Social Web privacy: A new kind of social contract we’re all signed onto

1993: In a famous New Yorker cartoon, a dog at a computer says to his canine buddy looking up from the floor, “On the Internet, nobody knows you’re a dog.” Fast-forward 13 years….

2006: “On the Internet, EVERYBODY knows you’re a dog,” declares the subhead to a Michael Kinsley essay in which he wondered at how narcissistic the social Web was (before that became a cliché). Fast-forward only four years this time….

2010: Although Internet industry CEOs have recently declared the death of privacy (see security expert Bruce Schneier’s blog), “privacy is not dead,” said social media researcher danah boyd in her keynote at the SXSW conference in Austin last month. “People of all ages care deeply about privacy. And they care just as much about privacy online as they do offline…. Wanting privacy is not about needing something to hide. It’s about wanting to maintain control.”

Furthermore, boyd said, privacy and publicity are a mashup. Web meets reality. We all intuitively know there are many gradients between totally private and totally public – some people online know you’re a dog, some don’t; the numbers vary, based on how you use the Web, who you are, and how you live your life. The Web increasingly mirrors all of “real life.” Technology didn’t just start interacting with user privacy. Remember “Don’t tell anyone who calls that your mom and dad aren’t home”? “Will I sound too eager if I pick up after one ring?” Or even: “Who will see me reading this radical book?” Buzz, email, Facebook chat, tweets, texts, etc. are used in the contexts of our real-life relationships and situations just as much. Which is why it’s absurd to think privacy is dead, or ever will be.

“Think about a cafe that you like to visit,” said boyd. Compare your Facebook page to that public space in real life. “There’s a possibility that you’ll intersect with all sorts of different people, but there are some people who you believe you are more likely to interact with than others. You have learned that you’re more likely to run into your neighbors and you’d be startled if your mother popped in, since she lives 3,000 miles away. You may have even chosen this particular cafe in the hopes of running into that hottie you have a crush on or avoiding your ex who lives in a different part of town. You have also come to understand that physics means that there’s a limit on how many people will be in the cafe. Plus, you’d go completely bonkers if, all of a sudden, everyone from your childhood magically appeared at the cafe simultaneously. One coincidence is destabilizing enough; we can’t really handle a collapse in the time-space continuum.”

The difference between my old landline and book examples and today’s media and communications environment is the speed at which we communicate and socialize and the speed at which new technologies and products become available (the latter are digital, so they can be made available to all users simultaneously and globally within seconds). So we need to think carefully and a lot – in proportion to the speed of technological change, I’d say.

Who needs to think carefully and a lot? Everybody involved, together, not in silos – users, companies, educators/advocates, policymakers. But let’s just consider two key stakeholders, which – in the current new user-driven media environment – are really parties to a new, global social contract brought about by the media shift (or shift to multi-directional, increasingly user-driven media), the social contract to which I think Secretary of State Hillary Clinton eluded in her “21st-Century Statecraft” speech early this year. Those two parties are:

1. Internet industry, users are unprecedentedly your bread and butter. They supply all the “content” on your services. You need to bake consideration of the privacy and safety impacts of their doing so into your product on an ongoing basis. For example, when you mash services up together, such as email and social-network updates, you need to think about how one tool is very private and the other very public. People use them differently. So combining people’s email address books and social-network friends lists instantly without preparing them can create a lot of cognitive dissonance and bad will. “In digital worlds, people need to be eased into a situation, to understand how to make sense of the setting,” boyd said. Companies need to poll their users or at least do focus groups before they make significant changes to the user experience, and after product or feature release, do more consumer education.
   Users & providers as “dance partners“: “When you moved from Web1.0 to Web2.0,” boyd said to “the technologists in the room,” “you moved from thinking about designing and deploying software to creating living code. You learned to dance with your users, to evolve with them.” That’s a powerful metaphor: Social-media companies and users are partners like never before. Users are not mere customers or consumers. Watch while they increasingly exercise that inherent power.
2. Users, we don’t need to become conspiracy theorists, but we need to be serious about paying attention to privacy settings – and go over them each time a favorite social tools announce a new social feature (such as Facebook’s just-announced new Like button and Instant Personalization). Consumer awareness and self-protection are essential to exercising our power in a user-driven or participatory media environment. Setting privacy settings are only the start of exercising our powers.
   Parents and teachers, kids know they don’t want others to have power over them. Help them see that that’s what privacy settings are about – having control over their own information and public image. When it’s put this way, they know they don’t want to let peers, companies, or anyone else do whatever they want with their info, reputations, and digital creations. You can help them see a) that it’s reciprocal: their friends feel the same way – privacy and safety are necessarily collaborative in this media environment (see this); and b) that honoring this new reality is protective to all concerned – oneself, one’s friends, one’s community, and ultimately society. It’s all interconnected and interdependent now. Mindful, collaborative behavior is baseline online and cellphone safety as well as privacy (see “Social norming: *So* key to online safety” and “From users to citizens”).

