The Conflict Between Social Media Transparency And Bad Privacy Laws Is Going To Get Worse
from the what-a-mess dept
For years I've been arguing that we're bad at regulating privacy because too many people think that privacy is a "thing" that needs to be "protected," rather than recognizing that privacy is always a series of tradeoffs. As I've pointed out a few times now, part of the problem that many people reasonably have about how internet companies are dealing with our "privacy" is the lack of transparency from those companies, making it difficult (or impossible) to accurately weigh the costs and benefits of the tradeoff choices.
It often comes down to a question of "is it worth sharing this data, in order to get this service." But to make that determination, it helps to know which data exactly, how it's being used, how it's being secured, what the likelihood is of it getting spread more widely and what the potential downstream impacts might be to me if that data does get spread more widely. If there was an accurate way to understand that, then we'd have a better sense of whether or not it's worth giving up that data in exchange for the service. But, many internet companies (from the big ones on down) are notoriously bad about providing that information, meaning that we can't make an informed decision about whether or not the tradeoffs are worth it.
And that's a big part of the reason users get so concerned whenever there's a privacy scandal. It's because that information wasn't provided to us. People didn't realize that Facebook would be enabling people to share the data of all of our friends with a sketchy corporation who might use it to suppress votes. People didn't realize that Facebook would take phone numbers provided for security purposes and use them to push advertisements and friend notifications to our phones.
But... since very few people seem to recognize that privacy is a "set of tradeoffs," too many of the regulations try to treat it as "a thing" and require companies to "protect" it -- even if that doesn't mean very much. And, even worse, trying to force companies to "protect" privacy can actually interfere with the necessary transparency that would allow individuals to better understand their privacy tradeoffs.
Case in point: a year and a half ago, Facebook agreed to support a new scholarly project to share a bunch of data with a bunch of academics in the interest of transparency. The project was dubbed Social Science One, and was funded by a bunch of big philanthropic foundations. Yet, a recent article in Buzzfeed points out that a year and a half later, Facebook still hasn't delivered most of the promised data to the waiting academics. Indeed, a follow up article notes that the big list of powerful foundations funding the whole project have now threatened to pull their funding if Facebook doesn't share the data by the end of September.
A key issue? Various attempts to regulate privacy.
A Facebook spokesperson acknowledged that some data originally promised will not be delivered, but said this is due to concerns about privacy, security, and the need to comply with regulations such as Europe’s GDPR privacy legislation. They said useful data has already been provided to researchers, and some teams are using it.
And this makes sense. Given how everyone (perhaps reasonably!) beat up on Facebook for sharing data in the past, you know that if it provides data for the Social Science One project, and somehow some of that data becomes public or is misused, Facebook will be vilified again (and, perhaps, held liable by various regulators. If it wants to provide transparency, it might have to violate privacy. But, of course, that does harm to our actual privacy, because then the public doesn't get to learn about the actual tradeoffs.
And, indeed, if anything bad happens with this data, you know that many media outlets will quickly blame Facebook, even if they're the same people now yelling about Facebook failing to deliver this data to researchers.
That's not to say that Facebook is entirely blameless here. It seems to have left everyone -- funders and academics alike -- pretty much in the dark over what was happening. That, alone, seems like a real lack of transparency on an issue where the company should have been very transparent. And some may rightly argue that there could be ulterior motives as well. If Facebook realized that this level of transparency was going to make the company look bad (as it very well might!) perhaps that's contributing to the stalling as well.
Either way, it's a no win situation. Facebook's failure to share the data after promising to, is a problem and it deserves to be criticized over it. At the same time, the privacy concerns are quite real as well. And, honestly, the very same journalists who are mocking Facebook over failing to live up to this promise, are likely the first in line who will attack the company should the data sharing lead to some sort of leak of private info.
