Privacy and Social Networking: The Absence of Regulation Makes Non-Profits A Better Option for Users

-- By MakalikaNaholowaa - 08 Nov 2009

I’m Worried that Advertisers Are Learning Too Much About Me on Facebook

Companies use many lures to entice online users into surrendering their privacy, such as discounts on goods or “free” access to resources for the bargain price of their identity and usage data. But corporate-America has negotiated no better deal with users for this information than on monetized social networks. At sites like Facebook or MySpace? , users feed corporations more personal data than was ever collected by a retailer’s registration form or user purchase history. With status updates, profile information, and events, users are telling social networks everything about themselves. Information that could only be roughly inferred before is now freely offered up, straight from the horse’s mouth, and therefore with previously unimaginable accuracy.

And of course the data is being put to work. For example, soon after creating a Facebook event titled “baby shower,” the ads served to my profile page included titles like “Are you a game-loving mom?” and “Win Disney on Ice Tickets!”

Surveys show that Americans have long been concerned about companies’ use of their personal information acquired online. But, as people begin to notice the efficiency with which social networks mine the data they are fed to tailor advertisements served at an individual level, users’ unease is rising. People are taking pause from their attempts to seem more interesting than their closest three or four hundred "friends" and developing concern about what CafeMom and Disney are learning about them.

This raises the question: what legal duties do social networks have when using users' personal information to sell advertising? The answer: pretty much none in the United States, and for practical purposes, none within the European Union either.

The United States Doesn’t Care, the European Union Cares but Can’t Help

American Law

US law is mostly silent with regard to how social networks handle user information, particularly in regards to marketing. At the federal level, address of marketing practices on social networks seems mostly to be happening at the FTC. The FTC's current approach is to work with stakeholders to formulate principles for social network self-regulation. At the state level, the past two years have resulted in a smattering of social network specific bills centered on the public’s concern about children’s safety and the unwanted distribution of unflattering photographs online. Also focused narrowly on child safety, a working group of attorneys general from 49 states and the District of Columbia signed agreements with Facebook and Myspace in 2008 outlining a plan to decrease children’s risk of falling prey to sexual predators and peddlers of cigarettes and alcohol. None of this work has created significant data protection for social network users.

The Law in Europe

Within the EU, where some believe the horrendous consequences of privacy infringement in World War II created a populous more protective of its human right to privacy than Americans, citizens fare better on paper. Social networks within the European Economic Area are subject to the same rules as other “data controllers.” This imposes restrictions on social networks’ use of personal data for marketing, such as how social networks share user data with third parties and how long they can retain a user’s data. Social networks are also prohibited from creating personal profiles about non-users with data inferred by information provided by users. However, the protection these provisions provide are practically voided by enforcement issues. Each member state is tasked with creating and enforcing their own local law consistent with the EU rules. This creates issues of uneven enforcement, penalties, and compliance that lessen whatever victory the EU rules represent for privacy advocates.

Facebook Isn't Working in Your Interest and the Law Doesn't Protect You There, so Move Away From It

Today's dominate social networks are for-profit and their business models depend on marketing. As reflected in the current state of the law, neither the US nor the EU are willing to enact regulations crippling those models. And, although social networks like Facebook are often credited for continually working with governments to address privacy concerns, obligations to investors and their for-profit character make true respect for user privacy difficult to honor without real regulation.

But, a social network does not require a business model, investors, or profit goals. If you remove the profit-focused elements from a social network, then there is no need for advertisers. Then social networks could stop infringing upon users’ freedom through the collection and manipulation of their data to enrich third party profit mongers. These types of social networks are available now.

Facebook Alternatives Exist

For example, Kaioo, developed in Germany, is a non-profit social network funded by donations and offering very similar features as Facebook. Kaioo users own all of their data and Kaioo is working with users to develop terms and conditions that meet its community’s needs and desires on a site wiki. Kaioo is accepting registrations now.

Another example, Yakkit, is a non-profit niche social network going into beta late this year. It was developed by two developers, an artist, and a small group of educators collaborating across the U.S. in the evenings after leaving their day jobs. Costs for the project have been paid for by a relatively modest government grant. Yakkit does not plan to have advertisements or to share user data for any type of marketing.

Non-profit social networks like these do not address all concerns about privacy and social networking. But, they demonstrate that people can have a forum for creating a community, in a form that has a proven appeal, without being sold to the highest corporate bidders. The technology is easy to reproduce and social network costs can be addressed without auctioning users to advertisers. And, for users, non-profit social networks like these are low level of effort alternatives to the monetized types dominating the landscape today. So tell your friends (and connections and buddies).

  • As you can imagine, I've thought a good deal about free services economies, and I'm not sure that non-profit social networking adds up for me, because centralizing web hosting means centralizing server and bandwidth costs, which you wind up having to cover either from the users or from those seeking to be in touch with the users, which puts you back on the slide. And, as your last sentence shows, as long as we are talking about competing centralized services, interoperation to overcome network effects is necessary to new entrants, and the incumbents will not make that easy for anyone, and will try to make it impossible for a participant without revenue flows.

  • Fortunately, this whole social networking service thing is a hoax anyway, based on making people believe that free webhosting plus some PHP doodads is a valuable thing for which sacrifice of your privacy is necessary part payment. The social networking appliance—the wall-wart server you bring home, plug in to power and network and which then takes over your social networking, doing what the server side of Facebook presently does, while keeping your privacy under its control rather than anybody else's—is present-day technology, and will soon be available. Then you can *de*-centralize the social network, putting all the activities at the edge, where the data is under your control and the privacy problem becomes very much smaller.

  • So I think you've got the analysis completely right, and the need for people to emigrate to safety spot on. I think the right technical approach would enable us to finish off Facebook and the rest of the surveillance-based social network products very quickly, because people would gain security, privacy, portability and features for a very small one-time price. But your essay doesn't quite get us there. Yet.

# * Set ALLOWTOPICVIEW = TWikiAdminGroup, MakalikaNaholowaa