Facebook & the Right to Privacy
September 2, 2010The Internet in all its forms has become a core part of how we communicate, socialize, and handle very personal business every day. But protection of individual privacy is spotty at best, and it seems to be getting worse every day. As we become an increasingly digital nation, do access to, and privacy on, the Internet become civil rights?
Facebook and other social networking sites track our daily lives with increasing levels of detail. But unlike the supermarket savings club card that tracks our purchases in exchange for an occasional discount, these tools can be mined without our explicit permission. That’s become the tax we pay in order to participate in the digital community.
But with the power of "deep Internet" search tools and data aggregation mashups, the information freely available on the Internet about each of us is becoming more detailed, more deeply personal, and more troubling every day.
Facebook, Twitter Inc. , Foursquare, and the like deserve to be able to profit from the networks they’ve created. But Twitter and Foursquare at least don’t pretend to have any sort of privacy. While Twitter provides a private messaging capability, and the ability to restrict access to "tweets" to people we explicitly give permission to, there’s still the recognition that Twitter is like a soapbox in a very crowded square: When you get up and tweet, it’s out there for anyone and everyone to hear, record, and repeat.
Facebook, on the other hand, offers more nuanced privacy. But it has frequently changed the privacy terms of its service and seems to obfuscate privacy settings even more each time it does. And while many people just assume they have privacy on Facebook, the default settings for Facebook accounts are pretty much wide open. Facebook profits more from openness than privacy, so the company’s privacy policy pushes people toward being more public with each new feature.
In a conversation we had on the Marc Steiner Show recently, Zeynep Tufekci, assistant professor of sociology at the University of Maryland, Baltimore County, contended that access to social networks has become a right. Because social networks have become so essential to how we live our lives, she contended, access to them shouldn’t be paid for with a sacrifice of privacy.
I don’t know that I would go as far as to say access to Facebook is a right. But I would agree that social networks have to do a better job of protecting privacy by default and that privacy rights online need broader protection. This is especially true as we start to put more and more of our personal data into the cloud.
What protections, if any, are providers of cloud-based backup, email, data storage, and document creation apps required to provide users? Right now, not much. And as the ACLU’s Jay Stanley pointed out in the Steiner Show conversation, the "Third Party Doctrine" that has been applied to privacy rights under the Fourth Amendment can be used by the government, and potentially others, to justify exposing personal information.
As Stanley wrote in a blog for the ACLU, when financial data held by a person’s bank or medical data held by a doctor is exposed to a " ‘third party,’… you are deemed to have ‘given it up’ and it is therefore stripped of Fourth Amendment protection."
While the US Supreme Court has recognized that telephone conversations are protected by the Fourth Amendment (although the court didn’t get around to that until 1967), the Third Party Doctrine means this: If you put personal information up in the cloud, unless you’ve got specific protections spelled out as part of your terms of service, you can assume that personal information is fair game.
And that has to change. As we move into a world where more and more of our interactions are virtual, and the definition of what "home" is for our personal data changes, there have to be some significant adjustments to guarantees of privacy online.
Unless there’s a legal or regulatory compulsion to provide privacy, it’s unlikely that companies like Facebook will provide by-default protection of private information, because it runs contrary to their business plans.