summaryrefslogtreecommitdiffstats
path: root/essays/social-networking.html
blob: 47acb13b433e34932c250baaa1ef5e466d5f18b9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
<!--#set var="title" value="On Facebook, Google+, and Ethical Social Networking" -->
<!--#include virtual="../includes/header.html" -->
<h2>On Facebook, Google+, and Ethical Social Networking</h2>
<p>
	TO COME: An introduction and a section on Google+.
</p>
<h3>The Ethics of Facebook</h3>
<p>
	Facebook shares their users' personal information with third parties.
	They use mere Web site design changes as an excuse to revert users'
	privacy settings to unsafe defaults.  Their social platform has huge
	security holes that allow personal information to be leaked.  One such
	hole made some users' private chats accessible to all of their contacts.
	Facebook also exposes users to malware and identity theft. [1] They
	make it easy for application developers to collect personal information.
	[2] The Wall Street Journal found that these application developers
	collect this personal information, link it with other information, and
	sell it to others. [3]
</p>
<p>
	In general, Facebook has always operated on an opt-out basis.  In some
	cases, you can actually disable third-party access to your information.
	But you must always be on the lookout for new "features" or changes to
	privacy settings.  Facebook always changes the way it collects
	information, and it catches many people unaware.  But it's impossible to
	opt out of things you don't even know about.  Recently, Facebook added a
	feature they call "tag suggestions".  If you have photos on your
	profile, Facebook can pick out people's faces and suggest names for
	them.  This may sound useful, but it's the tip of an almost nightmarish
	ethics iceberg in information systems.  Facebook uses facial recognition
	software to make this work; they scan already-tagged photos and record
	distinguishing facial features and then find photos with similar faces
	and give them names.  They maintain a database of people's facial
	features.  They never notified anyone about this database.  They never
	asked users if they could record this information.  Instead, of course,
	they made it an opt-out feature; you have to explicitly disable this
	hidden feature to keep your facial information out of the database.
	This new feature has even sparked an investigation by the European
	Union. [4][5] But just imagine what Facebook could do with this
	information (and consider their track record with personal information).
	I suspect they may soon start selling facial data to other companies,
	law enforcement agencies, and oppressive governments (I've heard that
	the U.K. once used video camera footage to locate and arrest protesters,
	so imagine what they could do with facial data).
</p>
<p>
	Basically, Facebook is a business.  And you are not their customer.  You
	are their product.  They are, in fact, selling their products to
	advertisers.  That is, they use a person's face (without getting
	permission and without paying anything) to advertise things to that
	person's friends.  Claim to like something, and you've given a product
	endorsement at a price advertising agencies would love. [6]
</p>
<p>
	And they also seem to like selling out their users to governments and
	limiting what their users can read and say.  After their recent
	collaboration with Chinese partners, the Facebook platform was allowed
	into China under political censorship.  At the time, Facebook lobbyist
	Adam Conner remarked, "we're allowing too much, maybe, free speech".
	[7][8] The Associated Press reported last month that Facebook sold out
	hundreds of peaceful pro-Palestinian activists who had been organizing
	events through the social platform.  Facebook allowed governments to
	track its users' activities.  As a result, more than 300 peaceful
	activists were added to airline terrorism watch lists and denied the
	right to leave their countries.  International air travel was disrupted
	as planes from Geneva and Italy were diverted for security inspections.
	310 people were detained after landing in Israel on their way to stand
	with Palestinians in a peaceful mission of solidarity and fact-finding.
	[9][10] Imagine what might have happened if Facebook (and widespread
	publicly-accessible computer networks for that matter) existed during
	the civil rights movement.  Would there be racial equality in the United
	States today?  Or would peaceful protesters organizing events have been
	sold out and arrested before they could even meet?
