same from Facebook. It is our data after all, and Facebook has no business if it has no users. They should warn users well in advance of any changes that may affect privacy and provide clear tools to edit how our data is (or isn't) used. By default, security setting should be more restrictive. I shouldn't have to worry about my friends' privacy settings. I shouldn't have to worry about personally identifying information being leaked without my permission. In these respects, Facebook has failed miserably and it is not something that we should simply accept for the sake of innovation.
"`Ford, you're turning into a penguin. Stop it.'" -Douglas Adams, THHGTTG
Your bullshit will only make sense the day you have a Facebook profile, with all the bells and whistles their regular dumbass users have. You know, face tagging and stuff, the works. I'll be on your side the day the first average Joe makes his first buck on data mined from YOUR profile.
"Do not post anything online you wouldn't want your mother, your boss, or your worst enemy to know."
Actually I am a lab rat in an elaborate plot to take over the world.
I don't care if they monetize which obscure pop song I quote in my status or have a record of an occasional flame war with old friends who have emerged from the decades across some political divide. (I probably shouldn't have posted my SS # as a status however ...)
What I find strange is the lack of certain kinds of innovation on the popular sites.
For instance ... ahem ... does Slashdot redirect for webkit? Doesn't seem to from my phone. What's up with that (flame away with instructions as I haven't looked around). Facebook's interface and aggregation pipeline are making my friends seem more boring than they actually are. Why are they stuck with the browser based Twitter model? Why do I get the feeling Google's biding their time and going to crush Facebook with something new and obvious?
Physics is like sex: sure, it may give some practical results, but that's not why we do it.
Facebook management has a long history of flouting User Privacy concerns and then want the firestorm gets' large, they back off.. the issue is the long history of repeatedly doing this.. clearly the only thing they have learned is that if they make a mistake they can apologize for it later...
http://www.hawknest.com/
Since 1999, U.S. military and intelligence agencies have demonstrated http://www.slate.com/id/2136480 that once data is "out there on the internet" it is still possible to put the genie back in the bottle.
When the volume of released data is large enough, at least some (decreasing over time) portion will remain unreplicated and able to be put "back in the bottle".
And if you think you're interested in keeping your private data off the net just imagine how interested the CIA was in keeping their official lies off the net.
By way of extra lesson value, this example dmeonstrates why it is dangerous to share private data with "Friends of Friends" or pseudo-friends.
Why isn't Facebook and all the companies that are buying my information?
"there's enormous advantage for users in giving up some privacy online"
Oh is there?
Like becoming a target from your own domain information perhaps?
Maybe the fact you want to buy handbags and sex dolls when you logon eBay?
Or maybe it's better to be locked out of a support forum for complaining.
Whistleblowing? Blow me O Reilly.
I'd call you an idiot, sadly your not, perhaps the more accurate word is fascist? I also won't every buy your books again. (yes I do have a few)
Fuck the status quo, they're all clowns.
I don't believe guys like Tim ARE missing these points! Why? Because that requires me to believe that what they post is their belief, their whole belief, and nothing but their belief!
I don't believe that anymore!
I believe they are posting *strategic* comments like a cosmic Go game. "Put a dot there to make a presence in That-Space of conception."
Try spending a day surfing with the axiom that the authors of these blogs believe *none* of what they post, but do it for any of 10 rewards - traffic, controversy, "make aggressive moves and let the users yell, until they are tired and miss one..."
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
how could anyone be foolish enough to expect privacy on the medium that spread ascii art porn and slash fiction of picard cornholing data.
Wait until you lose a database with millions of SSN's and credit card numbers and start getting sued to the point of bankruptcy. At that point your rubber band is going to play the "snap song" right up into your face, where it's well deserved for being such a prick.
Imagine a future where you post something on your own website, it angers someone, they do a domain lookup, find your address, name etc. and burn your house down with you inside. Or just kick your ass one day out of the blue, home invasion.
"....we need to be exploring the boundary conditions -- asking ourselves when is it good for users, and when is it bad, to reveal their personal information....."