This is why I'm so concerned with almost every current legislative approach to dealing with privacy. Over and over again it seems to set up conditions that are actually worse for real privacy and transparency, and which put the companies in much greater control. Setting up situations where you put transparency and privacy into conflict when they don't need to be, is not going to lead to good solutions for anyone. It puts both transparency and privacy at risk.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: data sharing, gdpr, privacy, trade-offs, transparency
Companies: facebook, social science one
Reader Comments
Subscribe: RSS
View by: Time | Thread
So long as regard Facebook "sharing" as enhancing privacy...
you are simply misleading netwits into the same old trap.
Starting point for reasonable: Corporations have ZERO right to collect data.
The basics that that they need to operate (a real name and credit card numbers, say) must be kept strictly to internal (each SMALL division, not vast conglomerates), nor any ID connected to IP address and what persons publish on the sites. [Note particularly that "platforms" are neither "persons" nor the "publishers", only mechanisms.]
In sum and in fine, unless STRICTLY necessary, corporations should be forbidden from collecting data AT ALL! -- How will they survive then? WHO CARES? Any more than you pirates care about copyright owners! -- The "social media" corps can similarly look for a magical "new business model", or stop operating, which is HIGHLY desirable!
The present incursions on privacy of persons and universal surveillance capitalism cannot continue and leave anything resembling 20th century freedoms, especially not with globalist mega-corporations now implementing Chinese-model "social credit scores".
[ link to this | view in thread ]
Re: So long as regard Facebook "sharing" as enhancing
Also, DON'T follow the advice of someone "supported" by GOOGLE, whose site is loaded with hundreds of K javascript having the intent of identifying and tracking you.
[ link to this | view in thread ]
Re:
Oh good, I don't have to worry about that at all. Thanks for the completely useless and unrelated information.
If you agreed to their TOS (which you did when you signed up for an account) then yes, you gave them the right to collect your data.
Not every service requires a real name or credit card. I can sign up for Facebook without a credit card and using a fake name.
Good luck with that. By default, systems log connections from IP address and record what accounts they access. That's necessary for any online system to actually function.
Well, I mean, unless the site allows for anonymous commenting (like TD) whatever you post will be tied to your account. So there's really no getting around that.
Well, that data is "STRICTLY necessary" for lots of online platforms and services. Especially ones that require you to pay for something.
Millions of people who derive great benefit and use of those services. Microsoft requires a great deal of personal info to use their Office Suite. Are you saying nobody would care if they suddenly went belly up?
Projection.
Nice of you to admit that you're completely full of it.
Only to you. A billion people literally disagree with you.
Freedoms come from the Constitution and the government, not corporations. Your freedoms are not infringed or lost based on what Facebook or any other social media platform chooses to do within the bounds of the law.
Wut. Stop talking. Your stupidity is showing.
[ link to this | view in thread ]
Re: Re:
Why? Any website or person that uses a Google service is technically supported by Google. You just implied that most of the people in the world are part of some giant Google conspiracy that does what I don't know. Take off your tin foil, it's too tight.
[ link to this | view in thread ]
Re: So long as regard Facebook "sharing" as enhancing privacy...
So when do you get to the part about how corporations should have copyrights in perpetuity, but you hate the idea of corporate-controlled speech?
[ link to this | view in thread ]
OK..
Something I dont think Others get about privacy, and Iv WARNED the younger folks about this.
Privacy ISNT the internet.
The internet is the BIGGEST Blow horn you could ever do..
Say it once, and it will be copied and posted everywhere. PERIOD.
But with that said, its also a way to Catch the idiots.
With a few monitors, and abit of backup from those ON the internet, Cops can find and see whats happening.
For those that dont know. There used to be all kinds of Newspapers.. Even private and even underground, you you would NEVER EVER see unless you were in certain groups or Circles..
It took time and effort to find and get involved with those groups, to monitor and WATCH what was happening.
Want to Join the KKK, you had to know someone, and they HAD to trust you. AND they would test you.
The internet starts, and its a few idiots, that THINK everything should be Public and Broadcast THEMSELVES and what they are doing. AND yes there are a few PRIVATE sites, for PRIVATE things. And those OUT THERE SCREAMING Stupidity, tend NOT to be in the main groups.
