On the Expectation of Privacy in Social Web Applications

Alex Payne from Twitter has an interesting post up about the costs of privacy in social web applications. The thrust of his argument is that respecting the complex privacy requirements of the average non-geeky user increases the complexity of developing and using social software. While geeks might be happy to broadcast their comings-and-goings to the world, non-geeks (by which he basically means girls) have to worry about creeps and hooligans contacting them or, worse, seeking them out in real life.

Without privacy concerns, Twitter would be an incredibly simple service: basically just lists of posts and lists of users, exactly the kinds of data that database-driven web applications excel at providing. But, as Alex says, “privacy mucks this happy scenario up.”

“Ask for a list of users on a social network with privacy controls and you’re kicking off a complex series of computations behind the scenes. The database can’t just retrieve a simple list when privacy is in the mix. Instead, it has to jump around its tables of data figuring out who’s allowed to see who. The web application now has to provide different decorations to denote the private users, so you need extra logic and some new icons. Everything just got twice as hard: harder for the machines, harder for the programmer, harder for the designer, and (before this was a common UI pattern) conceptually harder for the user.”

Reading this got me thinking: why isn’t this a problem in real life? Why doesn’t the coexistence of groups of people with conflicting privacy concerns cause problems in the actual public square? If this is really a problem stemming from the introduction of non-geeks, why doesn’t it happen at sporting events or in malls where non-geeks are all too prevalent?

In real life, there’s no universal system for privacy that tries to work equally well for all people everywhere. Instead there’s a custom solution for each place and each community. In America, the governing law here is the Fourth Amendment and the surrounding jurisprudence, which created the doctrine of ‘reasonable expectation of privacy’. In other words, our communal sense of how much we’ll be seen or overheard in any particular place actually determines whether and to what extent other people are allowed to observe us there. For example, in our own homes we expect what we say and do to stay within our own walls so police are not allowed to eavesdrop on us there without a warrant even though that prospect becomes technologically easier each day. On the contrary, in an obviously public place like a mall food court covertly observing us (or photographing, videotaping, and RFID-scanning us, etc.) is fair game for cops, mall security, and even our fellow citizens.

Put in terms of social web apps: in real life, which of our data can be read is determined not by our social relationship to the person doing the reading, but by which network we’re using and what constitutes a reasonable expectation of privacy there.

Seen this way, the real problem that social networks like Twitter are encountering when enforcing privacy is that they are trying to be all places to all people. They want to build one space in which you can broadcast your political beliefs to the world while I, simultaneously and conterminously, whisper my darkest secrets to only my closest friends. In the technical realm, this creates a major problem by preventing the existence of one coherent privacy policy (the way a bank’s site might have). Instead, sites like Twitter are required to enforce as many different privacy policies as there are possible relationships between their users. In the social realm, this creates confusion and conflict by hampering the construction of the kinds of social norms that allow for agreement on what constitutes a reasonable privacy expectation to take hold (the way Wikipedia, with its dead simple, basically non-existent, privacy policy does have). Instead, sites like Twitter become cyclotrons filled with constantly colliding communities with different privacy expectations: if I just use the service to keep in touch with my closest friends then even emailing me about each stranger who starts following my updates can become invasive.

The implication of this seems to be that, like in real public places, online communication platforms will eventually have to sort themselves into the general categories of public and private rather than trying to be both at once. And our most successful platforms are already pretty clearly sorted: you know exactly what amount of privacy to expect when sending email or posting to a blog. Since one of the hallmarks of the new social web apps like Twitter and Facebook is that they’re trying to break down this very division (or at least host both halves of it under the same roof) they are going to be running smack into this problem on a regular basis. I wonder how long it will take them to do better than the authors of the Constitution…

Tagged: , , , , ,

This entry was posted in useful web. Bookmark the permalink.

0 Responses to On the Expectation of Privacy in Social Web Applications

  1. Tara Kelly says:

    Good food for thought.
    Though, while geeks clearly see the web as a place, many non-geeks don’t quite perceive it that way. For example, to my mother – a website is a thing, at best a utility, but not a place.
    A few years ago if told her to go to, say, Myspace, she’d reply “I don’t know if I have that one, does it come with AOL?”
    Of course she now understands the difference: she does all her banking online, we chat on Skype daily, she uploads photos and shares albums with family … but I still wouldn’t bet on the idea that she perceives a website as a “place”. These are just tools for her. Utilities.
    Nonetheless, I believe the line between a utility site and a social network are going to get more and more blurred as time goes on. And I can almost guarantee that it never occurred to her that other people could see her photo albums. So we’re going to have to figure something out.
    When thinking about solutions for non-geeks, it’s important to remember that they perceive the web in a *profoundly* different way than us.
    I’ll run your place analogy past mom and see what happens. 🙂

  2. Tara Kelly says:

    Sorry about the double post. The site seemed to be hanging… my bad.

  3. Tara —
    Interesting obersvation! I’d considered geeky technical users and highly social non-geeks (basically the Myspace and Facebook crowd) who are very comfortable using social networks to communicate with their own friends, but I think that your mom represents a third group of users altogether: older or less experienced ‘netizens’ who aren’t fluent enough in the technology to even notice the privacy policies and options available to them on different sites.
    The anecdote you relay of your mom uploading pictures without even realizing that she’s sending them out there for all the world to see just underscores my point even more strongly about the different expectations of privacy. Less experienced users don’t necessarily think of everything on the web as being globally public.
    A strong example of web app design directtly targeted at this group is Vox, a blogging service created by Six Apart specifically so that Mena Trott (one of the company’s founders) could convince her mom to start blogging. Vox blogs default to being private and they allow users to post all different kinds of media.
    [No problem about the double post; UrHo’s server has been a bit pokey lately. I went ahead and deleted it.]

  4. Nice thinking, Web application have certain issues which have to be look after. People spread scam and virus through application which is dangerous for privacy

  5. Nice thinking, Web application have certain issues which have to be look after. People spread scam and virus through application which is dangerous for privacy

Leave a Reply to Tara Kelly Cancel reply

Your email address will not be published. Required fields are marked *