Is Facebook’s Change Your Own Damn Fault?
It’s good to see people talking about Facebook’s dissolution of the privacy walls its members were accustomed to. With any active discussion you get disagreement, but I wasn’t ready to see sentiments suggesting that people deserve embarrassing exposure because they made the mistake of trusting Facebook, or any web service for that matter.
Chris Pirillo, long standing web citizen, really surprised me with this tweet today:
How to protect your privacy online. Step 1: STOP SHARING SHIT YOU DON’T WANT THE WORLD TO DISCOVER. Step 2: See Step 1.
Is this where we’re at? That trust in the way a service behaves has no place on online? Chris isn’t the first person to express the sentiment that those feeling exposed are authors of their own misery. In performative terms, yes, they are the ones who posted compromising information. Or their friends did it for them thinking it wouldn’t be shared. But that guideline doesn’t cover that case. So let’s over-simplify it and pretend they posted everything themselves.
Since Chris put it as bluntly as I’ve seen it, and I have a hard time believing he advocates blaming the victims, I’ll use his tweet as a springboard to explore that idea.
The heart of my beef is that Facebook established a level of privacy between members, then changed it without warning and made it hard for a lot of people to understand. It’s not that networks can’t leak things that we’d rather keep among friends or family, but I reject that we should agree to give up privacy, at random, in exchange for being online.
This online stuff can be kind of abstract, so how about some examples to show how this attitude plays out in contexts beyond Facebook:
- Example 1: DropBox allows you to share some folders with selected people. What if they change that and expose all your files to the people you shared something with, or just everything with everyone. Is that my fault?
Or let’s take it offline:
- Example 2: You and I have a conversation that you ask to keep private, and I agree. What if I change my mind, and share not only that conversation but all others we’ve ever had. Is that your fault?
Let’s not even bother with the obvious problems in the contexts of online banking or asking a doctor for advice from a remote location. By the logic of Chris’s tweet, and I am picking on him here, it’s your fault if your finances and medical problems are disclosed to the world, because you didn’t “See Step 1.”
But let’s take it even further. Food services are built on trust. I can walk into any number of restaurants, world-wide, and expect not to be poisoned. I place critical, existential trust in people I never meet every time I dine out. Can you imagine the tweet?
How to not get poisoned in restaurants. Step 1: STOP EATING FOOD YOU DIDN’T GROW AND MAKE YOURSELF. Step 2: See Step 1.
See? It’s your fault because you didn’t carry your Personal Food Tester kit to the pizzeria. Let’s take it one more step, and say that if I don’t know how to defend myself when walking down the street that anyone should be able to beat me up, because I naively trusted the social contract.
Wow! How did we get here from a silly little privacy change?
Because it’s not little. The web is becoming an essential part of daily life in the first world, and the same expectations of trust in a business and the expectation of responsible behaviour need to apply if that is to succeed. Otherwise we’ll have a machine on our hands that burns anyone who doesn’t handle it from a default position of paranoid distrust, and a mob of Browncoats who are there to blame them for not knowing better.
Does that sound like the web we want to live with? Not to me.
Leave a Comment
I’m the last person who would ever chalk something up to user error, but I’d also go as far as to say that oversharing has become the norm – not the exception. People often forget that they’re putting “stuff” out there, damning the consequences.
It’s simple: if you don’t want something online, don’t put it online. Facebook has nothing to do with your personal responsibility. Just as you have a choice on whether or not to eat food at a restaurant, you also have a choice whether or not to post something online.
“Personal responsibility” is the key phrase, there.
[Thank you for the cogent discussion.]
I agree with you wholeheartedly. I think that we as IT people need to really lead in this situation. You and your friends in IT are the first line of defence in situations regarding computers and technology that your friends and family rely on for advice whether we like it or not. They do not know any better and would rather care less to learn about security or privacy. That is why we need to be sounding the alarms when sites or companies purposely deceive their users for monetary gain. I think of my Mom, sister and other friends who have absolutely no clue what has changed. All they want is to be able to communicate easily.
A lot of people will stay with FB until another site comes along. We as IT should be guiding them on that path not blaming them for not knowing any better.
I agree that we can’t prevent a company from changing the rules, and retroactively exposing our data to the world. I don’t believe that it is the users’ fault, although I am disgusted with the level of trust placed in a company whose purpose is to make a profit, at our expense.
I think that given these types of post facto privacy changes, Facebook has violated the contract with its users, and should be punished for that violation. Since the only effective punishment would be a boycott, I propose that we pick a date, advertise it widely, and cancel our accounts on that date, should facebook not correct their privacy failures by that time.
[...] Facebook’s Change Your Own Damn Fault? http://corvusconsulting.ca/2010/05/anti-privacy-browncoats/ [...]
[...] [...]
[...] Facebook’s Change Your Own Damn Fault? http://corvusconsulting.ca/2010/05/anti-privacy-browncoats/ [...]
Thanks for stopping by to comment, Chris.
I think I get what you’re saying, but can’t agree that everything begins and ends with what you’re calling personal responsibility. When we enter into social agreements, like using a web service or eating at a restaurant, there’s also responsibility to the agreement. Restaurants can’t be let off the hook for food poisoning because someone chose to eat there, and nor should Facebook be let off the hook for going back on the privacy promises that people posted their data under. If we just lean on a mantra of ‘personal responsibility’ then we end up with it only running one way, towards the victim, and never towards the perp.
In the end, the network has the capability of privacy, and it needs to have that capability in some contexts. Saying that it’s my fault if my online medical records or credit card number leak out because I entered the data or gave consent under a premise of privacy just doesn’t cut it in the real world or online.
I like Josh’s idea of a mass protest, and ironically Facebook has been good at providing features to coordinate such things. For me, I deleted my account a couple weeks ago, as I don’t see any prospect for meaningful change in FB’s behaviour. It’s also harder to get a lot of people cancelling at once, as many feel they need to be there.
Maybe a good protest would be for participants to change their profile photo to one of their back turned, taking the face outta facebook for a day or more to show their unhappiness with the new policy and how it’s been implemented.