</p>
<p>
	But it seems you don't even have to use Facebook to get tracked by
	Facebook.  Everyone who sees a "Like" button somewhere on the Web (as
	I'm sure you have) can be tracked.  Facebook has the ability to map out
	the browsing behavior of a massive number (a number that grows by tens
	of millions each month) of Web users, even those who don't use Facebook.
	[11] Again, imagine what they could do with such vast amounts of
	information.
</p>
<p>
	Things like these gaping holes in privacy, devious information
	collection practices, abuse of users, censorship, and tracking inspired
	Matt Lee, campaigns manager, and John Sullivan, executive director, of
	the Free Software Foundation to write about Facebook's poor track record
	with privacy and create rather amusing "Dislike" and "not f'd" buttons. [12]
</p>
<h3>Ethical Social Networking</h3>
<p>
	TODO: Move characteristic four into a note somewhere, as it is rare for a
	service provider to attempt to claim copyright on user-submitted works.
	Also, refer to the Franklin Street Statement.
</p>
<p>
	But social networking is not inherently evil.  You can connect with old
	friends and discover new ones without sacrificing privacy, security,
	autonomy, and freedom.  You just have to be careful about the platforms
	you use.  I've identified four basic characteristics that a social
	networking platform must have for it to be an ethical one that doesn't
	abuse its users.  The first two characteristics are universal; all
	viable platforms, whether running on your own computer or hosted by a
	service provider, must have these.  The last two apply only if you
	choose to use a platform that is run by someone else as a service.
</p>
<ol>
	<li>
		Software freedom.  You must be free to use the software that powers
		the social networking platform on your own computer without
		restrictions.  You must be free to inspect the software and modify
		it.  You must be free to share the software with others, with or
		without modifications.  With these freedoms, you have full control
		over your social networking and you can decide who has access to
		which personal information.  Without these freedoms, only the
		developer can decide what the software does, and you may not even
		be allowed to know what it does to you.
	</li>
	<li>
		Federation.  You must be able to run the software on your own
		computer and still be able to communicate with other people using
		other copies of the software.  If the software has protocols for
		communication between users across multiple installations, then the
		software is federated.  For example, e-mail is federated; you can
		run your own mail server and still send mail to other people who
		use other servers.  This is because all standards-compliant mail
		servers speak the same protocol.
	</li>
	<li>
		Privacy.  If you choose to use a social networking service run by
		someone else, the service must offer a clear and agreeable privacy
		policy to which the service provider must strictly adhere.  The
		service provider must not be allowed to give your personal
		information to third parties without your consent (unless required
		by law) or use your information in ways that threaten your privacy
		and autonomy.
	</li>
	<li>
		No claims of copyright.  The service provider must agree that your
		personal information is yours, not theirs.  There must not be any
		claims of copyright on the information you provide.  The provider
		may, however, require you to license such information to them
		and/or to others for it to be published on the service; in this
		case, you should make sure you agree with the license terms before
		using the service.
	</li>
</ol>
<p>
	Let's look at some social networking platforms and see how they adhere
	to these criteria.  We'll start with Facebook.  Facebook fails criterion
	one; you cannot run, inspect, modify, or share the software that powers
	Facebook.  This means it also fails criterion two; it is inherently not
	federated because you cannot run it on your own computer.  Since
	Facebook is not federated and you're stuck with the hosted service,
	criteria three and four apply.  Facebook has a terrible track record
	with privacy and therefore fails criterion three.  According to their
	terms of service, you retain copyright on your information and give
	Facebook "a non-exclusive, transferable, sub-licensable, royalty-free,
	worldwide license to use" your information. [13] This is standard
	licensing language that allows Facebook to publish information you
	submit, and with these terms Facebook seems to pass criterion four.
	(I've heard that Facebook claims or used to claim copyright on your
	information, but seeing these terms of service I'll give Facebook the
	benefit of the doubt here.)  Facebook fails three out of the four
	criteria, and we can conclude that Facebook is an unethical social
	networking platform.
