So I hear there’s this website called “The Facebook” that is really popular with the kids these days, and I decided to check it out…
Kidding, kidding. Of course I know what Facebook is. I’ve just been choosing not to participate. The whole “social networking” thing doesn’t offer me anything I want that I can’t already do through e-mail or by building websites. (I recognize that I am atypical in this regard).
I actually tried out Facebook back when it was university-students-only. I built a profile, linked it to my friends, and then said “Well, now what? I guess I’m done.” And I never went back. Eventually I deleted my profile, just to avoid spreading outdated information about myself.
Of course, Facebook now is not really the same application as Facebook in 2004. With over 350 million users (as many as Firefox), it forms a significant part of how many people experience the Internet, and as such it shapes their expectations for how web interfaces should look and feel, as well as how their real-life relationships should be represented in software.
This was the argument given by many of my coworkers, who told me that I ought to at least try out the modern Facebook, so that I could better understand where many of our users are coming from.
So I went to Facebook and started creating an account. I entered my first and last name and email address, and Facebook showed me a page saying “We think these people might be your friends”. There were several dozen people there who I actually know, mixed in with several dozen who I don’t.
Wait a minute, How does Facebook know who my friends are?? Remember, I hadn’t told them anything except an email address at this point. I was disturbed by how much they knew about me. More than disturbed. I was freaked out.
Where did this information come from? From the old account that I deleted? Unlikely. I believe it came from my friends importing their email contacts into Facebook. My email address was in their contact lists, so Facebook looked it up in their database and, not finding me, stored a sort of “dangling pointer”. This pointer laid dormant until I entered a matching email address, at which point it sprang into action.
The part that disturbs me about all this is that Facebook had my email address in their database, without my knowledge or consent, despite my decision not to use their service.
And they had a lot more than my email address. They had pictures of me, uploaded by my friends and tagged with my name. They knew who my friends were. They knew what my friends liked. They knew more or less how I would fit into their social network. If they wanted to, they could deduce a lot of information about the person behind the email address. It would have been fairly trivial for them to figure out what school I went to, about how old I am, what political activities I have been involved in, and what advertisers would be most interested in reaching my demographic.
My friends did not ask my permission before giving Facebook all this information about me. Why would they? There is no UI warning, no legal terms, no moral or cultural expectation that they should do so. They just typed in their own email password and clicked “Find Friends”.
Facebook makes money through targeted advertising. They profit from the detailed information that they extract from their extensive social network database. I was part of that database despite my choice not to participate. It’s not too much of a stretch to say that they have been profiting off of me, without my knowledge or consent, using information about me that was given away by my friends, again without my knowledge or consent.
I don’t think that Facebook as a company is doing anything unusual or exceptionally bad. This is pretty much standard practice in the industry. Facebook is in this position simply because they’re the social network with the biggest reach. I’d have the same concerns about any one company, no matter how seemingly benevolent, having this much information about people who chose not to participate (or rather, who thought they were choosing not to participate).
I want to be able to choose what information about myself I make available on the Internet. I want to be able to control how that information is used. And if I make a choice not to participate in an organization or do business with a company, then I don’t want that organization or company storing information about me.
Where do we draw the line between my right to control my data, and the right of other people to exchange information about me? The right of social network developers to innovate?
What do you think?
Not The User's Fault 
February 6, 2010 at 2:02 am
My cousin refuses to allow his picture to be taken, and the reason he gives is because he “wants to control” his picture. Now it seems like this sort of this is exactly why he does that. Oddly enough, he loves to use Facebook!
I also know some people that like to dress up in non-normal (but legal and without the abuse of substances) ways in their free time, and the only time they use Facebook is to remove their name from a tagged photograph because they feel uncomfortable with prospective employers seeing those pictures.
The other side is that most people really like using this service otherwise, so it seems a shame to not offer it to them because of these potential abuses.
When it comes down to it, it’s not categorically different than how things were years ago: there was always the chance that some reporter might’ve put a picture of you in the paper. There was a chance your boss might see you out in public.
What’s changed is the scope of privacy. It takes more work to be private now, but it’s manageable. You simply have to be aware: actively make sure your friends aren’t putting photos online that you don’t want online. Join Facebook and other sites so you can see if someone tied a picture to your name. Let people you give a private email address to know that the address is private. Your friends should know not to try and find you on Facebook by entering your cell phone number; they should know not to find you by entering your private email address.
