1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
|
<!--#set var="title" value="On Facebook, Google+, and Ethical Social Networking" -->
<!--#include virtual="../includes/header.html" -->
<h2>On Facebook, Google+, and Ethical Social Networking</h2>
<p>
TO COME: An introduction and a section on Google+.
</p>
<h3>The Ethics of Facebook</h3>
<p>
Facebook shares their users' personal information with third parties.
They use mere Web site design changes as an excuse to revert users'
privacy settings to unsafe defaults. Their social platform has huge
security holes that allow personal information to be leaked. One such
hole made some users' private chats accessible to all of their contacts.
Facebook also exposes users to malware and identity theft. [1] They
make it easy for application developers to collect personal information.
[2] The Wall Street Journal found that these application developers
collect this personal information, link it with other information, and
sell it to others. [3]
</p>
<p>
In general, Facebook has always operated on an opt-out basis. In some
cases, you can actually disable third-party access to your information.
But you must always be on the lookout for new "features" or changes to
privacy settings. Facebook always changes the way it collects
information, and it catches many people unaware. But it's impossible to
opt out of things you don't even know about. Recently, Facebook added a
feature they call "tag suggestions". If you have photos on your
profile, Facebook can pick out people's faces and suggest names for
them. This may sound useful, but it's the tip of an almost nightmarish
ethics iceberg in information systems. Facebook uses facial recognition
software to make this work; they scan already-tagged photos and record
distinguishing facial features and then find photos with similar faces
and give them names. They maintain a database of people's facial
features. They never notified anyone about this database. They never
asked users if they could record this information. Instead, of course,
they made it an opt-out feature; you have to explicitly disable this
hidden feature to keep your facial information out of the database.
This new feature has even sparked an investigation by the European
Union. [4][5] But just imagine what Facebook could do with this
information (and consider their track record with personal information).
I suspect they may soon start selling facial data to other companies,
law enforcement agencies, and oppressive governments (I've heard that
the U.K. once used video camera footage to locate and arrest protesters,
so imagine what they could do with facial data).
</p>
<p>
Basically, Facebook is a business. And you are not their customer. You
are their product. They are, in fact, selling their products to
advertisers. That is, they use a person's face (without getting
permission and without paying anything) to advertise things to that
person's friends. Claim to like something, and you've given a product
endorsement at a price advertising agencies would love. [6]
</p>
<p>
And they also seem to like selling out their users to governments and
limiting what their users can read and say. After their recent
collaboration with Chinese partners, the Facebook platform was allowed
into China under political censorship. At the time, Facebook lobbyist
Adam Conner remarked, "we're allowing too much, maybe, free speech".
[7][8] The Associated Press reported last month that Facebook sold out
hundreds of peaceful pro-Palestinian activists who had been organizing
events through the social platform. Facebook allowed governments to
track its users' activities. As a result, more than 300 peaceful
activists were added to airline terrorism watch lists and denied the
right to leave their countries. International air travel was disrupted
as planes from Geneva and Italy were diverted for security inspections.
310 people were detained after landing in Israel on their way to stand
with Palestinians in a peaceful mission of solidarity and fact-finding.
[9][10] Imagine what might have happened if Facebook (and widespread
publicly-accessible computer networks for that matter) existed during
the civil rights movement. Would there be racial equality in the United
States today? Or would peaceful protesters organizing events have been
sold out and arrested before they could even meet?
</p>
<p>
But it seems you don't even have to use Facebook to get tracked by
Facebook. Everyone who sees a "Like" button somewhere on the Web (as
I'm sure you have) can be tracked. Facebook has the ability to map out
the browsing behavior of a massive number (a number that grows by tens
of millions each month) of Web users, even those who don't use Facebook.
[11] Again, imagine what they could do with such vast amounts of
information.
</p>
<p>
Things like these gaping holes in privacy, devious information
collection practices, abuse of users, censorship, and tracking inspired
Matt Lee, campaigns manager, and John Sullivan, executive director, of
the Free Software Foundation to write about Facebook's poor track record
with privacy and create rather amusing "Dislike" and "not f'd" buttons. [12]
</p>
<h3>Ethical Social Networking</h3>
<p>
TODO: Move characteristic four into a note somewhere, as it is rare for a
service provider to attempt to claim copyright on user-submitted works.
Also, refer to the Franklin Street Statement.
