Facebook’s threat to individual privacy in the social networking sites boom
Purpose – Web 2.0 which was invented in late 2004 is experiencing its early stage and has been inevitably encounter problems, such as privacy issues and concerns. This stream essay is aimed to explore the privacy issues emerged from the burgeoning Web 2.0 movement, especially from popular social networking site Facebook which is located in the US now affecting the globe.
Design/methodologies/approach – The research is conducted by examination of two key topics of the Facebook, user surveillance (including trust mechanism) and industry self-regulation. It is similar to a case study approach with statistics (by existing reports), table, and facts (from newswire).
Findings – Recognising both rewards and risks, the research has found all three aspects are problematic and in particular the trust mechanism and industry self-regulation do not work as originally anticipated by the businesses and the consumers.
Originality/value – This essay is groundbreaking and introduces the social issues from the ever-growing Web 2.0 trend. In the same time it raises numerous privacy concerns of emerging threat from the Facebook to its users. It is therefore recommended to those studying privacy in Web 2.0 especially social networking sites as a major piece of research into this topic.
Keywords Internet, Web 2.0, Social networking sites, Facebook, Privacy, Data protection, Social impact, Surveillance, Trust, Self-regulation
“Web 2.0 is a set of economic, social, and technology trends that collectively form the basis for the next generation of the Internet – a more mature, distinctive medium characterised by user participation, openness, and network effects.”
-Web 2.0 Principles and Best Practices (Musser and O’Reilly 2006)
Web 2.0 sites (also known as ‘social webs’) enabling the delivery of richer user experiences (O’Reilly 2005) have today been so prevalent that they are beginning to shape our social lives in cyberspace. Recent statistics by Nielsen NetRatings (Nielsen 2006-4) shows that by providing online community services social networking sites are, in particular, the very fast growing sites amongst all 2.0 websites (MySpace 183% in the United States between 2005 and 2006). Presences of this kind such as MySpace and Facebook leading ahead globally have experienced a multifold growth in their page views per month (439% and 845% respectively) whilst growth of traditional web portals like Yahoo! and Google sites has been slowed down (Yahoo! 1% and Google 52%) (Metz 2006). Social networking sites are now becoming a cultural and technological phenomenon (Grayson 2007, Lupsa 2006, Metz 2006, Nielsen 2006-2).
In the mean time, on-line users have however become increasingly aware of a negative effect of the Web – privacy threat by realising the considerable amount of their personal information that is being tracked and used (Stock 2004). Their genuine concerns over the invasion of privacy have thus been growing (Hubert 2007, IBLS 2005, Lee 2003). A comprehensive survey conducted by the Oxford Internet Institute reveals that a large portion of on-line users (79% and 84% in 2003 and 2005 respectively) in the United Kingdom are concerning about threats to their privacy (Dutton et al. 2005). Specifically, slightly more than half, or 54%, of the respondents felt they had put their privacy at real risk whilst they were surfing the Internet in the past. The vast majority of these anxious users (83%, 45 out of 54) also raised the concern that on the Internet their personal information can be accessed without any prior authorisation. This strong indication is concurred by other research where most consumers do believe that the Internet has made their information readily available on-line (McRobb and Rogerson 2004). Such worry has thus developed into one of the major reasons why some of them have chose to decline the offer from the Internet (Dutton et al. 2005). It is not just a British phenomenon, the effect of capturing users’ personal information has been spreading over the United States and Australia, and it has been global (Fleischer 2005, Spanbauer 2006).
This essay starts by providing a brief overview of both the Web and privacy in the social context of cyberspace. The following sections draws heavily on one of the most notable examples to date – Facebook, where most of the social networking sites’ characteristics are clearly displayed (other social networking sites are of less social networking functions and features to present) and the social power of Facebook is at the same time demonstrated. In order to fully explore the emerging issues from social networking sites experience to date, this essay highlights two key topics of the growing concern over privacy in the social networking sites area, namely user surveillance (including trust mechanism) and industry self-regulation. This essay offers additional analysis on a few more Facebook’s social impacts, such as psychological addiction and profile check where privacy issues and concerns once again arise. In the end, the essay concludes with a section of discussion on the Facebook phenomenon worthy of further investigations.
2. Literature Review
The research undertook by the OII further reveals that, in the UK, Internet has a prominent role in ‘maintaining social interaction and supplementing other forms of sociability’, and surfing and browsing web pages are the two most frequent uses of the Internet. The primary purpose for most Internet users is to gather specific information (74%) (Dutton et al. 2005), and for social networking sites it is to connect users with their friends and family members, as well as their colleagues. In the mean time, research indicates the public in general is not much aware of how information relating to them is being used and how their law-protected privacy right is being violated (Kruck et al. 2002). It thus has been unsurprisingly a controversial issue of whether without any permission beforehand people can obtain others’ personal information on the Internet, and whether individuals’ lives either public or private would become globally ‘transparent’ (51% agree whilst 49% disagree) (PEW 2006). As such, privacy has been considered as a constant source of worry amongst all concerns of the Internet.
“People should be able to surf the Web anonymously, or as a well-defined entity, and should be able to control the difference between to two. I would like to be able to decide who I will allow to use my personal information and for what.” (Berners-Lee and Fischetti 2000)
Indeed, Internet has today provided an effective means of communication (Kruck et al. 2002), however, research shows that personal data (both public and private) on the Internet have been used for fundamentally different purposes from one’s original intention (Collier 1995). New and advanced technologies enable firms to collect, use, disseminate, disclose, and sell Internet users’ personal information. Privacy concerns are thus revealed (Lee 2003). Protection against privacy threats to personal information thus become a real priority and it is the most important policy issue in cyberspace to date (HBR 2000, Lee 2003, McRobb and Rogerson 2004). The interplay between privacy and the Web is increasingly complex.
