Privacy: A False Sense of Security
For centuries, privacy has been, to many, a natural right. Your neighbors, when prompted, would never give out your information. Privacy was shared and, after all, as the dictionary itself says, privacy is when “one is not observed or disturbed by others” (Holtzman). Neighbors and friends have long valued their privacy and, in turn, given privacy to their neighbors and friends. But all of that is drastically changing. The sense of camaraderie is quickly dissolving and being replaced with selfishness for frivolous technologies.
Namely, social networking sites such as Facebook and MySpace ask you, the user, to willingly expose information about your “neighbors” and “friends” for the betterment of the technological “tool” of “social networking.” Cihan Kaleli, author of, “Providing Private Recommendations on Personal Social Networks,” suggests that, in order to be a good neighbor, we must also consider the idea of keeping the century-old idea of privacy by keeping “attributes about a user protected” (Kaleli). Xintao Wu, author of “A Survey of Privacy-Preservation Graphs and Social Networks,” report the very real threat of our online identity becoming too personal, arguing that the information often presented on a user’s behalf in social websites can be used by attackers to estimate a person’s social security number and thus exposes him or her to identity theft (Wu). However, in a world increasingly tending towards technology, ensuring privacy becomes an increasingly futile effort due to both the ignorance of the average internet user and due to the unrelenting hand of social internet companies.
Three conditions. Nine digits. One identity. Upon birth, a mere three conditions create the digits that define your identity, as defined by your social security number. First three digits: based on the zip code in which one is born, often reflected by the hometown listed on your “profile page.” Next two digits: assigned according to a predictable “temporal” order. Last four digits: defined based on a progressive serial number depending on the person’s birth date (Gross). By using a publicly available “social security death index,” one can accurately estimate the final four digits. Therefore, our most private of attributes, our identities, are what is at stake as we sacrifice our privacy online.
Ignoring the seemingly negative sides of social networking, such as privacy and the dangers that come with it, social networking has created an entirely new medium for gaining and sharing knowledge. Users of sites such as Facebook, Orkut and LinkedIn are given “recommendations” for likely friends, increasing the interactivity of the website. In fact, techniques such as “collaborative filtering,” as suggested by Kaleli, present fairly accurate recommendations by filtering results through grouping of users together based on their interests in up to six degrees of separation from the original user (Kaleli). Keeping in touch or reuniting with old friends is a valuable service social networking websites offer. As most of these websites offer their services for no monetary cost to the user, the true cost is that of the users’ privacy. For instance, while Alan Mislove, author of You Are Who You Know, celebrates the technological accomplishment of billions of people actively engaging in social internet sites, he suggests that users have no choice but to forfeit some privacy in return for key advantages such as enhanced user experience through guided search results, suggested user links, or grouping of users (Mislove). Kate Greene, writer for Technology Review, acknowledges the importance of social networking, in particular location-specific information as it relates to social networking. For instance, Greene cites the success of image-hosting website Flickr as one of the pioneers of “geo-tagging,” which is, in this case, the act of placing geographically linked attributes to a picture for view on a map (Greene). While Flickr was one of he pioneers of the idea of “geo-tagging,” location-aware services have picked up the pace in the past few years. Kai Rannenberg, author of Privacy by Design, extols location-aware devices such as “Child-Watch,” a watch designed with a Global Positioning Device (GPS) to help parents keep track of the location of their child. GPSs have drastically improved over the years to be a crucial element in today’s cellular “smart” phones. This technology has developed further to be included in location-based social services such as Twitter and Foursquare, two applications designed to share information, in real-time, to the public (Fletcher). Foursquare, for instance, specifically helps users by giving “recommendations” to people based on reviews and popularity of a restaurant. Mobile social applications can inform users better about their surroundings by giving them specific information depending on their location, whether it is in finding restaurants, going shopping, or trekking through traffic. I agree with Krishna Puttaswamy, author of Preserving Privacy in Location-based Mobile Social Applications, when he argues that location-aware services are useful in work, persona, health, and travel situations (Puttaswamy). Furthermore, and perhaps less specifically, location-aware devices such as laptop computers with Global Position Devices and, “web-cams,” provide a means of keeping track of a device, as Lower Merion School District of Rosemont, Pennsylvania used. Without the ability to keep track of the users of the computers and thus the devices themselves, many students would not have been able to learn with the aide of the technology (Robbins). Location-aware services have permeated into our lives, like a stream through a desert, via our phones and our computers.
