Recently, Facebook announced proposed changes to its Data Use Policy, including added information sharing with advertisers and nixing user voting on potential future alterations to its privacy policies.  As is to be expected, this proposal created a bit of an uproar from users who worry that the changes represent a significant erosion of their privacy.

It is debatable whether the proposed changes represent a big step away from user privacy considering Facebook’s preexisting policies.  If the worries are well founded, however, it is because the very nature of Facebook (as well as other social networking sites and apps) already endager user data by giving us the rope with which to strangle our own expectation privacy.  For instance, a recent study by Consumer Reports found that Facebook users increasingly post data that may be used against them by insurers, may make them targets for criminals, or may enable discrimination by employers.

While Facebook’s proposed changes may conflict with recently updated European laws designed to protect consumer information, the United States has no such protections.  Moreover, the changes proposed are quite similar to policies Google enacted earlier this year.  And since Facebook already mines data from its users for the purpose of targeted advertising, observers may only theorize as to the effect of the updated policies (some believe they are designed to bring Instagram users into Facebook’s data pool, while others fear the goal is to enable targeted advertising outside the Facebook environment).

The truth of the matter is that your information on Facebook, and the Internet at large, is only as safe as you make it.  And there are no quick fixes.  The effectiveness of those disclaimers some have posted has been debunked as a hoax, as illustrated by a recent post at Snopes, which takes a foray into contract law in criticizing one popular disclaimer.  Rather, users need to educate themselves on methods for protecting personal data on Facebook and on the Internet generally.

Self-protection is not only crucial from a practical perspective, but failing to use it may have broad legal consequences for privacy in the modern era.  As Judge Kozinski lamented earlier this year in an essay published in the Stanford Law Review, the constitutional protections of our private information are based only in a “legitimate expectation of privacy.”  When we, as individuals and as a society, fail to protect our truly personal information (or, worse, voluntarily make it publicly available) we put at risk the herd immunity that we have against intrusions into our personal lives by private companies and the government.  Maintaining this protection depends on taking protective steps that fall further and further away from online companies’ default settings, as indicated by Google and Facebook’s recent changes.  Such efforts may prove too cumbersome for a society increasingly intent on blurring the line between public and private spheres online.

Collins Kilgore

Image Source

 

15 Responses to No Quick Fixes for Facebook Privacy

  1. Veronica says:

    Although I agree with Jacob that there has not been a mass exodus off of Facebook, more people have been keen to deactivate their accounts for other alternatives (http://rt.com/usa/news/facebook-social-media-satisfaction-518/). I wonder how far Facebook will go before they lose enough of their users to change their privacy policies to align more with what social media consumers are seeking (assuming privacy is what people want). Are people as concerned about their privacy when they post on Twitter or Instagram? Or is this just another case where perception is reality and Facebook keeps drawing negative attention to itself?

  2. CLA says:

    Facebook really needs to get this privacy stuff worked out. Part of the fun of Facebook was seeing stuff that people wouldn’t otherwise post out in the open (scandalous party pics, scandalous Halloween costumes, etc.). As people become more afraid and more confused by their privacy on Facebook, they’ll stop posting this stuff, and Facebook will be less fun.

  3. KM says:

    I agree with many of the above comments. When it comes to general posting on social networking sites, online privacy largely has to be a matter of personal responsibility. But I think that Collins highlights an important point–there seems to be a higher expectation of privacy when it comes to data storage sites. Such data warrants a higher degree of privacy protection.

  4. Collins Kilgore says:

    Regardless of whether we think it’s legitimate for people to expect privacy for things they post online, I think the real issue is whether that loss of privacy will bleed out of social-network sharing into other personal data, all of which is (inevitably?) subject to cloud storage. When online services exist that blur the line between social networking and data storage (think Google), it scoots us toward an era when very little may be considered private, in my opinion.

  5. John Craven says:

    I have to agree with Jacob on his point regarding Facebook and other ad services “showing their hand” as to how and why advertisements for certain products pop up. Even though I would like to give credit to the masses that use Facebook or the internet in general, it seems that many still post without thinking. Having these advertising companies explain where the ads are generated from could be the push that is needed for the bulk of social media users to think twice before posting. However, I agree that the courts are not the proper party to bring this change about. It will likely take influence from the consumers that are wishing to protect their private information. But as we have seen, the collective action problems with Facebook users is an enormous barrier to overcome. It will be interesting to see what event will be necessary to spark the privacy protection movement of consumers.

  6. Sonal says:

    I’m definitely on board with J.P. While the general population may not be legal experts, it’s no secret that once something goes on the internet it’s there forever. But to a lesser extent, it’s common sense that you shouldn’t put something up if you really don’t want the world to see it. The transparency of Facebook, etc. is constantly discussed among the general public and is a pressing issue. It’s not an easy task figuring out where to draw the line of privacy here so for now, just keep private what should be private.