</p>
<p>
But social networking is not inherently evil. You can connect with old
friends and discover new ones without sacrificing privacy, security,
autonomy, and freedom. You just have to be careful about the platforms
you use. I've identified four basic characteristics that a social
networking platform must have for it to be an ethical one that doesn't
abuse its users. The first two characteristics are universal; all
viable platforms, whether running on your own computer or hosted by a
service provider, must have these. The last two apply only if you
choose to use a platform that is run by someone else as a service.
</p>
<ol>
<li>
Software freedom. You must be free to use the software that powers
the social networking platform on your own computer without
restrictions. You must be free to inspect the software and modify
it. You must be free to share the software with others, with or
without modifications. With these freedoms, you have full control
over your social networking and you can decide who has access to
which personal information. Without these freedoms, only the
developer can decide what the software does, and you may not even
be allowed to know what it does to you.
</li>
<li>
Federation. You must be able to run the software on your own
computer and still be able to communicate with other people using
other copies of the software. If the software has protocols for
communication between users across multiple installations, then the
software is federated. For example, e-mail is federated; you can
run your own mail server and still send mail to other people who
use other servers. This is because all standards-compliant mail
servers speak the same protocol.
</li>
<li>
Privacy. If you choose to use a social networking service run by
someone else, the service must offer a clear and agreeable privacy
policy to which the service provider must strictly adhere. The
service provider must not be allowed to give your personal
information to third parties without your consent (unless required
by law) or use your information in ways that threaten your privacy
and autonomy.
</li>
<li>
No claims of copyright. The service provider must agree that your
personal information is yours, not theirs. There must not be any
claims of copyright on the information you provide. The provider
may, however, require you to license such information to them
and/or to others for it to be published on the service; in this
case, you should make sure you agree with the license terms before
using the service.
</li>
</ol>
<p>
Let's look at some social networking platforms and see how they adhere
to these criteria. We'll start with Facebook. Facebook fails criterion
one; you cannot run, inspect, modify, or share the software that powers
Facebook. This means it also fails criterion two; it is inherently not
federated because you cannot run it on your own computer. Since
Facebook is not federated and you're stuck with the hosted service,
criteria three and four apply. Facebook has a terrible track record
with privacy and therefore fails criterion three. According to their
terms of service, you retain copyright on your information and give
Facebook "a non-exclusive, transferable, sub-licensable, royalty-free,
worldwide license to use" your information. [13] This is standard
licensing language that allows Facebook to publish information you
submit, and with these terms Facebook seems to pass criterion four.
(I've heard that Facebook claims or used to claim copyright on your
information, but seeing these terms of service I'll give Facebook the
benefit of the doubt here.) Facebook fails three out of the four
criteria, and we can conclude that Facebook is an unethical social
networking platform.
</p>
<p>
Next we'll evaluate Twitter. Again, it fails criterion one since you
cannot run, inspect, modify, or share the software. And again it fails
criterion two since you cannot run the software on your own computer.
Twitter has a clear privacy policy that describes what information is
made public, what information you may optionally provide, what
information is collected in logs, and what information is to be kept
private except under certain circumstances. [14] I don't know of any
occasion on which Twitter has failed to adhere to this policy, so if you
agree with this policy then Twitter passes criterion three. Twitter's
terms of service explicitly leave you with the rights to your
information, but you must agree to grant Twitter "a worldwide,
non-exclusive, royalty-free license (with the right to sublicense) to
use, copy, reproduce, process, adapt, modify, publish, transmit, display
and distribute [your information] in any and all media or distribution
methods (now known or later developed)". [15] Again this is standard
licensing language that allows Twitter to publish the information you
post, and I conclude that with these terms Twitter passes the fourth
criterion. In summary, Twitter passes two out of the four criteria;
it's not completely ethical since it leaves you without important
freedoms and at the mercy of a single centralized provider, but it seems
it's not as bad as Facebook is in terms of privacy.
</p>
<p>
Next up is Identi.ca. Identi.ca is an instance of StatusNet, a free
software microblogging platform that is similar in function to Twitter.
