I’ve been watching the public outcry over Facebook’s Beacon (social ads) program with great interest. For those who managed to miss this, Facebook introduced a new feature called Beacon. Whenever you visit one of their partners’ sites, some of your actions were automagically sent to Facebook and published on your News Feed. The list of actions is unknown, although through experimentation folks have learned that they include writing reviews on Yelp, renting movies from Blockbuster, and buying things on certain sites. Some partners were listed in the press release. When a Beacon-worthy action takes place, a pop-up appears in the bottom right, allowing you to opt-out. If you miss it, you auto-opt-in. There was no universal opt-out, although they’ve now implemented one (privacy – external websites – don’t allow any websites). Furthermore, even if you opt out of having that bit blasted to the News Feed, it didn’t stop sponsors from sending it to Facebook.
MoveOn started a petition, bloggers cried foul, and the media did a 180, going from calling Facebook the privacy savior to the privacy destroyer. Amidst the outrage, Facebook was also declared Grinch when unassuming users failed to opt-out and had their gifts broadcast to the recipients, thereby ruining Christmas. Privacy scholar Michael Zimmer also pointed out that the feature was peculiarly named because beacons give warning when danger is about to take place. Not surprisingly, the company was forced to adjust. Zuckerberg apologized and additional features were provided to let people manage Beacon. While this appeases some, not all are satiated. StopBadware argues that Facebook does not go far enough and New York Law School Professor James Grimmelmann argues that Beacon is illegal under the Video Privacy Protection Act.
For all of the repentance by Facebook, what really bugs me is that this is the third time that Facebook has violated people’s sense of privacy in a problematic way. I documented the first incident – the introduction of the News Feeds – in an essay called “Facebook’s Privacy Trainwreck.” In this incident, there were no privacy adjustments until public outcry. The second incident went primarily unnoticed. Back in September, Facebook quietly began making public search listings available to search engines. This means that users’ primary photos are cached alongside their name and networks on Google. Once again, it was an opt-out structure, although finding the opt-out is tricky. Under privacy settings, under search, there is a question of “Which Facebook users can find me in search?” If you choose “everyone,” that includes search engines, not just Facebook users. The third incident is Beacon.
In each incident, Facebook pushed the boundaries of privacy a bit further and, when public outcry took place, retreated just a wee bit to make people feel more comfortable. In other words, this is “slippery slope” software development. Given what I’ve learned from interviewing teens and college students over the years, they have *no* idea that these changes are taking place (until an incident occurs). Most don’t even realize that adding the geographic network makes them visible to thousands if not millions. They don’t know how to navigate the privacy settings and they don’t understand the implications. In other words, defaults are EVERYTHING.
Like most companies, Facebook probably chose the “opt-out” path instead of the “opt-in” path because they knew that most users would not opt in. Even if they thought the feature was purrrfect, most wouldn’t opt-in because they would never know of the feature. Who reads the fine print of a website notice? This is exactly why opt-out approaches are dangerous. People don’t know what they’ve by default opted-in to. They trust companies and once they trust those companies, they are at their mercy.
Most lofty bloggers and technologists argue that if people are given the choice, that’s good enough. The argument is that people should inform themselves and suffer the consequences if they don’t. In other words, no sympathy for “dumb kids.” I object to this line of reasoning. Most people do not have the time or inclination to follow the fine print of every institution and website that they participate in, nor do I think that they should be required to. This is not simply a matter of contracts that they sign, but normative social infrastructure. Companies should be required to do their best to maintain the normative sense of privacy and require that users opt-in to changes that alter that normative sense. In other words, what is the reasonable expectation for privacy on the site and does this new feature change that? Of course, I also understand that this would piss companies off because they make lots of money by manipulating and altering everyday users’ naiveté and sense of norms. Still, I think that the default should be “opt-in” and “opt-out” should only be used in situations that would protect users (i.e., a feature that would limit users’ visibility).
I kinda suspect that Facebook loses very little when there is public outrage. They gain a lot of free press and by taking a step back after taking 10 steps forward, they end up looking like the good guy, even when nine steps forward is still a dreadful end result. This is how “slippery slopes” work and why they are so effective in political circles. Most people will never realize how much of their data has been exposed to so many different companies and people. They will still believe that Facebook is far more private than other social network sites (even though this is patently untrue). And, unless there is a large lawsuit or new legislation introduced, I suspect that Facebook will continue to push the edges when it comes to user privacy.