February 6, 2010 at 2:04 am
I think you are a bit overreacting. Most likely there is already more information about you (and me, and most of us) “out there” on the Internet. What Facebook did was merely cross reference it, organize it, and make it easily accessible. It’s not about the availability of information, it’s about how easily it can be accessed and analysed.
I’ve lived in a country which has legislation to make information about citizens difficult to access even to public authorities, and in my opinion this lead to nothing but a lot of money wasted and less effective operation. And I lived in a country where I can manage everything from student loans through taxes to health insurance in a central government website. E.g. when moving, one has to register the address change only once, and all relevant organizations would be automatically notified (bank, school, post, etc.) Even the tax records are publicly accessible by anyone, which, I have no doubt, would freak out any American to no end. Yet I find this system much more efficient and convenient.
You actually do have a point, however, if you had said, “I want to have the right to control who may or may not know my e-mail address”, that would be so incredibly ridiculous for so many reasons … the difference is that Facebook knew not only your e-mail address, but also which other people has that address too.
Still, transparency in a society is not necessarily a bad thing. Being aware that out lives become more and more transparent does create a pressure, but it’s a pressure that betters.
My feelings about the whole issue are somewhat mixed, but I tend to lean towards what Eric Schmidt said, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”
And now, ironically, I’ll simply sign this as:
– an anonymous stranger 😉
February 6, 2010 at 3:21 am
There are two possibilities. You own ‘your data’ as defined as ‘data that involves information that you identify yourself as’ or you do not own ‘your data’.
Remember that.
February 6, 2010 at 3:27 am
Hell is other people. –Sartre
It freaks me out too, but it isn’t possible to opt out completely because, as you’ve said it in the text, people who have information on us, ie our friends, can share it. And they usualy don’t even think that might be a wrong thing to do, either because of real danger (employers seeing your drunk images), or due to your own choice not to share it.
The best thing we can to is to educate of dangers of new technology. People enbrace it massively because it is accessible and easy to use, and think about consequences later, when something bad happens. But, that’s the way people learn: by trials and misses.
February 6, 2010 at 4:01 am
I’m more worried about a friend posting something risque on my Wall and having my grandma see it. I couldn’t care less what corporations know about me. I’m not going to buy their crap anyway. I’m worried about what my family knows about me.
February 6, 2010 at 8:09 am
At least in the European Union storing e-mail addresses of non-users is quite likely to be illegal. I think there are already some consumer protection groups after it, threatening to sue them if they do not comply with EU regulations.
February 6, 2010 at 10:46 am
Facebook is a social networking *site*. To opt out, you would need to opt of the social network. Think witness protection, where you’re not even allowed to speak to your loved ones incase they give information about you away.
Whether you like it or not, there is information about you everywhere and has been for a long time. The only difference is that where previously you might have had to hire a private investigator to find that information, it is now readily accessible online.
February 6, 2010 at 12:15 pm
«The only difference is that where previously you might have had to hire a private investigator to find that information, it is now readily accessible online.» (Ian Thomas, comment 6)
Yes, and not only via social networks (Facebook and others). The first time I tried Googling my (not very common) family name, I was surprised about how much information was in there about family members, even about my great-aunt who died decades before the Internet was a household word.
February 6, 2010 at 5:26 pm
The fact remains, there is no safe harbor for information on the Internet.
Every piece of information you enter into your web browser is no longer private, no matter how many logins, secure-socket layers, encryption algorithms and privacy statements you go through.
Whilst it may not be 100% true, it is unreasonable to believe otherwise: EVERYTHING on the Internet IS or WILL BECOME public.
Facebook is one of the thousands of websites that collects information about their users (through cookies, social references, email addresses, URLs, etc, etc) and their users’ connections to others, as well as those other people and their connections and so-on.
Facebook themselves have a Privacy Policy that is defined to every user that uses their website, and it DOES state that you are able to remove your email from their database “entirely”: http://www.facebook.com/help/contact.php?show_form=database_removal
February 6, 2010 at 6:05 pm
One nasty thing though is that there’s no warning whatsoever that they are going to archive my complete address book (and not just use it one single time) when using the ‘find friends’ feature.