Spinello (2000) underscores the threats to one’s personal security which are heightened by using the Internet because one’s zone of privacy is appreciably diminished in this open and fluid environment. Rezgui further proposes individual’s privacy in cyberspace as a multi
dimensional feature of Web service (Rezgui et al. 2002) involving three basic elements as
-User privacy (perception by Web service consumer)
-Data privacy (support at the data level)
-Service privacy (exposition of specific Web service)
Specially, Web services consumers expect or require many different levels of privacy in accord with their perception of the information sensitivity. Moreover, their perceptions of privacy are directly affected by who will receive the specific information and the particular purpose for which the information is being used (Rezgui et al. 2002). It is of great importance that consumers know who is gathering information about them and that they will be willing participants (HBR 2000).
Moreover, Spinello (2000) considers the possibility to distinguish several types of privacy, such as psychological privacy or communication privacy. He however emphasises the information privacy primarily brings into the focus of attention because it concerns the collection, use and dissemination of information about individuals. The right to informational privacy is the right to control the disclosure of and access to one’s personal information.
‘The problem is serious, and two aspects of the Web make the worry worse. One is that information can be collected much more easily, and other is that it can be used very easily to tailor what a person experiences.’ (Berners-Lee and Fischetti 2000)
In the context of social networking privacy, it is also critical to address that service privacy in general comprises three types of policy: usage policy, storage policy, and disclosure policy (Rezgui et al. 2002). Present new and advanced information communication technologies (ICT) allow businesses to monitor on-line customers’ navigation choices and purchasing behaviours, extract personal preferences, and ultimately collect customer information as a whole (Lee 2003). Further to this, storing, analysing, interpreting, comparing and exchanging the vast amounts of information about millions of citizens has once again raised the issue of safeguarding the online privacy (Collier 1995, Lee 2003, Rezgui et al. 2002).
3. User surveillance
Social web is originally designed to promote and facilitate the interaction between real people in cyberspace, and the notion of social networking is basically all about ‘share content, find items of interest, connect people and form online communities’ (Economist 2005, Lee 2006). Because of this very nature of social networking websites, its collection on users’ personally identifiable information (PII) is inescapable (Lynch 2004).
It is evident that, upon registration, Facebook has made every effort to collect the ‘unique identifier’ (Hildebrandt 2007) from client side by requesting the ‘real’ name of its user-inwaiting. In order to join any school or company network, the user has to give out a unique and valid e-mail address provided by that particular school or company, and such e-mail address is always a genuine unique identifier which other users can identify with accordingly.
The ability to represent and link users’ information and relationships existed in real life makes the Web work as anticipated (Berners-Lee and Fischetti 2000). Participators of social networking sites, not necessarily of the Facebook, have turned their offline world online. In other words, their social networks in real life will have been represented in cyberspace and existing relationships with others can be properly maintained (Metz 2006) (Hildebrandt 2007). Facebook has therefore successfully established a great number of people-based networks, and these networks are in the form of school networks, company networks, regional networks and many interests groups. Moreover, detailed information of relationships between users are requested by the Facebook (see Figure 2) and recorded to the database system afterwards. The more we get involved the more they’ll know about us and consequently the more vulnerable we’re to being manipulated and controlled (Duquenoy et al. 2005).
In addition, Facebook’s collection on personal information is not only limited to individual profiles and further contributions made by its users on the Facebook. Rather intelligently, its one-stop mechanisms allow users to import their existed personal information from external sources though simply entering the URL of their blogs for example. A fairly detailed picture of any particular user will be building up, including any private information which would make him vulnerable in the future without realising it.
3.1. News Feed
Profiling users has been seen as one of the controversial issues where the problem is resulting from the core of Web 2.0 notion. ‘News Feed’ (shows as Figure 3) is one of the most distinguishing social networking features Facebook has launched so far, and it thus makes things altogether more problematic. It updates registered users automatically about recent profile and status changes of people located in their social networks (their friends), such as someone adding a friend or attending an event (Soat 2006). This dynamic feature however involves technologies which can perform sophisticated surveillance and monitoring (Lynch 2004, Spinello 2000). It does also perform real time profiling and ‘adaptation’ (Hildebrandt 2007). All of users’ on-site activities and social behaviours in the form of ‘clicking stream’ information (Berners-Lee and Fischetti 2000) is very closely watched, logged (time-stamped), aggregated, and ultimately displayed to their friends across the Facebook. The ‘scope and speed’ of its data pattern identification have made users feel rather surprised because their privacy is now at risk (Kruse 2006).
Moreover, it is noticeable that the ‘News Feed’ feature is capable of generalising users’ similar on-site behaviours into groups so as to present to their friends more informatively (see Figure 4 above). Since the very first second the surfer started to explored the Facebook, each possible move of him has been paralleled with at least one pre-defined ‘behavioural pattern’ (Stock 2004). Fully computerised observation and analysis based on such data patterns (interpretation of one’s behaviour profile) tells the system which parts of the Facebook the user has accessed to, and as a result, other people can extract ‘psychological privacy’ about him from the News Feed update.