June 03, 2010

Ramblings on Privacy and Limited Access

Ever since the latest (though very likely, not the last) Facebook privacy brouhaha broke out last month, I have been struggling to formulate my thoughts on the subject into a coherent position. It has not been easy. My initial reaction was both simple and simplistic: Want privacy? Don't put shit on the Internet you wouldn't be comfortable with the entire world knowing or seeing. And as a theoretical matter, that's probably exactly right: with most positions in people's respective relationship portfolio occupied by commodity and deadweight relationships, there is no telling when betrayal might next strike. Indeed, under generally accepted principles of the venerable Realm, namely that all personal interactions are better treated as corporate transactions, we might expect that a betrayal is likely as soon as the counterparty gets a better deal (somehow defined) elsewhere. So, when reputational costs and the like associated with betraying a friendship exceed the benefits derived therefrom, we should expect—and in fact, for the sake of all that is efficient holy, demand—that at least the commodities and deadweight relationships and maybe even the value-added ones sell us out. Efficient breach! Social utility! Fuck the poor! (Wait, what?)

But the more I think about it, the more I am convinced that both as a normative and practical matter, this sort of approach to living is neither desirable nor attainable. And it is precisely that notion that I will occupy myself with in this post.

Now, above, I made the bold assertion that such a lifestyle—what I will call the persistent self-monitoring lifestyle—is problematic both normatively and practically; that requires some disaggregation. I will take the second one first, as it is less controversial. Simply as a practical matter, I am inclined to believe that in today's modern world of instant communication and information overload, very few people could practice the discipline required to constantly monitor themselves 24 hours a day, 365 days a year. Who really checks every communication, no matter how casual, for potential scandalous implications that may come to fruition—but by no means are guaranteed to—at some indefinite period in the future? The sheer thought of such an endeavor is mind-boggling: carefully considering every e-mail, every instant message, every text message, every comment on every social network and blog and website and God only knows what else? Give me a break. I'm pretty fucking obsessive-compulsive and all I manage to check with that kind of rigor is work-related communications and occasionally personal e-mails to those whom I don't know well or whom I know to be untrustworthy.

E-mails to friends, let alone good friends? IMs? Text messages? Forget about it. If someone wanted to thoroughly discredit me even more than I have thoroughly discredited myself on this blog (is that even possible?), it would not be too difficult. And I think the same could probably be said about most people who came of age in digital age—even absent the decade of insane ramblings and vitriolic self-loathing published on a public website, of course. So, in short, while the right approach from a pragmatic perspective might be draconian self-censorship, a drastically diluted notion of privacy, or some combination thereof, good luck trying to implement that. And as long as we don't, things will persist in some uneasy state of affairs—the same uneasy state, in fact, that I have found myself in explicitly for the past few weeks, and implicitly, for far longer.

More controversially, I would suggest that some middle ground where reasonable expectations of limited access akin to a real life friend circle persist is something that is quite desirable. And in that regard, the whole rigmarole over Facebook is a red herring. Arguing about what Facebook should or should not be allowed to do with its users' information is a colossal waste of time; Facebook is a private corporation and thus, by definition, its only raison d'être is to make money for its shareholders. And if the best way for it to make money is to sell its users' information, you damn well better believe it will do so as long as it can without losing those users or getting stopped by what will no doubt be a thoroughly ill-conceived and half-baked effort by some incompetent government agency or another—or worse, Congress. We can of course quibble about notice to users and terms of service and all the rest (all points on which I think Facebook has a terrible track record), but that hardly resolves the fundamental conflict apparent in the entire business model.

Facebook, however, is also just one website, the Internet is a fickle place, and social networking has relatively low transaction costs. Whether or not Facebook is the vehicle for this sort of limited sharing going forward, the larger point, I think, is that there is a demand for this sort of middle ground. This desire very much mimics what happens in real life. I may, for instance, have certain thoughts I only wish to share with some people who I trust.¹ In real life, I might pick up the phone and call a few people to tell them that (actually, I wouldn't since I never call anyone but that's besides the point). Certainly, however, I would not climb atop a building and broadcast it to everyone within listening distance with a megaphone. The same could be said about photographs and really, all kinds of personal information that isn't as private as a social security number but neither is it suitable for full public consumption.

Now, in the bad old days (the loathsome Web 1.0 world of my early college days, that is), such sharing was implemented through a haphazard collection of e-mail lists, personally hosted photo galleries (including the one on this site), AIM profiles, and all kinds of other patched together shit. There was a lot of stuff wrong with that world, and by no means am I suggesting that a return would be desirable. But at the same time, I do sort of miss the freedom of that time.

Freedom from what, you ask? Freedom from too much exposure. For example, a photo album I posted on my website would for all intents and purposes be available only to those who I wanted to see it—the people to whom I sent a link. Sure, someone who was looking for me could find me, but the chance of randoms coming across it was almost nil. Who really reads this awful website anyway? Certainly no one then and certainly no one now. And often times, that was enough. I was not posting anything I considered private per se, but I also was not as a practical matter exposing it to the whole world either. That gave me comfort. By contrast, the exact opposite is true on a social networking site, almost by design. With all information in one central location, everyone with a newsfeed would see that photo album almost immediately, my own desires notwithstanding.

So am I just harping on some tired choice over defaults then? A pull model where people have to go seeking information versus a push model where that information is sent to them? Some notion of privacy through obscurity? Actually, maybe. Or maybe I'm just getting old and am tired of having to check every week to make sure Facebook hasn't exposed all the photos tagged of me to the whole fucking Internet. Kind of a heavy price to pay for a what has become a glorified address book, no?

^ ¹ Relatively speaking, of course; absolutely speaking, I have faith in no one, least of all myself.