February 6, 2010 at 7:33 pm
You might be interested in what researcher danah boyd has to say about this kind of stuff: http://www.zephoria.org/thoughts/archives/2010/01/16/facebooks_move.html
I think people who say “privacy is dead” and “if you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place” completely miss the complexity of the situation.
February 6, 2010 at 10:47 pm
Hi!
not sure about american legislation, but in austria, which is a quite liberal country it is prohibited to publish any private information in any media. This certainly also includes pictures of yourself in your private life. This must even be obeyed for celebrities – consider that! So no pics of Film stars of their private life. Of course this is often not respected by the boulevard press, but at least, you have the right of privacy, and you can sue people who violate these rights.
I pretty much like this privacy protection, even though i think you always should stand to yourself. Still i consider privacy a very important thing, that has to be protected, and not abused in any kind.
Why is there no option in the facebook privacy settings to prohibit others of tagging you in pictures you didn‘t even put online yourself?! Is that even legal in any country?! I am really sick of this big brother shit – privacy IS dead!
what do you think?
February 6, 2010 at 11:09 pm
Like you, I’ve opted out of a Facebook account but I’ve wondered if I should at least learn about it for professional reasons, so your post caught my attention. I hope you’ll report on your impressions of it as an application.
It’s a little absurd to say, ‘the information was always available; there’s really no difference because it’s more easily available’. First, disparaging the value of accessibility and discoverability is a little odd for software developers. Second, it ignores the value of technology; it’s like saying:
“You could always travel NY to Los Angeles; the fact that you once had to do it by horse and now can do it by plane, really hasn’t changed anything.” But it has.
February 7, 2010 at 7:37 pm
If one understands the meaning and context of the term Traffic Analysis, one has a greater understanding of why a suspected war criminal like Cheney wants to know everything about what everyone else is doing and have everyone else know nothing about Cheney is doing.
Traffic Analysis also helps explain why social networking companies attract spies like flies.
Big Brother is profitable!
February 7, 2010 at 7:54 pm
Those features for pulling contacts from one’s email address book are actually a nuisance, since they’ve no idea which contacts are actually friends – they’re as likely to be some stranger you once emailed.
Or worse, a mailing list. On the various lists I subscribe to, we regularly get messages from the networking sites to say “so-and-so is a friend of yours on Facebook”…
February 7, 2010 at 8:40 pm
[…] full post on Hacker News If you enjoyed this article, please consider sharing it! Tagged with: networking […]
February 7, 2010 at 9:06 pm
I received two “Check out my photos on Facebook” emails, each to a different email address. I don’t have an account, although I did delete an account before. I was shocked to see the “Do you know?” images plastered all over the email. There is an opt-out button, which I followed for each email. Hopefully it will do the trick, but I have other email addresses and I’d like to be able to pre-emptively opt-out for them too.
February 7, 2010 at 9:30 pm
hey Andrew Bestic
i totally agree with you ,,
we are in 2010 man ! everyone is famouse in 5 minutes in internet lol .
but in the end there’s no privacy at all on internet so we have to be carefull from the begaining .
February 7, 2010 at 9:42 pm
Interesting points you raise here although I doubt Facebook did anything untoward in getting your information.
Facebook (new) actually doesn’t “allow” you to simply delete your account. In fact anyone that has tried to do this will tell you it’s damn near impossible. Now THAT’S something to be concerned about. My guess is that Facebook had your old data on file and simply used that, because I said before – they never fully allow you to delete your account. It”s simply “frozen”.
Is that legal?
February 7, 2010 at 10:37 pm
One thing I want from Facebook is to hide my list of contacts, even with the people I currently have as friends. I think until Facebook allows this I will not use it. I keep in contact with people i am actually friends with via other methods.
February 8, 2010 at 12:35 am
Haven’t used the facebook application platform previously (not extensively, but enough to have read a fair bit of the docs), I think it’s worthwhile to point out that facebook (according to them anyways) does *not* store e-mail addresses it retrieves from users sharing their contact lists.
What they store is a (rather weak) hash of the e-mail address, so that it’s possible to check if an existing e-mail is already connected to a facebook account, without actually sending that address in the clear. In the same sense, when you gave them your e-mail, it’s trivial for them to hash it and see if it matches the e-mail in an existing contact list.
Of course, it’s conceivable that they are actually storing the plaintext e-mail address somewhere, and no matter how unlikely it is, we won’t know until they open source the code. (and of course we still won’t know if the source they released is what they actually run, etc. etc.)