Lots of companies are looking at Facebook’s success and trying to figure out how to duplicate it. Bigger companies are watching to see what they can get away with so that they too can take that path. Issues of privacy are going to get ickier and ickier, especially once we’re talking about mobile phones and location-based information. As Alison wrote in her previous post on respecting digital privacy, users are likely to act incautiously by default. Thus, what does it mean that we’re solidifying the precedent that “opt-out” is AOK?
I attended a conference last week and an employee of MySpace commented that the outrage over Facebook’s recent steps towards monetisation is more about the fact that Facebook never had advertising before rather than privacy. She pointed out that MySpace has always had advertising and there has never been an uproar about it.
I think it does depend on the many reasons why one joins Facebook. Many of the early adopters of Facebook may have been attracted to the site because of the lack of advertising. I consider myself a late adopter of Facebook, and therefore the lack of advertising came as a surprise to me rather than me considering it as a norm. From my own perspective, I don’t consider it an invasion of privacy. Rather, it is a move towards becoming like other sites. And if I have to see ads, then it might as well be ads I’m interested in.
Actually, Facebook introduced ads and targeted advertising a long time ago. It may not be in-your-face banner-style ads but they are there. As for whether they are making money off of them….
“In other words, defaults are EVERYTHING.”
YES! exactly! I’m a student, and I’m savvy about most things. But if it wasn’t for your blog, i wouldn’t even know about half of this stuff thats going on. Yes, there are some facebook groups that show you how to block annoying applications. But few people find them.
It makes me feel like I’m slowly being suffocated. I’m trapped into using this thing that I’m morally opposed to at this point. Of course, I can’t live without it and it’s an amazing service, particularly for international/multi-city people, but it’s so exhausting to constantly have to deal with new stuff. all this advertising pays for features I don’t really want, which is the worst part!
I think Livejournal used to make me feel this way, particularly with the Plus accounts (I defriend people that use them, because i have a standing offer to buy people paid accounts to prevent them from using Plus accounts). But now in comparison to Livejournal, Facebook is approaching traumatic.
Why can’t things just be simple, and cheap, and useful?
I really, really distrust Facebook and it is amazing to me how trusting its users are – but then, I think it’s now drawing in a crowd of older first-time social networking virgins who have never been bitten by privacy issues before, and don’t (yet) see the need for boundaries between their private and public selves. The privacy settings are a nightmare – it’s really not at all clear what access other organisations have.
What I really dislike is how grasping the site is; and then I go to web 2.0-type meetings where all the hip developers can talk about is their new Facebook widget. Facebook right now seems completely commercial, every last inch of it, in a way that’s far more dishonest than Myspace.
For me, this really brings home where the Internet is headed. On the one hand, “Web 2.0” can be seen as greater *investment* in digital social connections. On the other hand, it can also be seen more cynically as great commodification and monetarisation of what, up til now, has generally been “free”. I’m not a Facebook user as I don’t particularly like the way that my circle of acquantainces = money for someone else. In this light, though, it’s easy to see *where* Facebook is heading, and why Beacon makes “sense”: the goal is to capture – digitally, and hence monetarily – the things we do for free anyway.
Personally, I don’t find this trend exciting, liberating or convenient in the slightest. I find it insidious.
One potential correction here: the Facebook users search setting is now distinct from the public search setting, i.e. you can be searchable by anyone on Facebook, but your public profile is not available to search engines for indexing unless you check the box making it so. I hope I’m right about that, anyway. Otherwise, crap, I have to go fiddle with my privacy settings — again.
This is a great post, danah, you summed up Facebook’s privacy issues quite succinctly.
In response to Alison- like you said, “trusting Facebook users” are generally older folk- I think they’re more open to publicizing their online profiles because they’re seeking to make connections, they’re gaining from the public exposure and excited by all the novel possibilities. My ethnography of social networking sites primarily re/presents the voices of college students- particularly veteran Facebook users. The site started out as being a great little niche environment, so people could exchange intimate messages and upload photos from that crazy party where everyone was on a ton of drugs and so on. Then it opened up, everyone was pissed, and that’s when attitudes toward Facebook started to shift.