</p>
<p>	
	Next we'll evaluate Twitter.  Again, it fails criterion one since you
	cannot run, inspect, modify, or share the software.  And again it fails
	criterion two since you cannot run the software on your own computer.
	Twitter has a clear privacy policy that describes what information is
	made public, what information you may optionally provide, what
	information is collected in logs, and what information is to be kept
	private except under certain circumstances. [14] I don't know of any
	occasion on which Twitter has failed to adhere to this policy, so if you
	agree with this policy then Twitter passes criterion three.  Twitter's
	terms of service explicitly leave you with the rights to your
	information, but you must agree to grant Twitter "a worldwide,
	non-exclusive, royalty-free license (with the right to sublicense) to
	use, copy, reproduce, process, adapt, modify, publish, transmit, display
	and distribute [your information] in any and all media or distribution
	methods (now known or later developed)". [15] Again this is standard
	licensing language that allows Twitter to publish the information you
	post, and I conclude that with these terms Twitter passes the fourth
	criterion.  In summary, Twitter passes two out of the four criteria;
	it's not completely ethical since it leaves you without important
	freedoms and at the mercy of a single centralized provider, but it seems
	it's not as bad as Facebook is in terms of privacy.
</p>
<p>	
	Next up is Identi.ca.  Identi.ca is an instance of StatusNet, a free
	software microblogging platform that is similar in function to Twitter.
	StatusNet is licensed under the GNU Affero General Public License,
	which requires that all users, including those who use the software over
	a network, have all of the necessary freedoms with the software.  With
	this license, StatusNet, and therefore Identi.ca, pass criterion one
	beautifully.  StatusNet implements the OStatus protocol, which allows
	users of other installations of StatusNet (or even other software such
	as GNU Social) to communicate seamlessly.  With this, StatusNet and GNU
	Social (and instances of the software such as Identi.ca) are federated
	and pass criterion two.  If you choose to use Identi.ca instead of
	running StatusNet or GNU Social on your own computer, then criteria
	three and four apply.  Identi.ca has a very clear privacy policy that
	describes what information is made public, what information remains
	private, and how information may be used by Identi.ca, by users, and by
	other instances of StatusNet and GNU Social. [16] With this, Identi.ca
	passes criterion three.  Identi.ca's terms of service make no claims to
	copyright on your information.  The terms require that you grant
	Identi.ca "a world-wide, royalty-free, and non-exclusive license to
	reproduce, modify, adapt and publish the Content solely for the purpose
	of displaying, distributing and promoting your notice stream".  They
	also require that you "grant all readers the right to use, re-use,
	modify and/or re-distribute the Content under the terms of the Creative
	Commons Attribution 3.0 [Public License]". [17] This license allows
	readers to share your notices, to modify your notices, and to
	incorporate your notices in larger works, as long as they give you
	credit for your words and do not misrepresent you.  These are agreeable
	terms that leave you in control of your information and allow the world
	to share and build upon your work, so we can conclude that Identi.ca
	passes criterion four.  Identi.ca, which runs the free social networking
	platform StatusNet, passes all four criteria.  It is an ethical platform
	and service that protects your privacy, autonomy, and freedom.  Because
	of this, I myself use Identi.ca. [18] Since the software is free, before
	registering I checked the source code to make sure that my password
	would be stored securely.  And since the software is federated, I
	reserve the right, especially if Identi.ca in the future ever fails
	criteria three and four or ceases to exist, to move to my own
	self-hosted instance of the software without losing contact with other
	users.
</p>
<p>	
	These three cases are just examples of popular platforms.  There are of
	course many others.  Google recently opened up their new platform,
	Google+, which so far is neither free nor federated.  The Diaspora
	project began in response to outrage over privacy on Facebook; Diaspora
	itself is free and federated, and there are hosted Diaspora services
	with decent privacy policies.  Finally, I don't claim that these
	criteria are perfect; they are merely the result of observations I've
	made.  A similar set of criteria for "freedom in the 'cloud'" has
	recently been offered by Georg Greve, founder of the Free Software
	Foundation Europe. [19]
</p>
<h3>References:</h3>
<ol>
	<li>
		"Five Hidden Dangers of Facebook".  <span class="cite-title">CBS News</span>.  CBS Interactive
		Inc.  May 11, 2010.
