Whose Data Is It, Anyway?

Bruce Schneier is the founder of Counterpane Security and writes extensively about all manner of security issues. Last night after posting Privacy Calls I read an article he wrote last month titled Facebook and Data Control, about September’s Facebook news feed controversy (mentioned on my blog post Losing Face(book)?). He makes the point that information privacy–the privacy of the “bits of ourselves we leave at every step“–is about “who you choose to disclose information to, how, and for what purpose.” “People are willing to share all types of information,” he says, “as long as they are in control.” Facebook’s mistake was rolling out its news feed feature, by which Facebook users receive “news” about their friends (“Amy Lee and Jason Smith are now friends” “Marty Fisher joined the group I Wish I Lived in Phoenix“) when they log on, with the default choice being that all changes to a user’s profile were fodder for news feeds. Users protested swiftly and Facebook changed the feature to allow users to choose the information they share. They can, for example, let their friends know automatically when they add a friend but opt out of sharing changes in relationship status.

Schneier points out that Facebook’s privacy policy allows it to change the policy whenever it wants. Facebook states that it collects certain “personal data [users] knowingly choose to disclose . . . and website use information collected by us as [users] interact with our web site.” Facebook Privacy Policy, The Information We Collect. The inherent issue in my Privacy Calls post, which Schneier states explicitly, is that we believe we own their personal information, our transactional data. Say I purchase Schneier’s book Beyond Fear from Amazon.com with my credit card and have it shipped by FedEx to my home. I initiated and executed the transaction and seemingly should have control its details, but I don’t.

Those details have little value by themselves. I could choose to execute the transaction in manner that leaves no data bits behind by purchasing the book for cash at a local bookseller. That takes more time and I don’t get the frequent flyer points. I opt for convenience and in exchange relinquish practical control over transactional details to others for whom they have value. They may not have value individually, but they acquire value when aggregated with other transactions by zip code or age or sex or income or education or tv-watching habits or other attributes. The digital processing of transactions, the sheer volume of information that can be collected from the tracks we leave on the Internet, the low cost of creating and maintaining databases, all make such personal data incredibly valuable–to those who collect it, sell it, and use it.

I’ll finish on the same note as the previous post, with Schneier’s words:  “if [Facebook users] think they have control over their data, they’re only deluding themselves.”

2 thoughts on “Whose Data Is It, Anyway?”

  1. I, too, was one of those people shocked by the way Facebook displayed our personal details for all friends to see in the News Feed and the Mini-Stories on our Profile Page. I quickly emailed them with my frustration and concern, and changed the privacy settings to hide all of my information from the News Feed. Yet, taking a step back, you realize that all information in the News Feed was on your profile in the first place, and the only people seeing it are your friends, so what is the immediate concern? We think it is “creepy” for us to see that our best friend Jane has just become Facebook friends with a guy named John, whom we do not know personally. But in reality, if John was someone important to Jane, she would immediately tell us about him in the next phone call. If she didn’t, it was just another friendship formed based on being in the same writing class. I think Facebook is similar to online credit card transactions in the way that it provides convenience. We put our birthday on our profile, and when we see that 85 people posted “Happy Birthday” on our wall, we are happy that people remembered. But honestly, how many people besides close friends and family would have remembered if there hadn’t been that convenient, sly reminder on our home page telling us that someone’s birthday was today? Most of us do not think to change the setting of our profile so that it not be seen by the other thousands of people that go to the same school as ourselves. So with the click of a button, a fellow student can find out where we live and what flavor of ice cream we like. We need to take the website for what it is and understand that we really don’t have total control over the information we share. It sounds cynical, but it is the reality of Facebook.

Leave a Reply

Your email address will not be published. Required fields are marked *