Mislove isn't convinced that social networking has redefined the notion of privacy. Photo by Mary Knox Merrill.
June 7, 2010
Facebook’s newest attempt to resolve the privacy issues raised by users is getting mixed reviews. Assistant Professor of Computer and Information Science Alan Mislove, whose research focuses on how people interact in the virtual world, discusses what’s ahead for social networking.
Has Facebook fixed its privacy issues for good, or will this continue to be an issue?
What Facebook has addressed so far is the mechanism for expressing privacy controls. Originally, they added very granular controls, allowing users to specify the privacy settings for almost every feature and piece of content individually. They've promised to simplify this, and provide fewer, more global, settings.
More importantly, though, what I haven't seen them address are the defaults. Many, if not most, users do not change the privacy settings from the defaults set by Facebook, which makes everything except for contact information and birthday visible to the entire Internet. If Facebook set conservative defaults where only a user's friends were able to view his or her content, I strongly doubt that you would see a large number of users changing their settings so that their content is visible to the entire Internet.
I believe that not many users understand that, unless they change their privacy settings, almost all of their activity on Facebook is visible to any Internet user.
How does online social networking redefine the concept of privacy?
I’m not convinced by arguments that social networking redefines the notion of privacy. I haven't seen any strong evidence that users view privacy differently on these sites versus in the offline world.
My opinion is supported by the fact that many of the patterns of human interaction in the offline world have been shown to also be true on sites like Facebook. For example, people may have thousands of "friends" on Facebook, but researchers have observed that people interact only with a small number of them. Similarly, we've observed that people form tight-knit groups in online social networks, much in the same way that sociologists have observed offline. Thus, I have yet to see compelling evidence that peoples’ interaction patterns, or views on privacy, have shifted.
Your research relies on gathering data from social networks. Will the emergence of user-controlled privacy settings negatively impact your research?
Yes and no. If users begin to use their privacy settings to restrict who can view their information, then our current methodology of “crawling” information will no longer allow us to collect data on a significant fraction of the network. I believe that such a transition is inevitable, as people start sharing more personal and private information, and become more aware of the implications of such sharing.
However, I believe that the balance between user privacy and allowing researchers access to data is one that has been faced before in other areas. For example, there are strict rules that allow access to anonymized results from health studies. While this a different domain, it shows that a balance can be struck in the privacy/research data debate, even when the data is extremely private medical data.
My hope is that the research community will settle on a set of "best practices" regarding the anonymization and use of data from online social networks.
Has the growth of social networking allowed research into certain aspects of human behavior that was not possible before? Why is this research important?
Absolutely, and this is one of the most exciting things about online social networks. This data is extremely fine grained, and of a scale that is unprecedented in the social sciences. I believe that it could help to verify or invalidate theories in fields like sociology, psychology, political science and anthropology; to better design the computer systems that underlie these sites; and to develop a richer understanding on how society functions at scale.
Some urge the U.S. Federal Trade Commission to set up privacy guidelines for all social networking sites, including Facebook, Twitter and MySpace. Is government regulation a possibility?
I can see two arguments why government regulation may be necessary. First, Facebook has become the largest social network with more than 400 million users — a near monopoly. Thus, lack of "competition" in the social networking space makes it difficult for the market to find the right stance on user privacy.
Second, and more importantly, the network effect prevents people from easily switching from one social network to another. Because there's very little benefit to being the only one of your friends on a social networking site, users are unlikely to switch from Facebook due to privacy concerns until some of their friends do. This creates a bit of a chicken-and-egg problem.