Commentary

The Boy Who Cried 'Privacy Breach!'

Gather around for a story, boys and girls. Stop me if you've heard this one before.

Once upon a time, there was a boy tending his social flocks of friends and followers. He would continually go up to the social embankments and shout, "Help, there's a privacy breach!" The bloggers and reporters would all come running, making his cries travel much further. Masses of people changed their privacy settings, even though their privacy wasn't violated at all. Then one day, there really was a serious privacy breach, but when the bloggers and reporters and tweeters and plussers and tumblrers all came along to convey the cries out unto the world, no one believed it was a big deal. The evil privacy breacher then stole all their identities, sold them to a Moldovan spam syndicate, and last was seen in Dubai skiing in an indoor mall.

advertisement

advertisement

Aesop it's not; the version at mythfolklore.net reads better. Yet this story is painfully relevant today. In the past week, there have been two such baseless privacy scares involving LinkedIn and Facebook, and they're unfortunate red herrings.

Let's start with LinkedIn.

The "privacy breach": LinkedIn was preparing a new form of social advertising. It said, "When LinkedIn members recommend people and services, follow companies, or take other actions, their name/photo may show up in related ads shown to you."

The gotcha moment: Steve Woodruff, a blogger friend whom I've known and respected for years, got a tip about it and blogged the story. He wrote, "Devious. And I expect that you, like me, don't want to participate."

Why it's not a big deal: LinkedIn did something unprecedented by allowing an opt-out mechanism before anyone saw an ad using that kind of targeting. Yes, the default was LinkedIn opting people in, and LinkedIn could have communicated these changes better (though it did start disclosing the changes as early as June), but in many ways LinkedIn was well ahead of the curve.

The upshot: LinkedIn caved, and will be worse off for it. Instead of LinkedIn showing you that your friends Ashmi, Jamison, and Lexi like an advertiser or its products, you'll just see that three nameless friends follow that company. Look at the before and after images in LinkedIn's mea culpa. Which looks better? The bottom one is McMurphy at the end of "One Flew Over the Cuckoo's Nest." It's a loss for LinkedIn, and I hope they find a way to keep experimenting with social ads, while leading the way with privacy.

Then there's Facebook.

The "privacy breach": People using Facebook's mobile applications were startled to find that friends' phone numbers were visible in their contact lists at facebook.com.

The gotcha moment: There are too many instances of yellow journalism to name, but the normally sound Boy Genius Report ran one of the scarier headlines: "Facebook stole every contact and phone number in your phone - here's how to undo the damage." The post then notes that you'll express "shock and disgust."

Why it's not a big deal: This is an old feature from Facebook so you can add friends based on their phone numbers, and it's very useful. You can disable contact syncing if you want -- that's an old feature too. As Facebook noted in its response, "Just like on your phone, only you can see these numbers." Umm, what damage is this? When you synchronized your Hotmail and Gmail accounts with Facebook to find friends there, Facebook didn't email everyone else. Similarly, Facebook's not going to start calling your grandmother and reading her your status updates. That would be a great service, though, as I should call Grandmom more anyway, and Mark Zuckerberg sounds enough like me.

The upshot: Unlike LinkedIn, Facebook didn't make any changes. There are probably a lot of features in Facebook's mobile apps that you don't know about, and there are probably a lot of privacy settings you don't know about either.

You may recall that the original boy who cried, "Wolf!" lost his flock of sheep. The dangers are far worse for those who make a big stink of nonexistent privacy breaches. When we make a big stink about what are at most minor communication snafus from the social networks in question, we won't be able to rouse people's attention when serious issues emerge.

Few people truly understand privacy issues. Your personal information on your cheap, plastic supermarket loyalty card is currently worth far more than all your social graph data. That's right -- how much toilet paper you buy is far more valuable to marketers than who your friends are. If bloggers investigated shopper cards, they'd tell you to cut them up, and then for good measure to never step foot in a supermarket again.

There are lots of morals to this story: Don't jump to conclusions. Do your homework. Count to 10 before writing a blog post. Don't be the boy or girl who cries, "Privacy breach!" And always remember to call your grandmother.

4 comments about "The Boy Who Cried 'Privacy Breach!'".
Check to receive email when comments are posted.
  1. Ari Rosenberg from Performance Pricing Holdings, LLC, August 16, 2011 at 7:14 p.m.

    Big difference between actively opting in to use a supermarket loyalty card versus having your information scanned and monetized until you figure out how to opt out.

    That's what many are crying about.

  2. John Jainschigg from World2Worlds, Inc., August 16, 2011 at 10:39 p.m.

    How is this kind of thing NOT an offense to privacy?

    I agree with your deep thesis: no question, we're being lulled into having a so-what attitude by successive insults to our privacy followed by patronizing explanations about why it's all not a big deal and people who whine are acting like drama-queens.

    But I'm not following why the end result of this inexorable loss of privacy is projected as: 'Everyone's identity is going to get stolen by a real Mafia bad-guy, and nobody's going to care until it's too late' which seems sort of a non-sequitur (unless, of course, my identity is stolen by leveraging data hacked from Facebook, which seems likely if not inevitable).

    Why not just project from what's happening right now to a solid, credible end-state, like: 'A vast oligopoly is rapidly deadening social and legal resistance to bold and unprecedented intrusions into the personal affairs of everyone who uses these technologies, and pretty soon they will have all the information and it will all be completely legal.

    And then ... nobody knows what's going to happen, right? But it's worth noting that -- when we reach this point (a year from now?), stepping back from the brink will require ugly, painful, hard-to-do stuff, like unmaking and/or hyper-regulating big, fast-growing parts of the US digital economy in the middle of a double-dip recession; whereas all we'll need to do to advance directly to a police state is to elect a policeman.

  3. Michael Porte from The Field (social), WheresSpot, August 17, 2011 at 10:34 a.m.

    I'm sure you heard this before, but i've never allowed FB to access any of my contacts (email etc), and i had turned of the syncing feature previously... but somehow FB re-enabled that feature, and has all of my contacts from my cell phone.
    They say it's just phone numbers, but there are addresses, notes, and other private info in those files. Who's to say that some unsavory FB employee hasn't already sold that info to the mass of marketers, or id thieves out there?
    You may think it's all ok, but i don't believe that everyone is as trust worthy as you.

  4. Paula Lynn from Who Else Unlimited, August 17, 2011 at 8:26 p.m.

    If you put all of that your personal and others' personal info on FB and anything but the absolutely necessary info on LInked In then you have already been manipulated.

Next story loading loading..