Wrong. Dead wrong. What we need to be exploring is how to make it easy for users to delete information about themselves they want to delete, and delete it permanently. And how to make it easy to keep private what they want kept private.
What we think is good for users is neither here nor there.
Yes, brand-new issue
Lets also just forget that the guy stole source code on many occasions, and that the guy in general is just a prick.
Yes, lets forget all these things, and pretend problems just started like, yesterday. We were all born yesterday anyway, right?
The simple, bottom-line with privacy is that you ask first and make it very clear to people if you are changing things, and confirm that they're OK.
My Google Maps has a latitude option. I don't want to use it. If I accidentally press it, Google kindly points out that I'll be sharing data and would I like to confirm. No, I don't.
There's nothing old world or new world about this. It's just about common courtesy and treating people right.
When he says:-
The world is changing. We give up more and more of our privacy online in exchange for undoubted benefits. We give up our location in order to get turn by turn directions on our phone; we give up our payment history in return for discounts or reward points; we give up our images to security cameras equipped with increasingly sophisticated machine learning technology. As medical records go online, we'll increase both the potential and the risks of having private information used and misused.
well...
. - but there's stuff on there that I'll happily share with friends but don't want the world to know, like my cell phone number. If you can't keep that category of information private from every Tom, Dick, and Harry, then what's the use of the internet?
There, fixed that for you. Hmmm...doesn't seem so sensible now does it? This gets spouted all the time about 'I only put stuff up for my friends and family'..IT'S THE FLIPPING INTERNET! It's not your friend's and family's personal data site, it's a publicly accessible network. Sheesh!
You can't have it all ways, you either want privacy or you don't. If the former, then don't put ANYTHING up on the internet otherwise stop complaining when a publicly accessible network suddenly opens your information to the... errr... Public.
Don't be so naive.
Having recently read your piece on exploring the boundary conditions of privacy, I have come to agree with your stance that it is better for internet services to push users to far and then recover, than to just say that matters of privacy should be the user's choice. But my thought is, why limit that to personal privacy? I have some other suggestions for irreversible actions that companies could experiment with without their users' consent or foreknowledge, in order to test them out and discover the value they add:
1. Facebook and other online companies could cut off customers' toes
2. Google employees could sneak into users' beds and have sex with their spouses when the users in question get up to use the bathroom
3. Microsoft could publish customers' credit card and bank account numbers
I think it is vital to see what value these and similar actions could create by conducting an experiment, and if the experiment fails, then at least we will know that these are bad ideas. Furthermore, customers who object to these policies could always opt-out, and protest, and these protests will hopefully lead to changes. On the other hand, who knows, users might end up liking these changes, which we will never know unless we try! Of course, all of these are potentially dangerous to the user, but let's not treat them as a third rail, pillorying any company that makes a mistake with user safety. I hope you will consider including these recommendations in your next article.
Best Regards,
fishexe (slashdot user 168879)
"I don't care about the Constitution!" --Bill O'Reilly, November 17, 2009
Facebook is perfectly ok to change default privacy settings. But only for new user accounts. Prior users should be able to trust that their privacy is the same as before, in effect be grandfathered in the system, no matter what changes.
What Facebook is doing is wrong; long-time user accounts have information that was promised to be private. Facebook was built on the promise made in the past that certain information would only be shared with friends, not with the world, and not with 3rd party apps. That is constantly being changed and violated. Current user accounts should always have the same privacy level that was promised when they joined.
The social experimentation "cutting edge" is also fine, and is a good point. There are plenty of new users (and prior users) who are fine with lack of privacy; and that's great! It should be enough to develop new services. If I want a new service I might migrate my account.
There is no reason to break promises to the current user accounts of Facebook, let them keep their privacy, maybe give them a choice of "upgrading their accounts". To say that you should never put private information on Facebook is correct now, but it wasn't such a truism years ago.