  7. Jeff says:

    It gets even dicier as we start moving away from simple text into browsing habits and individually-produced content. I think it’s safe to say that people generally understand that facebook and other online entities share and analyze the information that they type. Many people (including me) sometimes appreciate the benefits that come from customized searches or even customized advertisements. I think it’s less clear to most people that click-wrapped conditions may give away other intellectual property rights. The new announcement from Instagram strikes me as particularly troubling even as someone who doesn’t use the service.
    http://news.cnet.com/8301-13578_3-57559710-38/instagram-says-it-now-has-the-right-to-sell-your-photos/

  8. J.P. Urban says:

    While this issue is huge because it affects such a huge population (i.e., the Internet), it would be well beyond the realm of the courts to touch this issue. This is especially true in the case of Facebook. Because this issue is so publicized and hotly debated, consumers assume the risk that by making their lives accessible on Facebook’s servers, the data can be used for any legal purpose. It can be likened to the expectation of privacy that celebrities give up because of the nature of fame. Your life is private when you keep it to yourself.

    • Jonathan Hoffmann says:

      I agree that the issue is beyond the courts, but it should be.

      The landscape of the internet is still developing and doing so faster than any court system or legislature could hope to keep up with. In such situations, private parties reaching common ground will help make more practicable and accurate expectations of privacy than the bench or parliament.

      The time of corporate internet giants is still quite young. Google, facebook, Twitter, etc. are learning what we want and expect along with us. They will not diverge so greatly from what we demand so as to threaten losing users. So long as consumers of the internet speak with their custom, corporations will listen.

  9. Amanda Nguyen says:

    I really agree with Swathi. It seems every user is a legal expert when it comes to Facebook privacy but on the other hand, people throw out terms without knowing what they mean and those same people will be the first to admit they never read the terms and conditions. You never really can get something off the internet. There are no quick fixes–as you said–but a general increase in user knowledge and education would be nice.

  10. Jacob says:

    I think the reaction to all of the privacy changes has shown that people in general don’t care all that much about their privacy in theory. While people are very vocal in their opposition to changes that give Facebook greater latitude with personal information, there hasn’t been any kind of exodus due to the changes. The best way to avoid this problem might not be to protect consumers, but rather to force Facebook and other ad services to show their hand as to why they’re showing you the ads. If people saw each ad was labeled with “Because you were shopping on Amazon for headphones” or “because you commented on your friend’s profile about needing new shoes,” people could more readily attach the actual significance of signing away their privacy, and decide whether the ad-supported service are truly worth it.

  11. Joel says:

    I turned my ad-blocker off and refreshed facebook to see if the ads were targeted for me. A few days ago, my cat chewed through the cord of my headphones, so I’ve been on Amazon a few times searching for new ones. What do you know, a bunch of ads and coupons for a pair of Beats.

    It’s mildly unpleasant knowing there’s a file on you and your posting history/browsing habits out there, but so far I’ve never had my insurance rates go up or anything malicious happen. That is, unless advertising cheaply made and over-marketed headphones with bad sound quality counts as malicious.

  12. Samantha says:

    I just read an interesting post with an update about this situation. Apparently Facebook allowed users to vote on the new privacy policy, but the vote did not elicit a sufficient response. However, 589,141 users did vote against it. Facebook “decided to adopt the proposed updates” anyways. (See http://www.nbcnews.com/technology/technolog/facebook-ignores-minimal-user-vote-adopts-new-privacy-policy-1C7559683)

  13. Swathi says:

    I’ve found this whole situation incredibly fascinating. We’ve all seen Facebook users attempt to be lawyers by posting comments about protecting their IP per the “Berner” Convention and other irrelevant statutes and UCC citations.

    Users need to realize just how much of their privacy they signed away when they clicked the “I Accept” button for Facebook’s Terms of Service. If they truly value privacy, then unless courts step in, privacy likely means staying off of Facebook.

    To be sure, the fact that users are required to enter into a non-negotiable contract with Facebook is unfair. Because of the draw Facebook has and the amount of networking occurring on that platform, it is difficult to adhere to one’s desire for privacy. Every time you miss pictures of your friend’s wedding or fail to realize that a classmate is engaged, you realize just how integral Facebook is to our lives. Facebook can therefore seemingly extract any unfair agreement it wants.

    I’m interested to see how courts will handle the contract law argument in addition to the privacy law and constitutional law questions.

  14. Emily says:

    I think this should be a really interesting issue to watch. Will the only protection for personal information be keeping it private and off Facebook? Or will courts step in and protect individuals from the privacy policies of these companies and their own ignorance?