Privacy _is_ mortally wounded, and unfortunately, the mainstream is getting concerned enough with the idea that we will probably end up with a locked down closed-source TCPA policed world sooner rather than later
February 8, 2010 at 12:37 am
sorry, that should say “having used” not “haven’t used”
February 8, 2010 at 1:48 am
Well, Samantha (comment #19), I suppose you could maybe have them delete your account if you: (1) send them a cease-and-desist letter by registered postage with acknowledgement-of-receipt; (2) one month later, have your lawyer send another one; (3) again one month later, request (then obtain) a court order from the court competent in these matters for the jurisdiction where Facebook is seated, ordering them to remove the account (including all backup traces) and prove that they did, or else pay you a stiff /per diem/ amount of damages as long as they don’t… but who would go to that much trouble just to have one’s account “really” removed? 😀 (This said, IANALNDIP1OTV, so no guarantee 😉 )
February 8, 2010 at 5:22 am
I think that our choices of sharing/exposing or not disclosing are only part of what our web life should be and are not today, and not just on Facebook – Gogle, our profiles at different providers…. I believe that there must be a paradigm shift to a web where we, users are the center, with thw hell in our hands and as a conscious and equal part of what is being woven around us for others’ profits. It’s up to us – I write about privacy, trust and new paradigms in http://www.icentered.com and invite you to join the conversation
February 8, 2010 at 6:26 am
I also opted out of Facebook but for different reasons. I found their creation of the “format” through which my socializing would take place to be insidious. It’s like someone saying, “You’re going to have friends, here’s I nice room for you to meet your friends, here’s the refreshments and entertainment, we’ll just sit in the corner and see if you say something we could use.” I want to meet my friends in my room, with my refreshments and my entertainment, thank you. All that being said I use LinkeIn, why? Because it’s focused and designed for a particular purpose and serves it fairly well.
February 8, 2010 at 8:41 am
Without reading one comments.
Isn’t it a fact, that your friends talk about you without you knowing that they talk about you!? How drunk you were last night. How bad you danced. And that they tried to hook you up with a nice girl and you blew it by talking about how MSFT of today is the IBM of the 80’s!
This is life.
But it is actually scary that they have +X e-mails more because some let scoop Facebook in their address book.
February 8, 2010 at 11:43 am
“I want to be able to choose what information about myself I make available on the Internet. I want to be able to control how that information is used.”
This is illusion. You have never been control of data involving you. Just look at rumors and other tendencies of human behavior of spreading (dis/)information that you cannot have control over. Social networks are no different (except data gets spread around more quickly)
“Where do we draw the line between my right to control my data, and the right of other people to exchange information about me?”
There is no line to be drawn. People exchange information and you cannot control that except in Orwell’s 1984
February 8, 2010 at 2:37 pm
[…] Is it possible to opt out of social networking? (jonoscript.wordpress.com) […]
February 8, 2010 at 3:15 pm
Its far worse: try signing up with totally wrong information (fake name, junkmail account). If someone in your house or office has been using Facebook, you will be presented their contacts when you sign up.
Apparently the look up users who signed in from that IP in the past. Very invasive and reason enough for me to never make an account there.
February 8, 2010 at 7:45 pm
I agree with Tattoo, there is no such thing as controlling the dialog. Maybe there never was, but certainly not now.
This is particularly true of institutions, but also of individuals.
What we are in control over is whether or not we participate in the dialog, and if so – how.
February 8, 2010 at 8:37 pm
Its pretty simple; friends of yours have imported their address books into Facebook from GMail, HotMail, etc. and you were in those address book entries; this is how they found out what friend associations to start you off with. Simple as that; not something to get too worked up about but something that does definitely point to who your closer contacts might, in fact, be.
February 8, 2010 at 10:08 pm
Jono:
I had my account deleted. It is like Orwell’s worst nightmare except that people are providing all of the surveillance information willingly right into a black hole they have no control over.
There should be a way for you to own your own identity and do “social networking” in an anonymous, encrypted fashion. But that kills any data-mined advertising business model.