Has anyone been following the Facebook case between Zuckerberg and the founders? I don't have a Facebook (I've always been turned off by the privacy policies of social networking websites), and I don't know all the facts in the case yet, but I found the situation very intriguing after reading this article:
http://venturebeat.com/2010/05/19/facebook-connectu-securities-fraud
The Harvard students suing Zuckerberg/Facebook are the founders. Zuckerberg clearly owed them a fiduciary duty, or at least full disclosure under the securities law Rule 10b(5). I'll try to dig up the text of the rule and sec. 10b(5) of the Securities & Exchange Act of 1934 later, but the text of it is something that I would expect attorneys -- especially Zuckerberg's attorneys -- to know by heart.
If Zuckerberg comes under 10(b)5, then he has big problems... bigger than the privacy complaints he is presently dealing with.
Some might suggest its more like saying: Oops, I'm sorry I didn't know you wouldn't appreciate me kissing you at the end of the date. Oh well, I guess now I've tested that premise.
Clearly not all behaviors cane be excused in the name of "real world testing", but some behaviors are situationally appropriate/inappropriate and real world testing can be (more-or-less) excused when it is unclear as to which side of the line the current situation falls on.
Check out this overview how privacy eroded over the years through Facebook with a nice interactive diagram.
I think we can think about a new word here ..
deprivacy
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
If FaceBook was up front about its privacy policy, i'd be fine with them sharing information...but the fact is, they pulled a bait-and-switch by first promising privacy, then significantly altering the terms of the agreement under which i'd signed up to allow for wholesale sharing of my information. It's this underhandedness that i, and many others, abhor.
They're also blatantly dishonest. I've been getting notices that say "your friend X recommends you befriend Y", but i've confirmed that these messages are generated by a FaceBook algorithm, NOT submitted by the person whom they say.
If it weren't the only way to know what my family members are up to, i'd swear off FaceBook in a heartbeat...come to think of it, i might anyway...
I am not a number - I am a free man!
If Apple owned Facebook and wanted to make it less private, instead of gradualling making the whole thing public, they would have just created a public page for each user and made it 1-click easy to share anything from your private page on it. Apple added 1-click publishing of photos to iPhoto a long time ago, they didn't just ship a new iPhoto version which put your whole photo library online.
One of Facebook's de-privacy updates exposed Zuckerberg's photos to the Web, including one of him clearly high next to a bong. A lot of typical Facebook users could have been fired or arrested for that. If we're not going to have privacy for the sake of billion dollar corporations, we need to scrap the drug laws and we need laws that protect people from being fired for their personal lives first. Police departments and employment agencies have already admitted they troll Facebook and make lists.
Ultimately, an entrepeneur has to offer people something they choose to buy, not bait and switch like Facebook.
Yeah but it's still funny. I'm going to write a mod that swaps the -1 Troll and +1 Funny modifiers, and for once in your life you're going to be laughing when you read a post marked +1 Funny.
Slashdot moderation really works, it's just the scoring that's off.
Imagine every xkcd and Simpsons reference modded -5 Troll. Ahhh the possibilities.
When you go on Facebook and publish something for world and dog to see, you haven't given up any privacy, you've merely decided that something is not to you private. There's nothing fundamentally wrong with that, nor is that Facebook's fault. It may not be the best idea, but it's not actually a loss of privacy, any more than opening your windows is.
The issue with Facebook is actually that you don't have sufficient control over what information you share and with whom you share it. Some of that is the fact that Facebook's privacy controls aren't granular enough and the privacy UI is confusing. Some of it has to do with the fact that other people can post things about you that you don't like(though technically publishing a photo of someone where they are recognizable without their consent is illegal) so there ought to be some degree of protection there already.
The biggest problem though is that they keep changing the settings on you so that it's impossible to pick who you want to share what with whom. The reasons they do this are quite understandable, they are a giant advertising database and they want to make money off that, but it doesn't change the facts.
There's no inherent violation of privacy when you share your most intimate private details with the world on Facebook, or anywhere else, it might not be the brightest idea, and only time will tell whether any of those people get more out of doing it than they lose, but it's not a problem.
The problem is when things get shared without your consent, and outside of your control. That is a violation of privacy and is not in any way good, or for the best.
I swear he talks just to hear himself yak. He's still nattering about Web 2.0, even after years of real people not caring. As so many others have noted, making even erudite excuses for corporate misbehavior is still asshattish.