StatusNet is licensed under the GNU Affero General Public License,
which requires that all users, including those who use the software over
a network, have all of the necessary freedoms with the software. With
this license, StatusNet, and therefore Identi.ca, pass criterion one
beautifully. StatusNet implements the OStatus protocol, which allows
users of other installations of StatusNet (or even other software such
as GNU Social) to communicate seamlessly. With this, StatusNet and GNU
Social (and instances of the software such as Identi.ca) are federated
and pass criterion two. If you choose to use Identi.ca instead of
running StatusNet or GNU Social on your own computer, then criteria
three and four apply. Identi.ca has a very clear privacy policy that
describes what information is made public, what information remains
private, and how information may be used by Identi.ca, by users, and by
other instances of StatusNet and GNU Social. [16] With this, Identi.ca
passes criterion three. Identi.ca's terms of service make no claims to
copyright on your information. The terms require that you grant
Identi.ca "a world-wide, royalty-free, and non-exclusive license to
reproduce, modify, adapt and publish the Content solely for the purpose
of displaying, distributing and promoting your notice stream". They
also require that you "grant all readers the right to use, re-use,
modify and/or re-distribute the Content under the terms of the Creative
Commons Attribution 3.0 [Public License]". [17] This license allows
readers to share your notices, to modify your notices, and to
incorporate your notices in larger works, as long as they give you
credit for your words and do not misrepresent you. These are agreeable
terms that leave you in control of your information and allow the world
to share and build upon your work, so we can conclude that Identi.ca
passes criterion four. Identi.ca, which runs the free social networking
platform StatusNet, passes all four criteria. It is an ethical platform
and service that protects your privacy, autonomy, and freedom. Because
of this, I myself use Identi.ca. [18] Since the software is free, before
registering I checked the source code to make sure that my password
would be stored securely. And since the software is federated, I
reserve the right, especially if Identi.ca in the future ever fails
criteria three and four or ceases to exist, to move to my own
self-hosted instance of the software without losing contact with other
users.
</p>
<p>
These three cases are just examples of popular platforms. There are of
course many others. Google recently opened up their new platform,
Google+, which so far is neither free nor federated. The Diaspora
project began in response to outrage over privacy on Facebook; Diaspora
itself is free and federated, and there are hosted Diaspora services
with decent privacy policies. Finally, I don't claim that these
criteria are perfect; they are merely the result of observations I've
made. A similar set of criteria for "freedom in the 'cloud'" has
recently been offered by Georg Greve, founder of the Free Software
Foundation Europe. [19]
</p>
<h3>References:</h3>
<ol>
<li>
"Five Hidden Dangers of Facebook". <span class="cite-title">CBS News</span>. CBS Interactive
Inc. May 11, 2010.
<a href="http://www.cbsnews.com/stories/2010/0/08/earlyshow/saturday/main6469373.shtml"><http://www.cbsnews.com/stories/2010/0/08/earlyshow/saturday/main6469373.shtml></a>.
</li>
<li>
Barnett, Emma. "Your data is Facebook's most valuable asset".
<span class="cite-title">The Telegraph</span>. Telegraph Media Group Limited. January 17,
2011.
<a href="http://www.telegraph.co.uk/technology/facebook/8264210/Your-data-is-Facebooks-most-valuable-asset.html"><http://www.telegraph.co.uk/technology/facebook/8264210/Your-data-is-Facebooks-most-valuable-asset.html></a>.
</li>
<li>
Steel, Emily and Fowler, Geoffery A. "Facebook in Online Privacy
Breach; Applications Transmitting Identifying Information". <span class="cite-title">The
Wall Street Journal</span>. Dow Jones & Company, Inc. October 18,
2010.
<a href="http://online.wsj.com/article/SB10001424052702304772804575558484075236968.html"><http://online.wsj.com/article/SB10001424052702304772804575558484075236968.html></a>.
</li>
<li>
Gannes, Liz. "Facebook facial recognition prompts EU privacy
probe". <span class="cite-title">CNET News</span>. CBS Interactive Inc. June 8, 2011.
<a href="http://news.cnet.com/8301-1023_3-20070148-93/facebook-facial-recognition-prompts-eu-privacy-probe/"><http://news.cnet.com/8301-1023_3-20070148-93/facebook-facial-recognition-prompts-eu-privacy-probe/></a>.
</li>
<li>
Snyder, Bill. "Facebook Facial Recognition: Why It's a Threat to
Privacy". <span class="cite-title">PCWorld</span>. PCWorld Communications, Inc. June 21,
2011.
<a href="http://www.pcworld.com/article/230790/facebook_facial_recognition_why_its_a_threat_to_privacy.html"><http://www.pcworld.com/article/230790/facebook_facial_recognition_why_its_a_threat_to_privacy.html></a>.
</li>
<li>
Tynan, Dan. "Facebook ads use your face for free". <span class="cite-title">ITworld</span>.
ITworld. January 25, 2011.