February 9, 2010 at 1:01 am
[…] Is it possible to opt out of social networking? Mozilla employee Jono DiCarlo explains his efforts to avoid social networking, and the long arm of Facebook. [Not The User's Fault] […]
February 9, 2010 at 1:01 am
[…] Is it possible to opt out of social networking? Mozilla employee Jono DiCarlo explains his efforts to avoid social networking, and the long arm of Facebook. [Not The User's Fault] […]
February 9, 2010 at 2:32 am
[…] Is it possible to opt out of social networking? Mozilla employee Jono DiCarlo explains his efforts to avoid social networking, and the long arm of Facebook. [Not The User's Fault] […]
February 9, 2010 at 2:35 am
You know, it’s really too bad, because I *want* to like Eric Schmidt…but I just can’t agree with his stance on “if you don’t want people to know about it, maybe you shouldn’t be doing it.”
Let’s use a very vanilla non-internet example. I have sex with my husband. This is hardly unexpected in married couples; people are likely to assume it’s what we’re doing…but that doesn’t mean that I am interested in sharing details, photos, or video. It’s *private*. I don’t want people to know about it without my consent. Yet I certainly SHOULD be doing it!
There’s a lot of what I do that is no one’s business but my own, and it dismays me how many people have access to it already. There’s nothing I do that I shouldn’t be doing, but plenty that I do not want other people to know without my consent.
February 9, 2010 at 4:21 am
[…] Is it possible to opt out of social networking? Mozilla employee Jono DiCarlo explains his efforts to avoid social networking, and the long arm of Facebook. [Not The User's Fault] […]
February 9, 2010 at 4:30 am
At the events I go to, I bring my camera. I would rather be behind the camera than in front of one. I do not use Facebook or any other social media website, but I may need to try like you did to see what people have tagged my email account…
February 9, 2010 at 6:09 am
[…] Is it possible to opt out of social networking? From the comments: “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”—Eric E. Schmidt. […]
February 9, 2010 at 7:05 am
I agree completely. I am not one facebook and will never join. But there are picture of me (Thankfully none of them tagged with my full name) My name in other places, and links to my site (Some of which I knew about, some of which I didn’t)
Its creepy. Really really creepy. I had an album of photos I took from a trip, gave to other people who went, which they uploaded. Got no problem with that, except that idiot tagged the entire album with my full name. Now theres 200+ references of my on there, they got probably 50 of my friends, my email and the url where i hosted the photos.
I yelled and bitched until it was removed. But I’m sure facebook still remembers all that info, not helping me any.
so Fuck facebook!
February 9, 2010 at 2:15 pm
I’m old fashioned, I guess. I like to see my friends for outings, for dinner, for the things friends do together. Sometimes I phone them and sometimes I email them. I don’t understand the enthusiasm for “social networking”. I don’t Facebook, I don’t Twitter. Nor do I respond to invites to do same.
I hate Eric Schmidt’s idiocy. It implies one must be a child molester or something of equal evil to want/need a little privacy. I don’t have to be committing a crime or be engaged in a an immoral act to want to keep an activity to myself – and/or whoever I am committing said act with.
February 9, 2010 at 10:53 pm
“Whether you like it or not, there is information about you everywhere and has been for a long time. The only difference is that where previously you might have had to hire a private investigator to find that information, it is now readily accessible online.”
Well its that very increasing of the ease and ubiquity of the access that is the problem. Remember the Californiai legal case closing down DMV records because a woman was stalked and killed by a man who got her address from the DMV/Driver’s license records? If you think everyone who wants information on you will always have your best interests at heart, then you are naive.
February 10, 2010 at 2:54 am
You have to go into something like Facebook with the attitide that, no matter what you try to do to get yourself deleted/cleared/removed, it’s never gonna happen. We are in a digital world now where our every digital utterance (including this one) will last, somewhere, forever.
February 10, 2010 at 5:08 am
[…] Is it possible to opt out of social networking? (jonoscript.wordpress.com) […]
February 15, 2010 at 3:23 pm
[…] Is It Possible to Opt-Out of Social Networking? – Not The User’s Fault […]
February 20, 2010 at 8:13 am
[…] | Tags: google, privacy, social networking | Leave a Comment In a recent post, I wondered whether it’s possible to opt out of social networking given that your friends might be entering your email address into Facebook’s database without […]
February 21, 2010 at 5:20 pm
i think facebook now have improved user privacy, it depends on our setting “to show or not to show”
January 19, 2011 at 9:58 am
facebook has just updated their profiles but recently it appears it can be hacked pretty easy. Just a sign of the times i guess.