Tag Archives: Privacy

Dear Facebook, It’s not me, It’s you

Posted on by

I’ll go ahead and admit that I never “got” Facebook. I mean, I have an account, technically my second, but it largely languished, receiving snippets of content from my RSS and Twitter feeds. I never really cared if I was a ninja or a pirate, or for playing scrabble, or joining groups to show ironic allegiance to myriad infomercial products. But while I didn’t, numerous others did, causing the service to gain new users at upwards of a million people per week. I used to think that my issues with Facebook were my own, that was until recent events changed my mind. Beacon, deactivating instead of deleting, and now the ToS. Facebook just doesn’t seem to understand the internet.

An Honest Attempt

I first joined Facebook in 2005. I was going through my second attempt at college as an outsider in a school where everyone knew everyone else. The service, which was barely a year old, had already exploded across college campuses, with current and former students still being the only ones allowed to join and long before the dawn of the Facebook API. At the time, Facebook was simply a closed, visually generic version of MySpace. That every profile was the same seemed to force the ability to differentiate (the real use social networks isn’t to connect, but rather to stand out) not on horrendously designed profiles, but rather on the content in those profiles.

I was okay with that. I slowly started populating my Facebook profile. I searched for other friends be they online or off, and did what I could to connect with them. I uploaded a few photos of my apartment. I scribbled a few notes. And then I was done. I didn’t generate enough content to actually make going to the site worthwhile. The bulk of my good stuff ended up here, on my website. Or on Flickr. Or on another site that did the myriad little things that Facebook tried to do, but you know, did them well. So, for the first two years or so that I was on the site, my profile largely languished.

You'll use the internet his way

You'll use the internet his way

And then the news of Beacon hit

Despite the plethora of data that Facebook connects from users, Facebook still has no means of actually generating a profit. Yes, they do run advertisements, and yes, they can target exactly whom they show those adverts to by frighteningly precise demographics. But, this hasn’t helped them make anything close to a profit as Facebook has some of the lowest click-thru rates of any service on the internet.

In Zuckerberg’s attempt to milk his idea for a profit, he decided to team up with numerous online shops, turning purchases that users made into implied endorsements. To accomplish that, an item purchased from eBay would appear in a user’s feed with an implied endorsement.

Or Fandago. Or Travelocity. Or Blockbuster. Or numerous other services. The new advertising scheme was called “Beacon”.

The outrage was quick and deserved. Why? For a few reasons. One, Facebook didn’t notify users in a clear and timely manner that they were going to use this service. The service, which was launched in November of 2007, was suddenly broadcasting potential Christmas presents to friends and family on Facebook.

Second, Beacon was opt-out, not opt-in. This is a major no-no online, and something that the Facebook people should have perhaps realized. But, the arrogance of the service assumed that everyone would want this, in much the same manner as it assumed everyone would want to use the same generic profile.

And finally, Facebook committed the largest social faux pas of all, it lied about the service. Facebook gave misleading information about Beacon not only to partnering sites, but also news organizations.

But you can’t quit

I, like many other users, decided that this was enough. Even though Facebook backpedaled on Beacon rather quickly, they didn’t quite backpedal far enough. Yes, Facebook made Beacon opt-in, but they only made the publishing of results as optional. Whenever you made a purchase from any of their partner sites, Facebook still knew. And they likely still do. I decided to try and quit. At the time, Facebook wouldn’t actually let you quit the service. They would simply deactivate your account. Their logic was eventually, you’d want to come back, and when you did, all of your content should still be there.

From Facebook’s point of view it made sense. Why? Because their terms of service claimed full copyright over everything you submitted until you deleted your account. If you couldn’t delete your account, they were free to use all of your materials in any way they saw fit, forever. It was a win-win for Facebook.

The first blogging example of this hit the ‘sphere in July of 2007, causing a general uproar. So much of an uproar that the New York Times ran an article about it in February of 2008, right on the heels of the Beacon Fiasco. I know because I was one of the people trying to quit at the time. After the Times article, Facebook made it easier to leave.

A smarter return

Several months later, I was working on a startup idea and decided to try and use Facebook to try and give it legs. This time, however, I was determined to play things smarter. Because Facebook had engaged in dubious acts in the past, I used an email unassociated with any other online activity. I uploaded only a single photo, and didn’t give Facebook any original content. Just for fun, I would occasionally pump in gobs of bogus status updates to make myself a non-desirable marketing target. I was too vague, going in too many directions at once.

And so, my account largely languished, as I mentioned in the introduction. But, many of my friends and family and countless strangers saw the ease of centralization and filled up Facebook with blog posts, photos, and videos. At the time, they were rather safe in doing so. While your content was on Facebook, the service technically held total copyright control over them. But, you could regain control over your baby photos simply by deleting your content. A bit severe, but still a manageable out.

Fool me once

Or it was, until February 4th of this year, when Facebook plugged that out by removing a few lines from their Terms of Service statement, the binding legal contract that users agree to when they join, specifically the lines that say that deleting your work terminates their license to it. Furthermore, the termination section of that same statement now says that even if your account is removed, they still claim the same “irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense)”.

Reality Check

For most people, this probably won’t be a deal breaker. For most people, allowing Facebook to use their photos in advertising is a rather fair trade off in exchange for free hosting. But for others, it’s it’s the end. For me, this is Facebook’s third strike. I’ve personally unhooked all of my info that fed into my account, removed Facebook Connect from the comments on this site, and took the Facebook app off of my phone. It’s not a breakup, it’s a starvation.

Yes, it seems that Facebook really doesn’t understand the Internet, at least not like I do. Users want empowerment, not enslavement. We want transparency, not obfuscation. After well more than a decade online, I realized it’s not me that doesn’t understand Facebook, it’s Facebook that doesn’t understand the Internet.

