Hands Off My Data!

A Comparison of Privacy Representations and Expectations
on Facebook

Hayley V Fuller
Agenda

1) Research “Context”
2) Findings
Introduction Research Context
Literature Review Privacy: What do we know?

Privacy as Data Control

Privacy as Dignity

{
{

•

Westin (1967)

•Smith

(...
RQ1: How does Facebook represent online privacy within policy, as
reflected in the Statement of Rights and Responsibilitie...
Method

Qualitative Content
Analysis

{

•PIPEDA

FIPs
•Recognition of Themes
Fair Information Principles (FIPs)
Accountability
Identifying Purposes

Consent

An organization is responsible for person...
FIPs Category

Number of Sections of SRR
Coded Using FIPs
Categories
18

% of Total Number of
Sections

Limited Collection...
FIPs Category
Consent
Limiting Use/Disclosure/
Retention

% of Total SRR

% of Policy
Changes between
2011 and 2012

16% (...
FIP Category

Number of Comments
per category
51

% of Total Privacy Comments (out
of 316)
16%

2

0.6%

Limiting Use/
Dis...
When you or others who can see your content and
information use an application, your content and
information is shared wit...
70% of all user comments were related to SRR
Section 2.3

60% of those comments were about data
control

Findings Comparis...
ThemeS & Discussion Privacy Issues and Themes

Primary privacy issues:
1) Limiting Use/Disclosure/Retention
2) Consent

Se...
ThemeS : Data Control

Don Myra Gasser 2.3 needs to change in two ways.
Friends use of me [sic] FB information can not be ...
ThemeS : Data Control

How is privacy being
approached?
ThemeS : Data Control
When you or others who can see your content and
information use an application, your content and
inf...
Concluding Thoughts
Questions?
Upcoming SlideShare
Loading in …5
×

Hands Off My Data! A Comparison of Privacy Representations and Expectations on Facebook

304 views
211 views

Published on

My Major Research Paper (MRP) from the Master of Professional Communication program at Ryerson University. This MRP examines user expectations of online privacy on Facebook in relation to how Facebook represents privacy in its Statement of Rights and Responsibilities (SRR). Published in 2012.

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
304
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
1
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Hands Off My Data! A Comparison of Privacy Representations and Expectations on Facebook

  1. 1. Hands Off My Data! A Comparison of Privacy Representations and Expectations on Facebook Hayley V Fuller
  2. 2. Agenda 1) Research “Context” 2) Findings
  3. 3. Introduction Research Context
  4. 4. Literature Review Privacy: What do we know? Privacy as Data Control Privacy as Dignity { { • Westin (1967) •Smith (2000)
  5. 5. RQ1: How does Facebook represent online privacy within policy, as reflected in the Statement of Rights and Responsibilities (SRR)? RQ2: What are Facebook users’ expectations of online privacy, as reflected in user comments outlining privacy concerns in response to Facebook’s SRR? RQ3: How do user and Facebook (as reflected in the SRR) conceptualizations of privacy compare to one another? REsearch Questions
  6. 6. Method Qualitative Content Analysis { •PIPEDA FIPs •Recognition of Themes
  7. 7. Fair Information Principles (FIPs) Accountability Identifying Purposes Consent An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization’s compliance with the following principles (PIPEDA, 2011, p. 36). The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected (PIPEDA, 2011, p. 36). The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate (PIPEDA, 2011, p. 37). Limiting Collection The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means (PIPEDA, 2011, p. 39). Limiting Use, Disclosure, and Retention Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfillment of those purposes (PIPEDA, 2011, p. 39). Accuracy Safeguards Openness Individual Access Challenging Compliance Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used (PIPEDA, 2011, p. 40). Personal information shall be protected by security safeguards appropriate to the sensitivity of the information (PIPEDA, 2011, p. 40). An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information (PIPEDA, 2011, p. 41). Upon request, an individual shall be informed of the existence, use, and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate (PIPEDA, 2011, p. 42). An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals accountable for the organization’s compliance (PIPEDA, 2011, p. 43).
  8. 8. FIPs Category Number of Sections of SRR Coded Using FIPs Categories 18 % of Total Number of Sections Limited Collection 10 8% Limiting Use/ Disclosure/Retention 27 23% Accuracy Safeguards 8 11 8% 9% Openness 15 13% Accountability Identifying Purposes 0 2 0% 1.7% Individual Access Challenging Compliance 0 0 Consent 16% 0% 0% Total Sections: 116 Findings Privacy in the SRR: FIPs Coding
  9. 9. FIPs Category Consent Limiting Use/Disclosure/ Retention % of Total SRR % of Policy Changes between 2011 and 2012 16% (18 of 116 sections) 23% (27 of 116 sections) 25% 31% Findings Privacy in the SRR: Policy vs Stylistic Changes
  10. 10. FIP Category Number of Comments per category 51 % of Total Privacy Comments (out of 316) 16% 2 0.6% Limiting Use/ Disclosure/Retention 105 33% Accuracy Safeguards Openness Accountability Identifying Purposes Individual Access Challenging Compliance Approval/Disapproval Statements 5 0 41 0 0 0 0 112 1.5% 0% 13% 0% 0% 0% 0% 36% Consent Limited Collection Findings Privacy in the Comments: FIPs
  11. 11. When you or others who can see your content and information use an application, your content and information is shared with the application. We require applications to respect your privacy, and your agreement with that application will control how the application can use, store, and transfer that content and information.  (To learn more about Platform, read our Data Use Policy and Platform  Page.) Findings Privacy in the Comments: SRR Section 2.3
  12. 12. 70% of all user comments were related to SRR Section 2.3 60% of those comments were about data control Findings Comparison of Privacy Concerns
  13. 13. ThemeS & Discussion Privacy Issues and Themes Primary privacy issues: 1) Limiting Use/Disclosure/Retention 2) Consent Section 2.3 themes: 1) Data Control 2) Threats
  14. 14. ThemeS : Data Control Don Myra Gasser 2.3 needs to change in two ways. Friends use of me [sic] FB information can not be shared with any other applications. It should be very easy to provide an option that turns this data sharing off if I don't approve of how this information is being shared. I am not sure that you are taking the users right to control information seriously.
  15. 15. ThemeS : Data Control How is privacy being approached?
  16. 16. ThemeS : Data Control When you or others who can see your content and information use an application, your content and information is shared with the application. We require applications to respect your privacy, and your agreement with that application will control how the application can use, store, and transfer that content and information.  (To learn more about Platform, read our Data Use Policy and Platform  Page.)
  17. 17. Concluding Thoughts
  18. 18. Questions?

×