Law in the Internet Society
(Second Revision, Ready for Review)

Facebook, Google, and the Facade of Privacy

-- By YuShi - 16 Nov 2009

It is becoming increasingly difficult, if not impossible, to find people my age who do not use Facebook or Google. These two services have become such a part of young people's lives that they are now both nouns and verbs, and one who does not own a Facebook or Gmail account risks the stigma of being labeled a social anomaly. Despite the ubiquitous presence and widespread use of Facebook and Google, however, people still do not have an adequate understanding of privacy risks that such services pose. In this essay, I first discuss the layperson's understanding of Facebook and Google privacy options, then explain the latent but grave threats that are not apparent to the average user.

The Facade of Privacy: What the Average User Knows

The average person's understanding of Facebook and Google privacy is unfortunately influenced and undermined by what they hear from these companies. Facebook, for example, seeks to portray itself as privacy-conscious by appearing to give users a plethora of privacy control options: you can exclude categories of people from seeing your profile or you can exclude certain individuals, you can hide this part of your profile or that part of your profile. By inundating users with these "privacy" options, Facebook is attempting to convey the perception that they genuinely care are vigilant about every minute detail of your privacy.

The average user sees the wide array of privacy options and feels like he is in control over his information. For the average user, it seems like he exercises total control over who sees what, and if that is the case, then what more is there to fear? He thinks that at worst a hacker might hack into Facebook's central database and pilfer data, but then he realizes a thief can also break into his house and steal personal information. One, of course, cannot plan for every single contingency. The average user, then, is complacent, and for the most part, feeling secure.

The Evil That Lurks Beneath

Unfortunately, the average user is missing the point and overlooking a real source of danger. Yes, one can block his neighbor from seeing his Facebook profile, and sure, one can hide his profile from people who are not his "friends." But who is there to prevent FACEBOOK - and that includes people associated with the company, people with whom Facebook does business, etc - from having access to your information? It is certainly not the average user who naively posts everything about himself on Facebook, thinking that he has painstakingly adjusted his privacy options so that his profile is off-limit to strangers. That is tantamount to guarding the front door when the thief is already inside, and leaving the backdoor open. The people at Facebook knows more about you than you can imagine. Consider this: Facebook can predict whom you will date. They probably also know if you are gay, even if you do not tell them. If one thinks these information will always and forever be kept confidential, then he must have forgotten that Facebook is a for-profit company with a spotty record of respecting privacy. For example, as recently as last year Facebook had this to say about third-party applications: "Facebook does not screen or approve Platform Developers and cannot control how such Platform Developers use any personal information." Essentially, anyone could create a Facebook application, obtain your data, and use it in whatever way he wanted.

Then there is Google. Try looking at the "Web History" section under "My Account." You will probably not like what you see. Are you really comfortable with this omnipresent spy tracking every step of your internet search activity? If you use Gmail, you must have noticed the advertisements on your Gmail page. How do you think these ads are chosen if not based on the text of your emails? Does the thought of having your emails perused by others trouble you? Well, all the emails you have on Gmail have been read by Google's computers. Maybe at this time you are comfortable with having your emails read by an insentient being, but understand that your email address is now associated with certain keywords. The potential for abuse is overwhelming: what if Google compiles a list of email addresses that are associated with certain keywords and send them to a third-party or the government? That might cause some embarrassment in the most mild cases, and perhaps legal trouble in the more serious instances.

So What?

It is not the purpose of this essay to persuade people to stop using Gmail or deactivate their Facebook accounts. Rather, the aim of this paper is to let people understand that Facebook and Google's many privacy control options are merely a facade that belies a vast potential and capability for abuse. Thinking that one has his information sealed airtight just because he played around with Facebook's privacy control is like believing that one has annihilated an entire army by killing one foot soldier.

I am aware that people want Gmail because of their desire for a particular form of e-correspondence and storage, and people use Facebook due to fear of becoming a social pariah. If one values those services to such an extent that he would rather be spied on than go without those services, then that is certainly the individual's choice. It might not be the wisest choice, but at least it is an informed one.

Navigation

Webs Webs

r9 - 18 Jul 2010 - 19:00:25 - YuShi
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM