essays/social-networking.mdwn: New file.

2 files changed, 285 insertions, 1 deletions

diff --git a/Makefile b/Makefile
index 51eca5a..660414a 100644
--- a/Makefile
+++ b/Makefile
@@ -11,7 +11,8 @@ srcs = \
 	talks/software-contracts/index.mdwn \
 	talks/index.mdwn \
 	essays/index.mdwn \
-	essays/commercial-free-software.mdwn
+	essays/commercial-free-software.mdwn \
+	essays/social-networking.mdwn
 objs = $(srcs:.mdwn=.html)
 
 .SUFFIXES:
diff --git a/essays/social-networking.mdwn b/essays/social-networking.mdwn
new file mode 100644
index 0000000..acf24dd
--- /dev/null
+++ b/essays/social-networking.mdwn
@@ -0,0 +1,283 @@
+<!--#set var="title" value="On Facebook, Google+, and Ethical Social Networking"
+-->
+<!--#include virtual="/includes/header.html" -->
+
+On Facebook, Google+, and Ethical Social Networking
+===================================================
+
+TO COME: An introduction and a section on Google+.
+
+The Ethics of Facebook
+----------------------
+
+Facebook shares their users' personal information with third parties.  They use
+mere Web site design changes as an excuse to revert users' privacy settings to
+unsafe defaults.  Their social platform has huge security holes that allow
+personal information to be leaked.  One such hole made some users' private chats
+accessible to all of their contacts.  Facebook also exposes users to malware and
+identity theft. [1]  They make it easy for application developers to collect
+personal information. [2]  The Wall Street Journal found that these application
+developers collect this personal information, link it with other information,
+and sell it to others. [3]
+
+In general, Facebook has always operated on an opt-out basis.  In some cases,
+you can actually disable third-party access to your information.  But you must
+always be on the lookout for new "features" or changes to privacy settings.
+Facebook always changes the way it collects information, and it catches many
+people unaware.  But it's impossible to opt out of things you don't even know
+about.  Recently, Facebook added a feature they call "tag suggestions".  If you
+have photos on your profile, Facebook can pick out people's faces and suggest
+names for them.  This may sound useful, but it's the tip of an almost
+nightmarish ethics iceberg in information systems.  Facebook uses facial
+recognition software to make this work; they scan already-tagged photos and
+record distinguishing facial features and then find photos with similar faces
+and give them names.  They maintain a database of people's facial features.
+They never notified anyone about this database.  They never asked users if they
+could record this information.  Instead, of course, they made it an opt-out
+feature; you have to explicitly disable this hidden feature to keep your facial
+information out of the database.  This new feature has even sparked an
+investigation by the European Union. [4][5]  But just imagine what Facebook
+could do with this information (and consider their track record with personal
+information).  I suspect they may soon start selling facial data to other
+companies, law enforcement agencies, and oppressive governments (I've heard that
+the U.K. once used video camera footage to locate and arrest protesters, so
+imagine what they could do with facial data).
+
+Basically, Facebook is a business.  And you are not their customer.  You are
+their product.  They are, in fact, selling their products to advertisers.  That
+is, they use a person's face (without getting permission and without paying
+anything) to advertise things to that person's friends.  Claim to like
+something, and you've given a product endorsement at a price advertising
+agencies would love. [6]
+
+And they also seem to like selling out their users to governments and limiting
+what their users can read and say.  After their recent collaboration with
+Chinese partners, the Facebook platform was allowed into China under political
+censorship.  At the time, Facebook lobbyist Adam Conner remarked, "we're
+allowing too much, maybe, free speech". [7][8]  The Associated Press reported
+last month that Facebook sold out hundreds of peaceful pro-Palestinian activists
+who had been organizing events through the social platform.  Facebook allowed
+governments to track its users' activities.  As a result, more than 300 peaceful
+activists were added to airline terrorism watch lists and denied the right to
+leave their countries.  International air travel was disrupted as planes from
+Geneva and Italy were diverted for security inspections.  310 people were
+detained after landing in Israel on their way to stand with Palestinians in a
+peaceful mission of solidarity and fact-finding. [9][10]  Imagine what might
+have happened if Facebook (and widespread publicly-accessible computer networks
+for that matter) existed during the civil rights movement.  Would there be
+racial equality in the United States today?  Or would peaceful protesters
+organizing events have been sold out and arrested before they could even meet?
+
+But it seems you don't even have to use Facebook to get tracked by Facebook.
+Everyone who sees a "Like" button somewhere on the Web (as I'm sure you have)
+can be tracked.  Facebook has the ability to map out the browsing behavior of a
+massive number (a number that grows by tens of millions each month) of Web
+users, even those who don't use Facebook. [11]  Again, imagine what they could
+do with such vast amounts of information.
+
+Things like these gaping holes in privacy, devious information collection
+practices, abuse of users, censorship, and tracking inspired Matt Lee, campaigns
+manager, and John Sullivan, executive director, of the Free Software Foundation
+to write about Facebook's poor track record with privacy and create rather
+amusing "Dislike" and "not f'd" buttons. [12]
+
+Ethical Social Networking
+-------------------------
+
+TODO: Move characteristic four into a note somewhere, as it is rare for a
+service provider to attempt to claim copyright on user-submitted works.  Also,
+refer to the Franklin Street Statement.
+
+But social networking is not inherently evil.  You can connect with old friends
+and discover new ones without sacrificing privacy, security, autonomy, and
+freedom.  You just have to be careful about the platforms you use.  I've
+identified four basic characteristics that a social networking platform must
+have for it to be an ethical one that doesn't abuse its users.  The first two
+characteristics are universal; all viable platforms, whether running on your own
+computer or hosted by a service provider, must have these.  The last two apply
+only if you choose to use a platform that is run by someone else as a service.
+
+1.  Software freedom.  You must be free to use the software that powers
+    the social networking platform on your own computer without
+    restrictions.  You must be free to inspect the software and modify
+    it.  You must be free to share the software with others, with or
+    without modifications.  With these freedoms, you have full control
+    over your social networking and you can decide who has access to
+    which personal information.  Without these freedoms, only the
+    developer can decide what the software does, and you may not even
+    be allowed to know what it does to you.
+2.  Federation.  You must be able to run the software on your own
+    computer and still be able to communicate with other people using
+    other copies of the software.  If the software has protocols for
+    communication between users across multiple installations, then the
+    software is federated.  For example, e-mail is federated; you can
+    run your own mail server and still send mail to other people who
+    use other servers.  This is because all standards-compliant mail
+    servers speak the same protocol.
+3.  Privacy.  If you choose to use a social networking service run by
+    someone else, the service must offer a clear and agreeable privacy
+    policy to which the service provider must strictly adhere.  The
+    service provider must not be allowed to give your personal
+    information to third parties without your consent (unless required
+    by law) or use your information in ways that threaten your privacy
+    and autonomy.
+4.  No claims of copyright.  The service provider must agree that your
+    personal information is yours, not theirs.  There must not be any
+    claims of copyright on the information you provide.  The provider
+    may, however, require you to license such information to them
+    and/or to others for it to be published on the service; in this
+    case, you should make sure you agree with the license terms before
+    using the service.
+
+Let's look at some social networking platforms and see how they adhere to these
+criteria.  We'll start with Facebook.  Facebook fails criterion one; you cannot
+run, inspect, modify, or share the software that powers Facebook.  This means it
+also fails criterion two; it is inherently not federated because you cannot run
+it on your own computer.  Since Facebook is not federated and you're stuck with
+the hosted service, criteria three and four apply.  Facebook has a terrible
+track record with privacy and therefore fails criterion three.  According to
+their terms of service, you retain copyright on your information and give
+Facebook "a non-exclusive, transferable, sub-licensable, royalty-free, worldwide
+license to use" your information. [13]  This is standard licensing language that
+allows Facebook to publish information you submit, and with these terms Facebook
+seems to pass criterion four.  (I've heard that Facebook claims or used to claim
+copyright on your information, but seeing these terms of service I'll give
+Facebook the benefit of the doubt here.)  Facebook fails three out of the four
+criteria, and we can conclude that Facebook is an unethical social networking
+platform.
+
+Next we'll evaluate Twitter.  Again, it fails criterion one since you cannot
+run, inspect, modify, or share the software.  And again it fails criterion two
+since you cannot run the software on your own computer.  Twitter has a clear
+privacy policy that describes what information is made public, what information
+you may optionally provide, what information is collected in logs, and what
+information is to be kept private except under certain circumstances. [14]  I
+don't know of any occasion on which Twitter has failed to adhere to this policy,
+so if you agree with this policy then Twitter passes criterion three.  Twitter's
+terms of service explicitly leave you with the rights to your information, but
+you must agree to grant Twitter "a worldwide, non-exclusive, royalty-free
+license (with the right to sublicense) to use, copy, reproduce, process, adapt,
+modify, publish, transmit, display and distribute [your information] in any and
+all media or distribution methods (now known or later developed)". [15]  Again
+this is standard licensing language that allows Twitter to publish the
+information you post, and I conclude that with these terms Twitter passes the
+fourth criterion.  In summary, Twitter passes two out of the four criteria; it's
+not completely ethical since it leaves you without important freedoms and at the
+mercy of a single centralized provider, but it seems it's not as bad as Facebook
+is in terms of privacy.
+
+Next up is Identi.ca.  Identi.ca is an instance of StatusNet, a free software
+microblogging platform that is similar in function to Twitter.  StatusNet is
+licensed under the GNU Affero General Public License, which requires that all
+users, including those who use the software over a network, have all of the
+necessary freedoms with the software.  With this license, StatusNet, and
+therefore Identi.ca, pass criterion one beautifully.  StatusNet implements the
+OStatus protocol, which allows users of other installations of StatusNet (or
+even other software such as GNU Social) to communicate seamlessly.  With this,
+StatusNet and GNU Social (and instances of the software such as Identi.ca) are
+federated and pass criterion two.  If you choose to use Identi.ca instead of
+running StatusNet or GNU Social on your own computer, then criteria three and
+four apply.  Identi.ca has a very clear privacy policy that describes what
+information is made public, what information remains private, and how
+information may be used by Identi.ca, by users, and by other instances of
+StatusNet and GNU Social. [16]  With this, Identi.ca passes criterion three.
+Identi.ca's terms of service make no claims to copyright on your information.
+The terms require that you grant Identi.ca "a world-wide, royalty-free, and
+non-exclusive license to reproduce, modify, adapt and publish the Content solely
+for the purpose of displaying, distributing and promoting your notice stream".
+They also require that you "grant all readers the right to use, re-use, modify
+and/or re-distribute the Content under the terms of the Creative Commons
+Attribution 3.0 [Public License]". [17]  This license allows readers to share
+your notices, to modify your notices, and to incorporate your notices in larger
+works, as long as they give you credit for your words and do not misrepresent
+you.  These are agreeable terms that leave you in control of your information
+and allow the world to share and build upon your work, so we can conclude that 
+denti.ca passes criterion four.  Identi.ca, which runs the free social
+networking platform StatusNet, passes all four criteria.  It is an ethical
+platform and service that protects your privacy, autonomy, and freedom.
+Because of this, I myself use Identi.ca. [18]  Since the software is free,
+before registering I checked the source code to make sure that my password would
+be stored securely.  And since the software is federated, I reserve the right,
+especially if Identi.ca in the future ever fails criteria three and four or
+ceases to exist, to move to my own self-hosted instance of the software without
+losing contact with other users.
+
+These three cases are just examples of popular platforms.  There are of course
+many others.  Google recently opened up their new platform, Google+, which so
+far is neither free nor federated.  The Diaspora project began in response to
+outrage over privacy on Facebook; Diaspora itself is free and federated, and
+there are hosted Diaspora services with decent privacy policies.  Finally, I
+don't claim that these criteria are perfect; they are merely the result of
+observations I've made.  A similar set of criteria for "freedom in the 'cloud'"
+has recently been offered by Georg Greve, founder of the Free Software
+Foundation Europe. [19]
+
+References:
+-----------
+
+1.  "Five Hidden Dangers of Facebook".  <span class="cite-title">CBS
+    News</span>.  CBS Interactive Inc.  May 11, 2010.
+    &lt;<http://www.cbsnews.com/stories/2010/0/08/earlyshow/saturday/main6469373.shtml>&gt;.
+2.  Barnett, Emma.  "Your data is Facebook's most valuable asset".
+    <span class="cite-title">The Telegraph</span>.  Telegraph Media Group
+    Limited.  January 17, 2011.
+    &lt;<http://www.telegraph.co.uk/technology/facebook/8264210/Your-data-is-Facebooks-most-valuable-asset.html>&gt;.
+3.  Steel, Emily and Fowler, Geoffery A.  "Facebook in Online Privacy Breach;
+    Applications Transmitting Identifying Information".
+    <span class="cite-title">The Wall Street Journal</span>.  Dow Jones &amp;
+    Company, Inc.  October 18, 2010.
+    &lt;<http://online.wsj.com/article/SB10001424052702304772804575558484075236968.html>&gt;.
+4.  Gannes, Liz.  "Facebook facial recognition prompts EU privacy probe".
+    <span class="cite-title">CNET News</span>.  CBS Interactive Inc.  June 8,
+    2011.