Privacy and Online Rights – The Current State

Posted on by

As mentioned earlier, I’ve postulated that the YouTube comment might just be the lowest form of the written word. This tragic genre often lacks any sort of tact, substance, or quality, transforming it into the written version of the racist and homophobic rants that linger across headsets of Xbox Live games. While YouTube took a hint from an XKCD comic and instituted an audio playback feature, I think that a specialized version of the Miranda Rights might be more fitting.

“anything that you say can be used against you”

As the internet has moved into the much clichéd Web 2.0, it has become more social. Blogging, microblogging, podcasts, and videocasts have joined the more traditional bulletin boards, personal websites, and online publication to turn the internet into a giant conversation. As users become people, there seems to be an expectation of privacy attached to this new internet experience, as if the internet were simply a virtual café, and those of us online are simply engaging in a long, drawn-out, pub-chat. This analogy falls flat, however, when examined. The primary tenants of a pub-chats – relative anonymity, temporariness, and general privacy – are all lacking when it comes to the new, social internet.

No One in Anonymous

This fact most often comes up in court, which can recently be portrayed via the social engineering of Sarah Palin’s Yahoo email password and the apropos guilty plea of a member of the loose-group Anonymous. Both of these individuals performed questionable deeds online – one the invasion of a private email account, the other a DoS attack on a Church of Scientology websites – but this does not mean that speech said online should be considered anymore untraceable. The same techniques uses to unmask these two individuals can easily be used to determine who, exactly, said what online. This differs greatly from a bar or public place, where identification is usually left to the inexact science of physical identification.

Yes, there are ways to mask one’s identity online. Proxy servers do a fairly good job of masking an IP address, and using multiple proxies is a good method to add layers to the obfuscation of one’s identity. However, ask David Kernell how well the proxy stopped the FBI from discovering his identity. The fact is, simply, that if what you say is severe enough, you can be found.

Nothing is Temporary

Conversations in public, unless recorded, have the luxury of dying into the memories of those involved shortly after the conversation ends. Conversations on the internet, be it on a message board, blog comments, or even the microblogging service Twitter, do not bear this luxury. Once something is published online it is, for all intents and purposes, permanent. Yes, blog posts and twitter messages can easily be deleted, but this deletion only takes place on the server where the content was originally posted. The computers of those who have visited the page and not deleted their cache, the cache servers at search engines, scraper sites, and the Way Back Machine at the Internet Archive all potentially have copies of the exact words, and the ability to influence these machines often falls outside of the power of the average users.

Little is Truly Private

Security-minded personal have a short phrase: security through obscurity – a quick way of saying that merely because something isn’t popular today, doesn’t mean that security flaws do not exist. These flaws merely haven’t been capitalized on yet. The same can be said about online content, no matter where it is posted. If politics and Andy Warhol has taught us anything, everything can become popular, famous, or infamous for very little reason and seemingly without warning. Don’t believe me? A week ago you didn’t know who Joe the Plummer was, nor did you know that he have a tax lien or two against him. The power of the modern search engine, as well as social news aggregation, means that the next big story is constantly being searched for, hunted down and waiting for exposure.

How to Handle Online Privacy

Yeah...like that

Yeah...like that

An educational test used in an attempt to combat peer pressure is to ask a simple question before performing an act: would I want this published on the front page of the newspaper? Refitting that adage for the internet age: how do I feel now that what I just said is appearing on the front page of a newspaper? Put bluntly, assume no privacy when posting online.

Information posted online, no matter how distributed or obscure, should be considered as done on the record. Yes, as in the newspaper “On the Record.” Why? Because it is. At least it is today. The internet is not a pub-chat. It is not a meeting between friends. It’s a giant, interconnected document in which we are all a part of writing. And it’s here for good.

Of course, this is just the current state. The internet will change, and I’ll get into the why and how in the future.

Chrome – Follow Up (Updated)

Posted on by

Following up on yesterday’s article regarding Google Chrome, a couple of brief pieces of news have broken.

First, it appears that Google’s EULA (End User License Agreement) for Chrome was more permissive than perhaps even legally enforceable. Google was quick to issue a retraction, stating that the EULA was copied from another application and would be retroactively corrected. What caught people’s attention? Google was claiming eternal copyright over everything that was displayed on Chrome.

I think that would be a little frightening. Check out the Ars Technica article here.

Second, and one that certainly ranks higher on the meter-o-creepy, is the one that everyone suspected all along – there is no free ride. Ina Fried over at cnet’s Beyond Binary, got word from Google that they’re keeping about 2% of the information generated by the Omnibar, including an IP address so that you can potentially be identifiable. The EFF didn’t like this to terribly much, but feels that Incognito is a step in the right direction.

Looks like my assertion that Incognito is really only there to hide from the Omnibar was a little more true than I had intended.

[T]hese privacy features simply mean that porn and similar sites won’t show up in your Omnibar / Awesome Bar / Smart Address bar. These built in privacy features aren’t so much about privacy as they are about protecting you from accidentally exposing something you might otherwise be ashamed of should your significant other happen to open a new tab.

And finally an oldie, but a goodie.

Epic 2015.
Epic 2014, for which this video is an update, was released around the time of the last political election and gave me (as I was in the process of getting my journalism degree at the time) a generally creepy feeling about the future of journalism. With the advent of Chrome, and thus that much more ground gained into the connected, global mind, I think we need ourselves an Epic 2018.

Update

Google has amended their EULA for Chrome. The offending section, 11, now reads:

11. Content license from you
11.1 You retain copyright and any other rights you already hold in Content which you submit, post or display on or through, the Services.

Read the blog post about it here.