I am not wandering the streets of Austin at the SXSW conference this weekend, but GigaOM is making it easy for me to keep up with the important things happening there. Liz Gannes covered an important keynote address discussing privacy on the web, and the ramifications of it have my mind buzzing. In researcher Danah Boyd’s keynote address, she took Google (s goog) and Facebook to task over lapses where user’s private information was made public. In particular, Boyd was on Google’s case for making personal information public by default with the launch of Google Buzz. Google backpedaled to correct that after the damage was done.
She also took Facebook to school over changing user privacy settings without making it clear that was happening. Facebook users found their previously private updates were suddenly hitting the public airwaves as a result. The entire keynote was quite good according to Gannes, and I wish I had been there. I especially found one of Boyd’s points to be very thought-provoking — just because someone says something on the web, does that mean it’s public information by default?
Think about that for a moment. Those of us who have been using the web since the beginning will usually say that if you say it on the web it’s totally public information. If that is true, then the web is useless for confidential business purposes, in addition to social networking. That’s pretty harsh if that’s the way it must be. As Boyd said in her keynote, you have the right to expect that something you say to a real life group in private will remain private. Why shouldn’t that apply to the web, too?
Think about the Facebook example — you sign up, verify your identity and restrict access to any information you “publicly” post on the service to a pre-approved list of friends. Is that a public group then, or is it a private group? It’s not that clear, is it? That’s why some Facebook users got burned when it changed the privacy defaults. Suddenly the “private” information on the web was accessible to those not on the pre-approved list.
I know many will claim that if you put it on the web, then you must assume it is public by nature of the way the web works. I would have previously agreed with this view, but now I’m not so sure. Think about online collaboration tools used in business — you have a right to assume your team’s private information shared will remain private to the group. If the online collaboration service suddenly changes things to make outsiders privy to the confidential information, you can bet users would be squawking loud and clear. That would only be right.
But how are these online collaboration services any different from social networks like Facebook? Both require signup, followed by carefully defining who has access to information shared in the service. Yet we probably feel that a collaboration service has a different level of privacy than a pure social network. How can we define just how private a social network really is? What is a reasonable expectation when using these networks regarding how our private information will or will not be shared? It is a very interesting question and I’m not sure there is an easy answer. I’d love to hear your thoughts on this.
Related content from GigaOM Pro (sub req’d):