While few have questioned the validity of technology as both a teaching mechanism, as in the case of the Lower Merion School District, and as a means of communication, as in the case of Twitter and Foursquare, I assert that technology is evolving at so rapid a pace that it is uncontrollable. Most users today, being brought during the advent of the internet, view the internet as a crucial part of their life, but also a mere part of their life. For instance, creating an avatar in the online world should have no effect on their life in the “real world” to them. I believe it is by this mindset that users have taken their security for granted and thus have become ignorant to their privacy. Ralph Gross, author of “Information Revelation and Privacy,” regretfully asserts that people are generally oblivious, unconcerned, or pragmatic about personal privacy (Gross). Xintao Wu, author of “A Survey of Privacy-Preservation Graphs and Social Networks,” corroborates with Gross’s accusation, citing “only a small number of Facebook members change the default privacy preferences” (Wu). While social networking sites such as Facebook offer many ways to seemingly limit access to personal information, Alan Mislove’s report You Are Who You Know claims that a full 70% of users publicly share information about their university, employer, interests, and hometown location (Mislove). While this information is not immediately apparent to be sensitive, as the title of Mislove’s report suggests, “you are who you know.” Keeping this title in mind, it is somewhat contradictory to the idea of privacy that 95% of users public share his or her “friends list” with all users on the internet (Mislove). It is, therefore, ironic that a study by researcher Janice Tsai titled, “The Impact of Privacy Indicators on Search Engine Browsing Patters,” suggested that users indeed value a website with a highly rated “privacy policy,” despite the users themselves not taking advantage of privacy-ensuring options on their Facebook pages. While users seem to value their privacy outwardly, it seems the values of increased interactivity outweigh the cost of giving up information believed to be insensitive. Perhaps, as Daniel Lyons of Newsweek contemplates, “privacy has become a kind of currency,” acting as, “what we use to pay for online services” (Lyons). However, Mislove asserts that 30% of users value their privacy enough to change our privacy settings (Mislove).
Even for the few that actively attempt to keep their privacy by changing their privacy settings in social networking websites or by creating “user groups” with different viewing privileges as offered by most networking websites, it is in the best interest of internet companies to group users together, to force interactivity, to ultimately earn a profit from your interaction. This past year, popular social networking website Facebook has changed its privacy policy to reflect a more “open” viewpoint, publicly publishing most of a user’s information by default (Facebook). While you may suggest that this is for the betterment of the service, sensitive information is often kept private for a reason and any college or high school student using Facebook should have concern for who controls their private information. Similarly, Google’s new social service called Google Buzz was announced in February to give a socially interactive layer to Google’s emailing client Gmail, and, by default, published a list of “frequently emailed” users to the public. James Temple of the San Francisco Chronicle reports that Google has been accused by the San Jose federal court of sharing personal data of users without their consent, claiming, as I also believe, the publication aided stalkers (Lyons), jeopardized journalistic sources, and even hinted at extramarital affairs (Temple). Another recent outbreak of a company willingly jeopardizing the privacy of their users is Classmates.com, a social networking website that allows high school and college graduates pay a fee to help reconnect with people who went to school with them (Singel). As Ryan Singel, writer for Wired News, reports, Classmates.com published information about all of their paying customers to the public in an attempt to mimic some functionalities of rival networking website Facebook (Singel). These cases are particularly relevant because, as I believe, they show that a user’s control over his or her own privacy is quickly being lost. As some may suggest, these websites do offer the option to not participate in, or “opt out” of, the sharing of personal data, but, as Temple suggests, privacy forfeiting services should be opt in, not opt out (Temple). A further example of a loss of privacy that is uncontrollable relates to the Lower Merion School District, where the school district spied on students by using remotely activated web-cams on school-provided laptops (Robbins). In this case, Robbins’ lawyers cite a plethora of legislature supporting the privacy of individuals. Namely, the “Electronic Communication Privacy Act”, the “Stored Communications Act”, the “Computer Fraud Abuse Act”, the “Pennsylvania Wiretapping and Electronic Surveillance Act”, and the fourth amendment of the United States constitution act in favor of Robbins. There are indeed laws in place to prevent companies and governments from divulging user information (Robbins).
