- Why do so many of us accept a default "public" setting? If privacy settings aren’t available (or aren’t used) does that automatically indicate that information must be public?
- Information being scrutinized, captured, exploited isn’t just what's been posted – it’s also the photos and posts other people put up, as well as comments and conversations that take place on an individual's own page or where they have been tagged. Even more worrying is the potential for inferences to be made and conclusions—true or false—to be drawn.
Woke up recently to email from a friend – he’d noticed several acquaintances taking photos from of a recent Facebook album of his and re-posting without attribution. He wondered about the legality of it, but also about whether this was the accepted practice on Facebook. It's an excellent question which required delving into Facebook and its policies.
Facebook’s Statement of Rights and Responsibilities includes the clause that: [y]ou will not post content or take any action on Facebook that infringes or violates someone else's rights or otherwise violates the law.
In most if not all cases, that Statement should mean that anyone lifting someone else’s photos and re-publishing them are not just compromising the author’s rights to the image but also are not complying with Facebook’s terms. Yet this practice isn’t restricted to this particular friend’s friends….it’s pretty commonplace online, this grabbing and re-publication of images without acknowledgement or attribution. It’s not just photos – we see information from social media sites re-used and re-viewed in a variety of circumstances.
Whose data is it?
Why does this happen? The roots are in a common presumption that information online is public by default. This isn’t news -- typically when the question of privacy online, especially privacy on social networks like Facebook, comes up it seems like everyone is an expert. Conventional wisdom tends toward the notion that once we put information on Facebook or really anywhere at all, to expect privacy is ridiculous. That ship has sailed, someone will explain patiently, information online is information that's been released into the wild. You have no privacy; you have no control over the information at all!
Helen Nissenbaum has written extensively about privacy as “contextual integrity", breaking down the way(s) appropriateness is assessed in determining whether and where information is divulged. A breach of privacy, then, is one where either information is inappropriately divulged, or one where the realms within which the information flows are outside the normative understandings embedded in the original sharing of the information.
The next time you find yourself snorting dismissively about someone’s failure to protect their information and subsequent complaint about its collection and use, stop. Think for a moment about if that were you. Think about the context in which you would’ve uploaded the information, the expectations about who would see it and what would or would not be done with the information that informed your decision to make it available. And from that perspective, ask yourself if that information is *really* public. In the offline world, joking posturing for a friend or friends would be understood as such – why is it that we presume that performing that same act online makes it presumptively “true” and relevant to an assessment of my overall character or employability?
Blaming the "stupid user"