		<a href="http://www.cbsnews.com/stories/2010/0/08/earlyshow/saturday/main6469373.shtml">&lt;http://www.cbsnews.com/stories/2010/0/08/earlyshow/saturday/main6469373.shtml&gt;</a>.
	</li>
	<li>
		Barnett, Emma.  "Your data is Facebook's most valuable asset".
		<span class="cite-title">The Telegraph</span>.  Telegraph Media Group Limited.  January 17,
		2011.
		<a href="http://www.telegraph.co.uk/technology/facebook/8264210/Your-data-is-Facebooks-most-valuable-asset.html">&lt;http://www.telegraph.co.uk/technology/facebook/8264210/Your-data-is-Facebooks-most-valuable-asset.html&gt;</a>.
	</li>
	<li>
		Steel, Emily and Fowler, Geoffery A.  "Facebook in Online Privacy
		Breach; Applications Transmitting Identifying Information".  <span class="cite-title">The
		Wall Street Journal</span>.  Dow Jones &amp; Company, Inc.  October 18,
		2010.
		<a href="http://online.wsj.com/article/SB10001424052702304772804575558484075236968.html">&lt;http://online.wsj.com/article/SB10001424052702304772804575558484075236968.html&gt;</a>.
	</li>
	<li>
		Gannes, Liz.  "Facebook facial recognition prompts EU privacy
		probe".  <span class="cite-title">CNET News</span>.  CBS Interactive Inc.  June 8, 2011.
		<a href="http://news.cnet.com/8301-1023_3-20070148-93/facebook-facial-recognition-prompts-eu-privacy-probe/">&lt;http://news.cnet.com/8301-1023_3-20070148-93/facebook-facial-recognition-prompts-eu-privacy-probe/&gt;</a>.
	</li>
	<li>
		Snyder, Bill.  "Facebook Facial Recognition: Why It's a Threat to
		Privacy".  <span class="cite-title">PCWorld</span>.  PCWorld Communications, Inc.  June 21,
		2011.
		<a href="http://www.pcworld.com/article/230790/facebook_facial_recognition_why_its_a_threat_to_privacy.html">&lt;http://www.pcworld.com/article/230790/facebook_facial_recognition_why_its_a_threat_to_privacy.html&gt;</a>.
	</li>
	<li>
		Tynan, Dan.  "Facebook ads use your face for free".  <span class="cite-title">ITworld</span>.
		ITworld.  January 25, 2011.
		<a href="http://www.itworld.com/internet/134677/facebook-ads-use-your-face-free">&lt;http://www.itworld.com/internet/134677/facebook-ads-use-your-face-free&gt;</a>.
	</li>
	<li>
		Williamson, Elizabeth; Schatz, Amy; and Fowler, Geoffery A.
		"Facebook Seeking Friends in Beltway".  <span class="cite-title">The Wall Street Journal</span>.
		Dow Jones &amp; Company, Inc.  April 20, 2011.
		<a href="http://online.wsj.com/article/SB10001424052748703789104576273242590724876.html">&lt;http://online.wsj.com/article/SB10001424052748703789104576273242590724876.html&gt;</a>.
	</li>
	<li>
		Crovitz, L. Gordon.  "Facebook's Dubious New Friends".  <span class="cite-title">The Wall
		Street Journal</span>.  Dow Jones &amp; Company, Inc.  May 2, 2011.
		<a href="http://online.wsj.com/article/SB10001424052748703567404576293233665299792.html">&lt;http://online.wsj.com/article/SB10001424052748703567404576293233665299792.html&gt;</a>.
