Law in the Internet Society
Ready for review. All comments are appreciated .

Facebook Applications and Minor Users: The New Danger of Facebook?

-- By HeatherStevenson - 11 Nov 2009


The Perceived Problem

According to Facebook's own statistics, the social network has over 300 Million "active users." Users upload over 2 billion photos and 14 million videos each month. Given the enormous amounts of data published on Facebook, the stories of public humiliation that has occurred when information was intentionally shared but inadvertently made accessible to the wrong person, are hardly surprising. Running a Google search for the term "Facebook privacy" links to articles such as "10 Solid Tips to Safeguard Your Facebook Privacy,"which provides suggestions on topics like how to prevent your pictures from appearing in advertisements. Still, it seems that these suggestion, as well as Facebook-related public humilition, are only a small piece of a more complex issue. "Privacy" in the sense of preventing an unwelcome viewer from seeing a photo of an adult Facebook-user engaged in activities that he believes only the people present will ever see, can be easily protected by refraining from posting embarrassing photos and information, and by becoming "friends" with only people with whom the user is willing to share personal information. The public conversation about Facebook and privacy has addressed only part of the Facebook-based privacy problem.


Facebook Applications and Minor Users

A significant but less obvious danger is that by partnering with various other companies, Facebook will learn so much about its users that "privacy" becomes a thing of the past. This problem is magnified by the fact that children may join Facebook, potentially creating records of their behavior and preferences over many years before they are adequately equipped to make the decision to share such information. Because users voluntarily share so much information with Facebook, and because there are some apparently convenient reasons for allowing other sites to link to Facebook, Facebook has great potential to destroy what’s left of our private lives. The most dangerous aspect of Facebook as it relates to privacy may not be Facebook per se, but the multiple information gathering applications that run on Facebook.

Facebook could know where and when a user goes out for a run, which high school seniors schools in the NCAA are recruiting, every action that a user makes while on Amazon and where users plan to travel on spring break. As the data analysis technology behind each of the companies that links to Facebook becomes more sophisticated, the information that the companies' applications share will reveal increasingly personal information. Consider Amazon - currently the site creates recommendations by filtering and matching "each of the user's purchased and rated items into a recommendation" list (see: www.cs.umd.edu/~samir/498/Amazon-Recommendations.pdf), rather than by comparing users to other users(78). Eventually, however, it seems likely that a program will be developed that can combine the current item-to-item matching with other factors such as timing of various purchases, location of purchaser, and other factors. In the case of Amazon, this would mean that both Amazon, Facebook and any third parties with whom either of the first two companies shared information could eventually make near perfect predictions about what a user would and would not like to purchase. This is a useful marketing tool, but is also information that could potentially be used to determine a user's political affiliations, lifestyle choices, hobbies, career path, etc. As the information available from these applications increases, Facebook will own information providing an increasingly complete picture not just of what a person looks like or does (as can be found from Facebook without applications) but also of formerly "private" aspects of a person, such what a person dreamed of doing with his life when he was young. Currently, Facebook is allowed to access to an extensive database of information because many individual Facebook users grant it permission to access their data. This means that young users, deemed "minors," and prohibited from making many important choices for themselves, may give away their privacy before they realize what sharing certain information may ultimately mean.

Though the Children's Online Privacy Protection Act protects children under 13, it does not cover minors ages 13 to 17. Under COPPA, websites may not collect "personal information," including "hobbies, interests and information collected through cookies or other types of tracking mechanism" about children under 13 without parental consent. However, the five years during which a child is minor but not protected by COPPA provide ample time for him to share information over which he may later regret having lost control.


One Potential Solution

The easiest solution to these Facebook related privacy problems is simple - get off of Facebook (or at least restrict younger users). However, given that millions of users continue to voluntarily share personal information with Facebook, both directly and through third-party applications, another solution is necessary. I would propose a legislative solution whereby Facebook is prohibited from directly providing information to or receiving information from other websites about its minor users, including those age 13 to 17. Users under 18 should not be able to waive this right by allowing Facebook and other companies to share their information directly (though nothing is to stop users from posting similar information directly into their profiles). By preventing the sharing of user-generated personal information between Facebook and other companies, this legislation could protect users from giving away more than they mean to - which happens when small pieces of information combine over the course of years to create a bigger, clearer picture that is greater than the sum of its parts. Of course such legislation would face challenges: users might find build applications that circumvent Facebook controls, the legislation might not be popular because it's seen as impeding free speech or business development, or, perhaps most significantly, the legislation might fail because from a practical point of view, websites have limited abilities to identify users' true ages. However, such legislation would at least slow the speed at which Facebook youngest users' privacy is completely eroded, possibly providing them with enough time to realize how much they might ultimately lose by sharing personal information.


You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. To restrict access to your paper simply delete the "#" on the next line:

# * Set ALLOWTOPICVIEW = TWikiAdminGroup, HeatherStevenson

Note: TWiki has strict formatting rules. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of that line. If you wish to give access to any other users simply add them to the comma separated list

Heather,

This is a really interesting topic. We've talked a lot in class about the privacy implications of Facebook on adults, but I never really stopped to think about the ramifications for minors--a group which is obviously much less informed and/or concerned about their privacy.

I think your legislation solution has a lot of merit, although I think that if such legislation did come about, it would be motivated not by strictly by privacy concerns (i.e. not by concern for Facebook selling information), but by child safety concerns from online predators, etc. In any case, the result would be a very good one I think.

-- EdwardBontkowski - 23 Nov 2009

Heather,

Thank you for your comments on my essay.

After reading your essay one issue that comes to mind is how you would verify age. Simply relying on the user to correctly identify his age would probably not be effective. If users were required to verify age through presentation of a government issued ID or credit card that would add an element of inconvenience for all users. That verification process itself would also require the disclosure of additional personal information by all users. I like your proposal and unfortunately I don’t have a lot to add; however, that is one question that occurred to me.

-- BrettJohnson - 24 Nov 2009

Yes, I agree with Brett. The age verification process would probably be very similar to the process used by pornographic websites and online gambling sites. At the moment, these processes are incredibly ineffective. Adding in the contradictory tension of having to provide personal information in order to prevent others from obtaining it only makes it that much harder in this case.

-- EdwardBontkowski - 24 Nov 2009

Heather,

I think you've got a good idea here. My only suggestion would be to tie in or reference COPPA, the Children's Online Privacy Protection Act, since it seems directly on point. Nothing else from me, nice work.

-- BrianS - 24 Nov 2009

Thank you all for your comments on my essay. You are likely correct both that age verification would pose a large obstacle to my proposed legislation and that if such legislation were to pass, it would not be in response to privacy concerns. I've attempted to include both of these issues (though unfortunately only briefly due to the short length of this paper). Brian, thank you especially for pointing out the importance of COPPA. Bringing in COPPA suggest the particular importance of my argument for teenagers between 13 and 17, and I'm glad I was able to address that point!

-- HeatherStevenson - 25 Nov 2009

 

Navigation

Webs Webs

r17 - 25 Nov 2009 - 18:11:58 - HeatherStevenson
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM