Bruce Schneier is the founder of Counterpane Security and writes extensively about all manner of security issues. Last night after posting Privacy Calls I read an article he wrote last month titled Facebook and Data Control, about September’s Facebook news feed controversy (mentioned on my blog post Losing Face(book)?). He makes the point that information privacy–the privacy of the “bits of ourselves we leave at every step“–is about “who you choose to disclose information to, how, and for what purpose.” “People are willing to share all types of information,” he says, “as long as they are in control.” Facebook’s mistake was rolling out its news feed feature, by which Facebook users receive “news” about their friends (“Amy Lee and Jason Smith are now friends” “Marty Fisher joined the group I Wish I Lived in Phoenix“) when they log on, with the default choice being that all changes to a user’s profile were fodder for news feeds. Users protested swiftly and Facebook changed the feature to allow users to choose the information they share. They can, for example, let their friends know automatically when they add a friend but opt out of sharing changes in relationship status.
Those details have little value by themselves. I could choose to execute the transaction in manner that leaves no data bits behind by purchasing the book for cash at a local bookseller. That takes more time and I don’t get the frequent flyer points. I opt for convenience and in exchange relinquish practical control over transactional details to others for whom they have value. They may not have value individually, but they acquire value when aggregated with other transactions by zip code or age or sex or income or education or tv-watching habits or other attributes. The digital processing of transactions, the sheer volume of information that can be collected from the tracks we leave on the Internet, the low cost of creating and maintaining databases, all make such personal data incredibly valuable–to those who collect it, sell it, and use it.
I’ll finish on the same note as the previous post, with Schneier’s words: “if [Facebook users] think they have control over their data, they’re only deluding themselves.”