The End of Privacy as We Know It?: The Ethics of Privacy on Online Social Networks


Published on

This presentation explores a thesis on the ethics of privacy on online social networks. The purpose of this thesis is to determine the ethical responsibilities of online social networks to protect privacy. Although the social norms of online privacy are in flux, online social networks must employ fair information practices by notifying users when private information is shared. They must give users the opportunity to refuse consent to share information and only use information for its intended purpose. Online social networks have slowly eliminated user control without receiving meaningful user consent to do so, therefore violating the user-service provider relationship. Online social networks have also used choice architecture and design against users to push them in the direction of sharing more information than they would otherwise. By eliminating user control, online social networks have slowly destroyed privacy through unethical means.

*** 2010 Winner of Stanford University's Lyle and Olive Cook Prize for the best Ethics in Society honors thesis ***

To find out more, go to or contact Cristina Cordova at

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • My thesis is titled: The End of Privacy as We Know It? The Ethics of Privacy on Online Social Networks.
  • When you hear “Online Social Network” … most of you likely think “Facebook”
  • Some of you might think about these other social networks… but Facebook is by far the winner in today’s online social network market. If you’re on online social networks at all, its likely that you’re on Facebook, have the most friend connections on Facebook and spend much more time on Facebook than these other social networks.
  • And this is why as I’m here to talk about my thesis on the ethics of privacy on Online Social Networks, what I’m focusing on is the ethics of privacy on Facebook. Facebook is the most prominent and fastest growing technology ever. It’s extremely pervasive and persuasive making it one of the most powerful technologies ever.
  • Much has been written about Facebook and privacy in the last few weeks as they rolled out a set of new features including a feature called “open graph” (which opens your information up to third parties)
  • So why am I writing about this topic? I knew I wanted to write about privacy and the Internet… which was soon narrowed to privacy and online social networks. As I began doing my research, the area became much more interesting as privacy continued to deriorate on these services.
  • Additionally, as someone who… like many seniors… came to college and got a Facebook… it’s been an integral part of social interactions in my time at Stanford… and has changed significantly in my time here.
  • What exactly did I want to find out? I aimed to determine the ethical responsibilities of online social networks to protect privacy.
  • More generally… I asked what should the relationship between the regular user on the left (like you and me) and Facebook (lead by Mark Zuckerberg) on the right be like?
  • I found that the relationship between the two shifted in the favor of Facebook, eliminating user privacy and control while leaving the user helpless and confused.
  • Some have asked… why should I care about privacy on Facebook? It’s your personal information, that can be shared with 3rd parties and they can hold onto that information for as long as they want. Many of us joined the service with expectations of it being private, when it’s now gone public and there’s no telling what will be made public next.
  • What Is Privacy exactly? I view privacy as control. Privacy has many benefits including AutonomyRelease from PublicitySelf-Evaluation and Individual Decision-making& Limited and Protected Communication. All of these benefits, I believe, foster better communication and relationships between individuals. When Online Social Networks (OSNs) eliminate privacy, much of these benefits are lost. The relationships formed on social networks are not as valuable when users use the service as if it is public.
  • EvenFacebook views much of privacy as control… as the first page when determining your facebook privacy settings call for you to control your information.
  • I wanted to find out how privacy on social networks is different from many of the other online services we use. It’s different in the following areas: Perceived Privacy - determined by whether one is informed and whether they have control – most perceive that they have control on e-commerce and email services… this is not the case with social networksTrust is the user's belief that the service provider will be honest and act in the user's interest – again not the case with social networksUser Interface Design - design should be used to help users… in the case of online social networks – design pushes users in the wrong direction.Consequences - these affect whether people will use the website and can affect their behavior on it as well – consequences of a breach of trust are vastly different on social networks.
  • I argue that Facebook has slowly eliminated user privacy and control. I’m starting off with my first argument by showing how Facebook makes it hard for you to understand its policies
  • When you sign up for Facebook, you’re required to agree to a Privacy Policy that’s longer than the US Constitution and that most people never actually read before they agree to it. Additionally, Facebook updates these policies every few months, making it a constant duty of the user to keep up.
  • In the last five years, Facebook’s privacy policy has grown to 5,830 words from 1,004 in 2005 when I joined Facebook. Facebook’s privacy FAQ page has grown to over 45,000 words… most of which – no one reads. Additionally, the psychology behind it all suggests that the more and more information Facebook gives its users, the more confused they are… finding it too complicated to understand anything at all.
  • Another barrier to user control is that Facebook opts users in to sharing information in ways they may not want… without meaningful consent.
  • The changes at the beginning of this year opted users in to sharing their information with everyone, rather than just only friends.
  • Additionally, with Facebook’s Beacon advertising program which lead to a huge lawsuit and the recently unveiled instant personalization feature, Facebook opts you into sharing information with 3rd parties. Additionally, once these advertisers have your information, they have no obligation to delete it even if you opt out of the service.
  • Facebook claimed that a whole host of information that they told you could remain private… and now… after Facebook amassed 350 million users, much of it was proclaimed “Publicly Identifiable Information” and you cant hide it. Facebook opted users in to sharing information, regardless of previous user controls to keep that information private.
  • Facebook’s opt-out system pushes users to share more information. Choice architecture describes how decisions are influenced by how choices are presented.
  • For example, if the cookie monster is in a cafeteria line, and the veggies are up front… he’ll likely choose them over the cookies because it’s closer and an easier choice to make. Schools and governments often use choice architecture to get people to do what’s best for them… in this case – eat veggies. In the case of social networks, Facebook has pushed users in the direction that they don’t want to go… by opting them in to exposing their information to third parties and to others on the Internet that they don’t know.
  • This means that anyone can search by embarassing topic on facebook or the web “such as searching for the word drunk as I did here” and find PUBLIC status updates from those who would probably feel uncomfortable if they knew that a group of people at Stanford were reading them right now. Facebook has pushed users to share more… by opting them in intentionally.
  • Another barrier to user control is that Facebook’s privacy settings are too complicated for users
  • Here you can see how difficult it is to navigate privacy settings today. The numerous options have made it extremely difficult for a user to control their privacy…. And therefore to have any privacy whatsoever.
  • When one must go through several of these pages to control their settings, I began to question the intentions of Facebook. Why was it so hard to make your information private….
  • When its so EASY to share information??
  • All of these changes over the last few years have actually made it harder to control your information,
  • So, why would facebook attempt to eliminate user control? There exists an inherent conflict of interest in Facebook’s needs and the needs of the user. Facebook wants users to share more information so that users spend more time on the site and share more publicly available information with advertisers. The more time spent on site, the more ads that can be served up to users.
  • While the everyday user just wants to share information with their friends and family… Facebook is motivated by monetizing their free service… to the point where user interests are on the back burner.
  • As Facebook users have consistently lost control over the years, they have also lost privacy. When one has privacy, he has the ability to control his own information. I argue that control can be achieved through ethical information privacy practices.
  • Here are the ethical information privacy practices that social networks must follow. Notification – a social network must notify a user when it collects the user’s private information. Choice – a social netowrk must offer a user the opportunity to refuse consent to share information. Use – the online social network may only use the information for the purpose in which it gathered it. And security – the social network must ensure that the criteria above exist to protect the user.
  • Facebook was introduced as a private network. After it eliminated its competition and its user base became invested in the service, the company removed privacy protections.  When users are opted-in, there is no notification. Facebook shared information beyond the purpose in which it was originally gathered. 
  • Choice: Users do not have a reasonable choice, as they are not given access the private version of the service they signed up for. Various barriers to user control including more buttons and pages to make privacy changes than necessary, privacy settings changes, policy changes etc. make it more confusing and difficult for users to make an informed choice. Facebook fails to meet ethical privacy standards by failing the requirements andleaving users unprotected. The hope is that these ethical information privacy practices can be used to determine whether any social service is giving its users the control they need to protect their privacy.
  • So what now?,This is not the end of privacy as we know it. We are all looking for alternatives. Yet, it is unlikely that a wide reaching and ethically responsible social network will form in the near future.
  • Just like any other business, we must challenge social networks to do what is ethically responsible. While Facebook may apologize for pushing forward too fast, they will likely keep pushing in the same direction and apologize later. Only user outcry and government action will be able to force it to turn around and go back in the direction from which it came. Thanks for listening… if you want to read my thesis… you can do so at that link.
  • The End of Privacy as We Know It?: The Ethics of Privacy on Online Social Networks