Most first-generation Facebookers have some degree of distrust/disgust for the site, often a great deal of it. Yet they continue to use it because it’s become so firmly integrated into campus social life- it’s a way to easily invite people to parties and share photos from said parties, to visually organize one’s social network and keep track of alumni and old high school buddies, to find out the sexuality or relationship status of that boy you’ve been admiring from afar. It’s crucial. If you’re not on Facebook, you’re probably going to miss out on some social gossip, or not get invited to some parties.
Such important social practices generally take precedence over the egregious invasions of privacy that most are highly suspicious of. The trend is not abandoning Facebook- it’s far too useful. However, the site’s reputation is definitely tainted, and some Facebookers are using the site to form or join groups that promote awareness of Facebook’s privacy policies and petition for change. Most, however, are simply becoming more savvy and protective of their online personas; it’s become increasingly common for me to be unable to access the profiles of those I’m not friends with because of that practice. There’s also a huge trend to apathetically accept that nothing can be done about it, much like how a lot of young people feel about our government.
Again, these are just observations of the changing attitudes among a specific subset of Facebook users. They know what’s going on (though I would say that only the Tech-savvy blog-readers have even heard about Project Beacon- but they know their information is being used for capitalist endeavors), they’re disgruntled that so much of what they do on Facebook is publicly broadcast and forever archived. Regardless of how they talk about it, however, they’re still using it regularly for everyday social practices. For many, it’s become as habitual to check Facebook as it is to check e-mail.
A point that I think fits with what you’re saying. A lot of good software designers (for the desktop or the web) already know that the important thing to do is have the best default settings possible. Instead of forcing the user to figure a lot of things out, the developer makes the product work right at first (though they may still have a lot of choices). There the incentives run together though: a good piece of software helps the developer and the user.
For Facebook and a lot of other companies, the problem is that what makes Facebook money, the advertising, is useless to the user. We want Facebook as a place to put our information, but we don’t want them to do anything with it. But to make money, they have to use that information. So long as that’s the basic structure, there’s going to be conflicts.
Privacy in SN sites is maybe understood that if strangers have no way of messaging you, even if they can see your profile photo (not your entire profile page), then that’s private enough. I learned to think that way from using Friendster or Myspace. To me, that’s private enough.
If default settings of SN sites does not reveal anything including profile photos and searh results, then how can one get invited and connect with people they know? Not very social or networky there.
I won’t be suprised, howevr, if online privacy advocates go overboard and target addressbook importers. After all, importers allow people to mass search and spam.
Yeah, let’s just all hang out at moveon or peta.org both very engaging sites, no?
Btw, Danah, is this real fur?
http://berkeley.facebook.com/friends.php?id=559436770
I find your thoughts here very interesting, and a bit of a wake-up. I joined facebook at the invite of a good friend, and have been somewhat perplexed by it ever since. And I pretty much don’t use it, other than the periodic logging in upon receiving a friend request. This post got me thinking, though. There are some things I still don’t know (are they gathering info whether or not I’m logged in?), but I decided to be a bit less apathetic about the information I’m allowing to be gathered.
I found this post, which might be useful to the people out there who want to use facebook but block beacon. (and the privacy settings, or opting-out of some of it, doesn’t mean the information isn’t being collected, as the following post explains quite clearly!) http://www.ideashower.com/blog/block-facebook-beacon/
I followed their steps, and it was very easy to do. I suppose I’m one of the paranoid ones who is a lot more worried about the info that’s being collected while I’m unaware than about the information that I consciously make available via profiles and posted personal information.
Thanks so much for your analysis. I’m glad I purged my profile and left facebook.
As an aside, your web server is serving up this page as ISO-8859-1 instead of UTF-8, which is making the word naiveté render wrong. Might want to contact netspace.org.
Cheers,
CMP
“Still, I think that the default should be “opt-in” and “opt-out” should only be used in situations that would protect users (i.e., a feature that would limit users’ visibility).”
Sure, every geek thinks that, including me. How then are they supposed to make money? ‘Cause if they don’t, they won’t survive, and another company who’s willing to do the same darn thing will arise.
Dan
Thanks for the great info! Everyone that I know thinks that I am a nut because I am a privacy freak. This is a great example of how easily we can all be manipulated. I 100% agree with you in regards to the “Opt-In” theory. It is shocking to me what is legal in this country and what is not..the “opt-out” model, in my opinion, should be completely illegal. I am emailing everyone I know the link to your site as I think that most people have no idea that this is going on. Thanks again for the info!
-Ryan
Pingback: Google Buzz as Experience Pattern « Fred Stutzman