+    &lt;<http://news.cnet.com/8301-1023_3-20070148-93/facebook-facial-recognition-prompts-eu-privacy-probe/>&gt;.
+5.  Snyder, Bill.  "Facebook Facial Recognition: Why It's a Threat to Privacy".
+    <span class="cite-title">PCWorld</span>.  PCWorld Communications, Inc.  June
+    21, 2011.
+    &lt;<http://www.pcworld.com/article/230790/facebook_facial_recognition_why_its_a_threat_to_privacy.html>&gt;.
+6.  Tynan, Dan.  "Facebook ads use your face for free".
+    <span class="cite-title">ITworld</span>.  ITworld.  January 25, 2011.
+    &lt;<http://www.itworld.com/internet/134677/facebook-ads-use-your-face-free>&gt;.
+7.  Williamson, Elizabeth; Schatz, Amy; and Fowler, Geoffery A.  "Facebook
+    Seeking Friends in Beltway".  <span class="cite-title">The Wall Street
+    Journal</span>.  Dow Jones &amp; Company, Inc.  April 20, 2011.
+    &lt;<http://online.wsj.com/article/SB10001424052748703789104576273242590724876.html>&gt;.
+8.  Crovitz, L. Gordon.  "Facebook's Dubious New Friends".
+    <span class="cite-title">The Wall Street Journal</span>.  Dow Jones &amp;
+    Company, Inc.  May 2, 2011.
+    &lt;<http://online.wsj.com/article/SB10001424052748703567404576293233665299792.html>&gt;.
+9.  Higgins, Alexander.  "Facebook Now Helping Governments Spy On And Arrest
+    Peaceful Activists".  <span class="cite-title">The Intel Hub</span>.  The
+    Intel Hub.  July 9, 2011.
+    &lt;<http://theintelhub.com/2011/07/09/facebook-now-helping-governments-spy-on-and-arrest-peaceful-activists/>&gt;.
+10. Last, Jeremy.  "Israel uses Facebook to blacklist, detain or deport Tel
+    Aviv-bound travellers".  <span class="cite-title">thestar.com</span>.
+    Toronto Star.  July 8, 2011.
+    &lt;<http://www.thestar.com/news/world/article/1022008--israel-uses-facebook-to-blacklist-detain-or-deport-tel-aviv-bound-travellers>&gt;.
+11. Roosendaal, Arnold.  "Facebook Tracks and Traces Everyone: Like This!".
+    <span class="cite-title">Social Science Research Network</span>.  Social
+    Science Electronic Publishing, Inc.  November 30, 2010.
+    &lt;<http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1717563>&gt;.
+12. Lee, Matt and Sullivan, John.  "Mark Zuckerberg is TIME Magazine's Person of
+    the Year? Where's the "dislike" button?".  <span class="cite-title">Free
+    Software Foundation</span>.  Free Software Foundation, Inc.  February
+    3, 2011.  &lt;<http://www.fsf.org/facebook>&gt;.
+13. "Statement of Rights and Responsibilities".
+    <span class="cite-title">Facebook</span>.  Facebook, Inc.  April 26, 2011.
+    &lt;<http://www.facebook.com/terms.php>&gt;.
+14. "Twitter Privacy Policy".  <span class="cite-title">Twitter</span>.  Twitter
+    Inc.  June 23, 2011.  &lt;<http://twitter.com/privacy>&gt;.
+15. "Twitter Terms of Service".  <span class="cite-title">Twitter</span>.
+    Twitter Inc.  June 1, 2011.  &lt;<http://twitter.com/tos>&gt;.
+16. "Privacy".  <span class="cite-title">Identi.ca</span>.  StatusNet Inc.
+    &lt;<http://identi.ca/doc/privacy>&gt;.
+17. "Tos".  <span class="cite-title">Identi.ca</span>.  StatusNet Inc.
+    &lt;<http://identi.ca/doc/tos>&gt;.
+18. McDermott, P. J.  "P. J. McDermott (pehjota)".
+    <span class="cite-title">Identi.ca</span>.  StatusNet Inc.
+    &lt;<http://identi.ca/pehjota>&gt;.
+19. Greve, Georg C. F.  "Freedom in the 'Cloud'?".
+    <span class="cite-title">freedom bits</span>.  Free Software Foundation
+    Europe e.V.  July 30, 2011.  &lt;<http://blogs.fsfe.org/greve/?p=452>&gt;.
+
+<!--#include virtual="/includes/footer.html" -->