    1. 1. The End of Privacy as We Know It?: The Ethics of Privacy on Online Social Networks<br />Cristina Cordova<br />Ethics in Society Honors Program<br />May 2010<br />
    2. 2.
    3. 3.
    4. 4.
    5. 5. Privacy In The News<br />
    6. 6. Why?<br />
    7. 7. Why?<br />
    8. 8. What?<br />I aimed to determine the ethical responsibilities of online social networks to protect privacy. <br />
    9. 9. What?<br />I aimed to determine the ethical responsibilities of online social networks to protect privacy. <br />
    10. 10. What?<br />I aimed to determine the ethical responsibilities of online social networks to protect privacy. <br />
    11. 11. Why Should You Care?<br />It’s your personal information<br />Your information may be shared with third parties (including personally identifiable information)<br />Third parties can keep your information for as long as they want<br />Many users joined when Facebook was private, assuming that Facebook would remain a private network<br />What will be made public next?<br />
    12. 12. Privacy as Control<br />Westin’s definition of “the claim of individuals, groups or institutions to determine for themselves when, how and to what extent information about them is communicated to others”<br />Autonomy<br />Release from Publicity<br />Self-Evaluation and Individual Decision-making<br />Limited and Protected Communication<br />What is privacy exactly?<br />
    13. 13. Privacy as Control<br />What is privacy exactly?<br />
    14. 14. How is privacy on social networks different?<br />Privacy on Email and E-Commerce<br /><ul><li>Perceived Privacy
    15. 15. Trust
    16. 16. User Interface Design
    17. 17. Consequences</li></li></ul><li>Facebook makes it hard for you to understand its policies<br />
    18. 18. Facebook’s Privacy Policy<br /><ul><li> Updated every few months
    19. 19. Read by very few users
    20. 20. Longer than the United States Constitution</li></li></ul><li>Facebook’s Privacy Policy<br />
    21. 21. Facebook opts users in to sharing information in ways they may not want<br />
    22. 22. Default: Opted In<br />October 2009<br />January 2010<br />
    23. 23. Default: Opted In<br />Beacon<br />Instant Personalization<br />
    24. 24. What was Private is now Public<br />
    25. 25. Choice Architecture<br />
    26. 26. Choice Architecture<br />
    27. 27. What does this mean?<br />
    28. 28. Facebook’s privacy settings are too complicated for users<br />
    29. 29. Navigating Privacy Settings<br />
    30. 30. Difficult to Privatize<br />?<br />
    31. 31. Easy to Share<br />
    32. 32. Barriers to User Control<br />
    33. 33. Why?<br />
    34. 34. Why?<br />
    35. 35. Ethical Information Privacy Practices<br />
    36. 36. Ethical Information Privacy Practices<br />
    37. 37. Abuse of Notification and Use<br />Notification<br />Use<br />
    38. 38. Abuse of Choice and Security<br />Choice<br />Security<br />
    39. 39. What Now?<br />
    40. 40. Read my thesis online here:<br />