Monday, April 2, 2012

Privacy Matters

The recent hubbub about the iPhone app Girls Around Me has me thinking a bit more than usual about privacy, and about what it means in the real world.

There's been some fear mongering about it, and some statements that it represents the future. In the latter camp I even saw an article by someone from Forbes in which she claimed that perhaps the people with open profiles on Facebook and open access to their FourSquare data chose to set things up that way.

Really?

Here in the USA, where people cannot name their elected officials with any regularity, where evolution is not a fact, and where we care a lot more about American Idol than we do about the real questions facing us, do you really want to suggest that the average person has a clue what their privacy settings really are in Facebook, FourSquare, Twitter, and who knows how many other systems?

I wouldn't make that claim.

I'm a software engineer, and I can assure you that the privacy settings on Facebook are hard to find, default to the wrong values, and are very often difficult to understand in any depth.  I assume FourSquare is similar, though I have to admit that the very idea of checking in and announcing my presence away from my home seems crazy.  It's an invitation to a robbery, at the very least, so I have never signed up.

But let's run with that theory.  Perhaps some of the women who showed up on Girls Around Me really did want to announce their presence in that way, and perhaps most of the people using that app weren't rapists, muggers, and so on.  That's fine, and it might be true, but stop and think about your friends list for a bit.

I suspect most Facebook users have friended individuals they barely know, or don't know at all.  Are the people checking into places being certain to navigate Facebook's fiendishly complex privacy settings so that only friends they actually know and trust are seeing their location?  I seriously doubt it.

Geolocation data has a whole slew of downsides when applied on a personal level.  There is, I will admit, some upside to this data when properly controlled, but what we are seeing with Girls Around Me - and any number of current or future apps that do similar things - is the use of that data in ways that many aren't comfortable with.  (And don't even get some of my more reactionary friends talking about the dangers of geolocation data in the hands of the government.  No, really... don't go there.)  More interesting, to me anyway, is that most of us have no idea the data we give to Facebook and other services can be used like that.  If we could control our data more easily, this would be a non issue.

And in my opinion, it is the fact that control of our own data is so hard that is really the problem.  To pick on Facebook - because they are an easy target, though they are far from the only offender - your profile should default to being visible to friends only.  You should have to make individual bits of profile data public one at a time, and geolocation data should never be shared publicly.

If I ran the zoo, when you friended someone in Facebook (or any other service) you would have to assign a level of trust to each person, and if you didn't pick something different the default would be "no trust".  People you don't trust get very little in the way of data from you, including almost nothing personally identifiable. With just a few levels of trust, you could get all the way to your spouse and/or anyone else you would give a blank, signed check to.  And levels of trust would be used when posting your status or checking in, defaulting to only the most trusted group every time, but letting you broaden the recipients as needed (by allowing less trusted people to see the post).

In a nutshell, these systems should default closed - to avoid unexpected sharing - but allow broader sharing when the user specifically chooses to do so.

In general, people don't think about privacy and consequences when they post.  The vast majority of the time they don't even bother worrying about who should see a post, which is why we have so many stories about bosses and employees sharing inappropriately on Facebook and elsewhere.  Given that, claiming that many people want to be as exposed as Girls Around Me makes them doesn't seem right.  I'd bet most of the people who were that exposed would react negatively to finding out just what they were subjecting themselves to.

If the author of the Forbes piece wants to make herself available publicly, that's fine, and the various platforms are welcome to support that.  But it should always be a conscious choice with every post to make that kind of information available, never the default.  That's were the current systems get the design wrong.