Surely, you may suggest, there is a way to protect your information about yourself. However, at this point in the evolution of technology, even if one wanted to preserve their data or remove it from a website, it is nearly impossible. Krishna Puttaswamy, author of Preserving Privacy in Location-based Mobile Social Applications, suggests the culprits are the companies that treat your personal data with menial care, giving way to easy leaks by means of software bugs or hacking attacks, which are effectively unavoidable (Puttaswamy). In fact, Puttaswamy argues that the larger the company, the larger the risk of information leaks, giving way to large-scale privacy compromises, even with the use of several location and content “cloaking” techniques (Puttaswamy). As a whole, these cloaking techniques, “fail to protect users’ privacy,” and users’ information is often gathered through unsolicited marketing, through government surveillance, through profiling users, or through other malicious methods, all without the knowledge or consent of the user (Kaleli). But why are you unable to merely delete your account and be done with it? Well, Holtzman’s Privacy Lost: How Technology Is Endangering Your Privacy suggests that most companies only mark accounts as “inactive” rather than deleting your information (Holtzman). With companies keeping complete records of all changes to your data, and your information, it is impossible to even delete all of your data and retrieve your own personal data back from one of these social networking websites. And if that was not bad enough, Holtzman goes on to insist, when you are no longer a customer, companies can sell your information for prices ranging from $60 for social security numbers to $200 for your cell phone numbers (Holtzman).
Up to this point, you may have followed along with the argument that you are indeed giving up your privacy, and perhaps you have decided to change your personal settings in the social networking websites you may use. However, this is not enough to keep your information private. The true danger of networking websites is the information that can be inferred without you entering your information into the website. For example, using the same technology as presented earlier in this paper to provide recommendations for “friends” or “groups,” social services, and attackers, are able to infer certain attributes with 95% accurate from a group with only 20% of a group’s information (Mislove). Private “networks” or “groups” can be easily circumvented or joined by adversaries (Gross). Even without your information publicly available, your “friends list” is enough to reveal your identity, private attributes, and sensitive relationships (Wu). Therefore, as Mislove argues, it is not sufficient to make one’s attributes private, but rather, he asserts, both attributes and the list of users’ friends must be marked private to ensure that a users’ attributes can not be inferred from adversaries (Mislove). Dangers brought about by giving up your information can economic, physical, and legal (Puttaswamy). We must learn to become good neighbors again. But I fear it is too late. You truly do not own your own information, nor do your own your own privacy. Technology has tripped us down a slippery slope. And there is no getting up.
“Privacy Policy.” Facebook.com. Web. 19 Mar. 2010.
Fletcher, Dan. “Please Rob Me: Site Shows Dangers of Foursquare, Twitter.” TIME, 18 Feb. 2010. Web. 19 Feb. 2010.
Greene, Kate. “Putting Pictures in Their Place.” Technology Review. 5 Sept. 2006. Web. 18 Feb. 2010.
Gross, Ralph and Alessandro Acquisti. Information Revelation and Privacy in Online Social Networks. ACM, 2005.
Holtzman, David H. Privacy Lost: How Technology Is Endangering Your Privacy. San Francisco: Jossey-Bass, 2006.
Kaleli, Cihan, and Huseyin Polat. “Providing Private Recommendations on Personal Social Networks.” Advances in Intelligent Web Mastering. Ed. V. Snasel. Vol. 2. Berlin Heidelberg: Springer-Verlag, 2010. 117-25.
Lyons, Daniel. “How Google & Facebook Violate Your Privacy.” Newsweek. 17 Feb. 2010. Web. 19 Feb. 2010.
Mislove, Alan, Bimal Viswanath, Krishna P. Gummadi, and Peter Druschel. You Are Who You Know: Inferring User Profiles in Online Social Networks. New York: WSDM, 2010.
Puttaswamy, Krishna P. N, and Ben Y. Zhao. Preserving Privacy in Location-based Mobile Social Applications. U. C. Santa Barbara, 2010. Annapolis: HotMobile, 2010.
Robbins vs Lower Merion School District. Eastern District of Pennsylvania. 11 Feb. 2010.
Singel, Ryan. “Classmates.com’s Facebook Mimicking Prompts Privacy Suit.” Wired News. Condé Nast Digital, 10 Mar. 2010. Web. 10 Mar. 2010.
Temple, James. “Local class action complaint filed over Google Buzz.” SFGate. San Francisco Chronicle, 17 Feb. 2010. Web. 19 Feb. 2010.
Wu, Xintao, Xiaowei Ying, Kun Liu, and Lei Chen. “A Survey of Privacy-Preservation of Graphs and Social Networks.” Managing and Mining Graph Data. Ed. H. Wang and C.C. Aggarwal. Springer Science+Business Media, 2010. 421-53.