<a href="http://www.itworld.com/internet/134677/facebook-ads-use-your-face-free"><http://www.itworld.com/internet/134677/facebook-ads-use-your-face-free></a>.
</li>
<li>
Williamson, Elizabeth; Schatz, Amy; and Fowler, Geoffery A.
"Facebook Seeking Friends in Beltway". <span class="cite-title">The Wall Street Journal</span>.
Dow Jones & Company, Inc. April 20, 2011.
<a href="http://online.wsj.com/article/SB10001424052748703789104576273242590724876.html"><http://online.wsj.com/article/SB10001424052748703789104576273242590724876.html></a>.
</li>
<li>
Crovitz, L. Gordon. "Facebook's Dubious New Friends". <span class="cite-title">The Wall
Street Journal</span>. Dow Jones & Company, Inc. May 2, 2011.
<a href="http://online.wsj.com/article/SB10001424052748703567404576293233665299792.html"><http://online.wsj.com/article/SB10001424052748703567404576293233665299792.html></a>.
</li>
<li>
Higgins, Alexander. "Facebook Now Helping Governments Spy On And
Arrest Peaceful Activists". <span class="cite-title">The Intel Hub</span>. The Intel Hub. July
9, 2011.
<a href="http://theintelhub.com/2011/07/09/facebook-now-helping-governments-spy-on-and-arrest-peaceful-activists/"><http://theintelhub.com/2011/07/09/facebook-now-helping-governments-spy-on-and-arrest-peaceful-activists/></a>.
</li>
<li>
Last, Jeremy. "Israel uses Facebook to blacklist, detain or deport
Tel Aviv-bound travellers". <span class="cite-title">thestar.com</span>. Toronto Star. July 8,
2011.
<a href="http://www.thestar.com/news/world/article/1022008--israel-uses-facebook-to-blacklist-detain-or-deport-tel-aviv-bound-travellers"><http://www.thestar.com/news/world/article/1022008--israel-uses-facebook-to-blacklist-detain-or-deport-tel-aviv-bound-travellers></a>.
</li>
<li>
Roosendaal, Arnold. "Facebook Tracks and Traces Everyone: Like
This!". <span class="cite-title">Social Science Research Network</span>. Social Science
Electronic Publishing, Inc. November 30, 2010.
<a href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1717563"><http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1717563></a>.
</li>
<li>
Lee, Matt and Sullivan, John. "Mark Zuckerberg is TIME Magazine's
Person of the Year? Where's the "dislike" button?". <span class="cite-title">Free Software
Foundation</span>. Free Software Foundation, Inc. February 3, 2011.
<a href="http://www.fsf.org/facebook"><http://www.fsf.org/facebook></a>.
</li>
<li>
"Statement of Rights and Responsibilities". <span class="cite-title">Facebook</span>. Facebook,
Inc. April 26, 2011.
<a href="http://www.facebook.com/terms.php"><http://www.facebook.com/terms.php></a>.
</li>
<li>
"Twitter Privacy Policy". <span class="cite-title">Twitter</span>. Twitter Inc. June 23,
2011.
<a href="http://twitter.com/privacy"><http://twitter.com/privacy></a>.
</li>
<li>
"Twitter Terms of Service". <span class="cite-title">Twitter</span>. Twitter Inc. June 1,
2011.
<a href="http://twitter.com/tos"><http://twitter.com/tos></a>.
</li>
<li>
"Privacy". <span class="cite-title">Identi.ca</span>. StatusNet Inc.
<a href="http://identi.ca/doc/privacy"><http://identi.ca/doc/privacy></a>.
</li>
<li>
"Tos". <span class="cite-title">Identi.ca</span>. StatusNet Inc.
<a href="http://identi.ca/doc/tos"><http://identi.ca/doc/tos></a>.
</li>
<li>
McDermott, P. J. "P. J. McDermott (pehjota)". <span class="cite-title">Identi.ca</span>.
StatusNet Inc.
<a href="http://identi.ca/pehjota"><http://identi.ca/pehjota></a>.
</li>
<li>
Greve, Georg C. F. "Freedom in the 'Cloud'?". <span class="cite-title">freedom bits</span>.
Free Software Foundation Europe e.V. July 30, 2011.
<a href="http://blogs.fsfe.org/greve/?p=452"><http://blogs.fsfe.org/greve/?p=452></a>.
</li>
</ol>
<!--#include virtual="../includes/footer.html" -->
|