	</li>
	<li>
		Higgins, Alexander.  "Facebook Now Helping Governments Spy On And
		Arrest Peaceful Activists".  <span class="cite-title">The Intel Hub</span>.  The Intel Hub.  July
		9, 2011.
		<a href="http://theintelhub.com/2011/07/09/facebook-now-helping-governments-spy-on-and-arrest-peaceful-activists/">&lt;http://theintelhub.com/2011/07/09/facebook-now-helping-governments-spy-on-and-arrest-peaceful-activists/&gt;</a>.
	</li>
	<li>
		Last, Jeremy.  "Israel uses Facebook to blacklist, detain or deport
		Tel Aviv-bound travellers".  <span class="cite-title">thestar.com</span>.  Toronto Star.  July 8,
		2011.
		<a href="http://www.thestar.com/news/world/article/1022008--israel-uses-facebook-to-blacklist-detain-or-deport-tel-aviv-bound-travellers">&lt;http://www.thestar.com/news/world/article/1022008--israel-uses-facebook-to-blacklist-detain-or-deport-tel-aviv-bound-travellers&gt;</a>.
	</li>
	<li>
		Roosendaal, Arnold.  "Facebook Tracks and Traces Everyone: Like
		This!".  <span class="cite-title">Social Science Research Network</span>.  Social Science
		Electronic Publishing, Inc.  November 30, 2010.
		<a href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1717563">&lt;http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1717563&gt;</a>.
	</li>
	<li>
		Lee, Matt and Sullivan, John.  "Mark Zuckerberg is TIME Magazine's
		Person of the Year? Where's the "dislike" button?".  <span class="cite-title">Free Software
		Foundation</span>.  Free Software Foundation, Inc.  February 3, 2011.
		<a href="http://www.fsf.org/facebook">&lt;http://www.fsf.org/facebook&gt;</a>.
	</li>
	<li>
		"Statement of Rights and Responsibilities".  <span class="cite-title">Facebook</span>.  Facebook,
		Inc.  April 26, 2011.
		<a href="http://www.facebook.com/terms.php">&lt;http://www.facebook.com/terms.php&gt;</a>.
	</li>
	<li>
		"Twitter Privacy Policy".  <span class="cite-title">Twitter</span>.  Twitter Inc.  June 23,
		2011.
		<a href="http://twitter.com/privacy">&lt;http://twitter.com/privacy&gt;</a>.
	</li>
	<li>
		"Twitter Terms of Service".  <span class="cite-title">Twitter</span>.  Twitter Inc.  June 1,
		2011.
		<a href="http://twitter.com/tos">&lt;http://twitter.com/tos&gt;</a>.
	</li>
	<li>
		"Privacy".  <span class="cite-title">Identi.ca</span>.  StatusNet Inc.
		<a href="http://identi.ca/doc/privacy">&lt;http://identi.ca/doc/privacy&gt;</a>.
	</li>
	<li>
		"Tos".  <span class="cite-title">Identi.ca</span>.  StatusNet Inc.
		<a href="http://identi.ca/doc/tos">&lt;http://identi.ca/doc/tos&gt;</a>.
	</li>
	<li>
		McDermott, P. J.  "P. J. McDermott (pehjota)".  <span class="cite-title">Identi.ca</span>.
		StatusNet Inc.
		<a href="http://identi.ca/pehjota">&lt;http://identi.ca/pehjota&gt;</a>.
	</li>
	<li>
		Greve, Georg C. F.  "Freedom in the 'Cloud'?".  <span class="cite-title">freedom bits</span>.
		Free Software Foundation Europe e.V.  July 30, 2011.
		<a href="http://blogs.fsfe.org/greve/?p=452">&lt;http://blogs.fsfe.org/greve/?p=452&gt;</a>.
	</li>
</ol>
<!--#include virtual="../includes/footer.html" -->