Global Security, Privacy, & Risk Management

Social Media as a Privacy Tool? June 14, 2012

As one that closely follows the intersection of privacy and technology I read with great interest a paper released by Google entitled “Vanity or Privacy? Social Media as a Facilitator of Privacy and Trust.”  The paper is to be presented at the  2012 ACM Conference on Computer Supported Cooperative Work.  The paper is relatively short and presented as though it was undertaken in the nature of academic research.  I doubt I need to replay for the reader Google’s recent privacy issues and its recent changes to the company’s privacy policy.  With that in mind, it is difficult to read the short paper as anything other than a justification for these recent changes.   Unfortunately for Google, the paper is patently one-sided and the premises themselves are flawed, to put it mildly. It should be noted that the authors of the paper do include the following caveat: “While these examples offer no judgment on whether social media is good for privacy in any absolute sense, they do support our contention that it is possible to design social media systems that are engaging and supportive of privacy and trust.”

Before I delve into the paper itself, it is important to provide some baseline definitions for privacy and trust, particularly with respect to the online environment.  Privacy has traditionally been defined as the right to be let alone.  This is the definition that has driven US privacy law for more than 100 years.   However, the definition has failed to keep pace with the rapid technological advances of the 20th and early 21st centuries.   The Center for Democracy & Technology (CDT) has modified the definition of privacy to account for the information sharing that occurs on the web: “ The modern right to privacy also entails, therefore, the right to control our personal information even after we disclose it to others.”  Trust, on the other hand, is significantly different than privacy and has more to do with the development of community in social media than with protection of information.  Webster Dictionary defines trust as “ assured reliance on the character, ability, strength, or truth of someone or something.”  With that said, I will attempt to present my counterpoint to the arguments presented Google paper.

1) Vanity Searches Serve Privacy – The Google Paper argues that vanity searches (colloquially referred to as “googling yourself”)  are good for privacy in that it can help individuals understand their online reputation. This insight into “external perception.”  Managing your external perception, it is argued, allows you to minimize contact from individuals or companies that don’t have common interests.  If this is correlated back to the CDT definition of privacy, the argument falls very short.  Vanity searches do not provide individuals control over personal information – even after it is shared.  Vanity searches may give one insight into the information that is floating in the ether, but it does not provide individuals with the ability to manage or control how that information is disseminated.  This is particularly true in an age in which websites are “spidered” and archived for search engines.  Information that is available on the web is at least semi-permanent.  Vanity searches may let individuals know what information is available, but it does  nothing to provide any level of control over the data that is published.

2)Social Media Can Facilitate  Trust and Engagement – In support of this argument, Google presents the results of a study that indicates peoples are more likely to engage with material if they have social media endorsements (Facebok “likes” or Google “+”).   This is likely tied to trust, which is defined again as the assured reliance on the character of a something.  I am reminded of the book “Wisdom of the Crowds” by James Surowiecki, which suggests that large groups of people of are often better at discerning truth or correct answers than a single expert might be.  Once an individual sees that many others have recommended an article, company, or product, that person is more likely to investigate and engage with that entity.  This truth is played out in the rising use of social media among companies.

The Google position paper does raise some interesting points with respect to online reputation management, but it does not address privacy.  In fact, it misses the mark almost entirely.  Among the largest obstacles to privacy is the improper sharing of data among companies, not how we as individuals share information and anecdotes among friends and colleagues on sites like Facebook® and Linkedin®.  Companies (and applications)that improperly collect and share data on customers or users are far more insidious and dangerous to individual privacy than is the sharing of data among a group of known individuals.  This paper blurs the lines between privacy and “engagement and trust.”  Equating these two concepts does little to explain how they are actually related and is disingenuous in its attempts to convince readers that social media can actually be used as a tool for privacy.  In fact, users voluntarily cede their privacy (to varying degrees)  in order to gain the advantages offered by social media sites. Google’s own paper ends with the statement,”The content an individual provides that drives their self-representation must be provided with their awareness and understanding of how the aggregation of data contributes as a whole to their online representation.”  Again, the difference between online reputation and privacy practices are not addressed.  The onus is placed entirely on the individual to manage their own privacy.  There is no discussion of the responsibility of the social media platform to clearly define and communicate their policies with respect to sharing information among application providers, partners and other entities that may be associated with the “online community.”  The absence of this discussion severely limits the applicability of this paper and certainly raises questions as to it actual intent.