They are Aside, or TRYING to get into the main groups. Showoffs, that want to stand out.(and under the idea of Privacy, those are NOT the people you want in the main group. Those can be COPS/FEDS/anyone, including the Wannabe's and the couldofhad's..)
The problem, there are a few.. Those that DONT want this Above board, Out in the open. Those that ARE part of that group who want us to FORGET about them. Those blinded by ideals that dont accept that THIS IS HUMANKIND.
That Allot of Bias in 1 form or another is generally created by different things, including WAR. You want to instill HATE, Point at THEM as the cause of your problems,. you need to POINT at certain things about them to IDENTIFY WHY, they are different..
WWII Propaganda from Japan had those in the USA as Cannible.. That we ATE our children. The USA claim That THEY started the war, is abit 'Not Correct'. The idea that we have ALWAYS had enough jobs for the White people is so WRONG is stupid. Part of the Civil war was based on the idea that the NORTH didnt have ENOUGH jobs,and thought that the slave trade could be abolished to SUPPLY more jobs. Look at the history of Armies returning to the USA after WWI and WWII...NO JOBS.. which got better in the 60's..and pretty good in the 70's & 80's then the Corporate changes started.
There are lots of truth's, and LOTS of burying it under a LARGE PILE OF POOP... Mostly as an excuse not to see it, and as a way to CONTROL us.. PINT at something Else causing our problems, NOT the real cause(s).
[ link to this | view in thread ]
Wha... But... I don't even.
Mike, this is essentially what the GDPR provides. Do you have any real, legitimate complaints about how the law was written or is there some serious cognitive dissonance here?
[ link to this | view in thread ]
Re:
He has. Here, let me help you:
https://www.techdirt.com/search-g.php?q=gdpr
[ link to this | view in thread ]
PBD
Privacy by Design can ensure it's a win/win for companies and real humans
https://gpsbydesigncentre.com/the-seven-foundational-principles/
https://twitter.com/AnnCavou kian
[ link to this | view in thread ]
Re: Wha... But... I don't even.
Mike, this is essentially what the GDPR provides. Do you have any real, legitimate complaints about how the law was written or is there some serious cognitive dissonance here?
How has the GDPR made it clearer to anyone what the downstream risks of sharing my data are? Or what the possible costs and benefits are?
[ link to this | view in thread ]
Re: So long as Facebook "Trolling" privacy...
So it's Ok for a corporation to own a copyright - forever.
But it's against Cabbage Law for them to "collect" any information. Ever.
What exactly does that mean? "Can't collect information." So they can't ask you for your real name, address, phone number? Credit Card? Shipping address? Username? They can't collect your password or email address?
How would that actual work Blue_Balls? How would Amazon ship you a package? How would Facebook let you log in at all if they can't collect your name?
[ link to this | view in thread ]
Re: Re: Wha... But... I don't even.
https://gdpr-info.eu/art-5-gdpr/
According to the GDPR you must consent to the processing of your data and be informed as to the purpose of that processing including whether that data is to be shared "downstream". The risks of that processing are to be evaluated by the person to whom the data belongs.
The costs are the risks mentioned above. The benefits are in being able to use the service wanting to process your data.
It's all spelled out in the GDPR and the language isn't even overly-dense legalese. Beyond just the two things you brought up it also addresses how the data is used and how it is secured. All of the points in the main article are covered by the GDPR yet you have posted several anti-GDPR articles prior to this latest one bemoaning the lack of this kind of data protection. I'm surprised you aren't campaigning for bringing the GDPR to the US instead.
[ link to this | view in thread ]
Re: Re: So long as Facebook "Trolling" privacy...
_So it's Ok for a corporation to own a copyright - forever.
But it's against Cabbage Law for them to "collect" any information. Ever.
What exactly does that mean? "Can't collect information."_
It means that blue has officially said that corporations have zero rights to enforce copyright. (Okay, technically they do have the rights; it's just that under blue's limits and definitions they'll have to do it in the same way Article 13 must be enforced "without filters".)
[ link to this | view in thread ]