Other key points in boyd’s talk:

• PII and PEI are intermeshed. We hear a lot about personally identifiable information (PII) but not as much about personally embarrassing information (“PEI,” as boyd put it), which is every bit as important to users. She said: “Because most people are interacting online with people they know, they expect to make PII available. They do so because they want to be found by friends. But they also want to keep PEI hidden, at least to those that might go out of their way to use it maliciously. Unfortunately, it’s hard to be visible to some and invisible to others.” The reality online as well as offline, she said, is that “when people make information available, they make themselves vulnerable.” Product developers need to think about that as much as users.
• It’s complicated, like life. “Just because something is publicly accessible doesn’t mean people want it to be publicized,” boyd said. Adults, such as Slate’s Kinsley, often conflate the two when they talk about the “solipsistic social Web.” They’re forgetting to ground social-media use in real life, instead somehow thinking technology is layered on top of life as an add-on. For example, you’re “publicly accessible” to others when you’re at Starbucks, but you’re probably not publicizing your presence, though there are times when you might. You might sometimes use Foursquare so that everybody who follows you on Twitter knows you’re there. But the reasons for that aren’t necessarily narcissism but maybe rather hoping your local friends notice your shoutout and meet you there or, since Foursquare’s a game you play, you may be aiming to become “mayor” of that Starbucks. You’re probably not thinking that there’s a slim chance a burglar is following you on Twitter and – noting that you’re at Starbucks – robs your house, which is why social-media companies need to help educate users about that very slim possibility (as such). Digital media use is about as complicated, changeable, and individual as living.
• No magic formula. “Unfortunately, online environments are not nearly as stabilized as offline ones. While the walls in the streets may have ears, digital walls almost always do,” boyd said. The environments (Twitter, Facebook, etc.) aren’t stable, nor is our use of them. There’s little common sense around their use yet, like the old “Don’t let anybody know Mom and Dad aren’t home” – though most youth use privacy features in social network sites (see this). “There’s no magical formula … no easy algorithm to implement. Privacy and publicity are living things…. They are fundamentally processes grounded in needs, desires, and goals, situated in contexts and transformed by technology.” Of course some needs and rights haven’t changed, such as constitutional and legal ones for Internet users and providers in each country, though laws need to embrace and adjust to new-media conditions.

Because privacy’s a living thing that’s functioning in a new, rapidly evolving media environment, everyone’s a stakeholder in supporting it. We need to 1) stay informed and help our children see the importance of doing so and 2) keep revisiting our privacy settings in light of new conditions. Companies need to keep thinking about the impacts on users of the new conditions, bake that thinking into the products they create, and educate users about new conditions. Policymakers need to understand that 1) users want both privacy and publicity as well as the means to calibrate them and 2) need education as much as tools for intelligent privacy management. And we all need to see that – because of the unstable, collaborative nature of everybody’s wellbeing in digital media – privacy and safety are an ongoing negotiation, not a one-size-fits-all, once-and-for-all solution.

So I’d like to hear from you: Do you see it this way too, that a new kind of (multi-party) social contract is now in place, not imposed on us by any single power-holder but by changing conditions in which we are all invested (the social Web, or a user-driven, social/behavioral media environment )? If so, it seems to me that, under this contract, it benefits all parties not only to protect their own interests but to understand those of all other parties and protect them too. Otherwise, misguided “solutions,” bad laws and lawsuits, and other signs of dysfunction will continue to distract us from hammering out real solutions together. Sorry to end on such a negative note, but that’s what I see. Tell me what you see – via anne[at]netfamilynews.org, in this blog, or in the ConnectSafely forum!

Important related links

• “Youth, Privacy & Reputation” by Alice E. Marwick, Diego Murgia, Diaz, John Palfrey, and the Youth and Media Policy Working Group Initiative – a thorough review of research on the subject which has been published in the US, Canada, the UK, and the EU (released 4/12/10)
• “How Different are Young Adults from Older Adults When it Comes to Information Privacy Attitudes and Policies?” (released 4/14/10), by Chris Jan Hoofnagle, Jennifer King, Su Li, and Joseph Turow. Their conclusion: “that young-adult Americans have an aspiration for increased privacy even while they participate in an online reality that is optimized to increase their revelation of personal data…. Public policy agendas should therefore not start with the proposition that young adults do not care about privacy and thus do not need regulations and other safeguards. Rather, policy discussions should acknowledge that the current business environment along with other factors sometimes encourages young adults to release personal data in order to enjoy social inclusion even while in their most rational moments they may espouse more conservative norms.”
• Security expert Bruce Schneier blogging about both of the above 2 surveys
• Consumer privacy experts: the Center for Democracy & Technology and the Future of Privacy Forum
• “Young Adults Do Care About Online Privacy” in the Washington Post
• “Keeping Personal Info Private,” one of 8 lessons from Cablevision’s “Power to Learn” project for grades 4-8 (thanks to educator Anne Bubnic for pointing this out)
• A snapshot of the state of Web (and mobile) privacy at “Dan’s blog (2.0)“