The Glass House

Why we share our life on Facebook

Daniele Internicola
Department of Information and Media Studies Aarhus, Denmark
1

TABLE OF CONTENTS

INTRODUCTION
1. CHAPTER 1_Sharing information 1.1 Social network sites 1.1.1 Facebook and the privacy 1.1.2 Facebook's users and privacy 2. CHAPTER 2_Risks of sharing information 2.2 Identity Theft 2.3 Personal data trade 2.2.1 Public Search 2.2.2 Social Ads 2.2.3 Beacon 2.2.4 Instant personalization 3. CHAPTER 3_Sharing sensible data on the internet plaza. Why? 3.1 Inability and difficulty 3.2 Voluntarily CONCLUSION REFERENCES

Introduction Noli tu quaedam referenti credere semper: exigua est tribuenda fides, qui multa locuntur Marcus Porcius Cato

In the Internet Era everything is changed. But what does Internet offer to the people and what does it asks in exchange? Trying to answer to this question, inevitably we meet with a paradox. The paradox of the Internet consists in the fact that, on the one hand, it gives people an extraordinary freedom of expression and communication, that has never been possible at this extent before; but on the other hand, the Internet also constrains people, because it makes their private information more likely to be diffused in ways that can thwart future opportunities.(Brandimarte et al., 2009, p.5) Internet is mostly based on the concept of sharing. It is what make Internet an unlimited source of all kind of information. Probably if we are looking for something, Internet is the right tool to use in order to find it. With web 2.0 and its platforms, the boundaries of the meaning of sharing are moving in other directions. What means sharing in the real world is questioning when we talk about our involvement in online activities. How David points out: [] today on the web probably everything can be shared. (David, (n.d.), p. 84). Starting from this statement, with this paper I will try to explore the connections between Facebook, its users and their vision of privacy. In the first chapter i will do an overview of social network sites, focusing

on Facebook. What is it? How does it work? Then I will analyze Facebook users and their inclination to share personal information. The social network site is like a gold mine for those in search of personal data. Identity theft and personal data trade are real risk for who publishes his life pieces. The second chapter will show these risks of publishing data on Facebook, focusing on personal data trade. Facebook, from its boom, is trying to sell all users data to ads companies. How? And why? In the last chapter I will try to explain why users share their data in spite of risks. They are split in two typologies: on one hand, who ignores how to protect personal data on Facebook; on the other hand, who knows about privacy issues but doesn't care because online social life is more important than their personal information.

CHAPTER 1_Sharing informations.

Due to the spread of the internet, it is increased the possibility to share everything we want. Every day, new tools and services arise with the only purpose to make available news, informations to everyone and to help people in the creation of new groups and networks. 1.1 Social network sites. The most popular way to share data and meet new people online is social networking. What are social network sites? According to Boyd and Ellison social network sites [] are [...] webbased services that allow individuals to (1) construct a public or semipublic profile within a bounded system, (2) articulate a list of other users with whom they share a connection, and (3) view and traverse their list of connections and those made by others within the system (Boyd, D. M., & Ellison, N. B., 2007). The purpose of the social network sites is to aggregate people with common interests and to make easier the sharing of these ones. [] With the onset of social networks sites, we easily perceive that there is a need for sharing more intimate things.(David, (n.d.), p.84). The world is full of social networking sites that dynamically change daily. Social network sites (SNSs) have become increasingly popular, with an estimated 80 to 90 per cent of undergraduate students actively participating in such services as MySpace, Friendster and Facebook [Strater and Richter, 2007] (Cited in Young, A., & Quan-Haase, A. ,2009, p.265).

Many of these focus and specialize on specific user needs, like LinkedIn that is based on the sharing of resumes and job searching. Others try to survive offering dedicated services like Myspace; in this one it was possible share own interests on music. Myspace was considered innovative, offering to its users a total control on contents. It was advertised as a virtual stage to show your contents like music, movie, photos to the whole network. The first social network sites to use the concept of make friends (become one of the strengths of Facebook) was Friendster, with about 3 millions of members in its first 6 months of life. In 2004, Facebook began its path to stardom.

Image 1: Vincenzo Cosenza-www.vincos.it

The maps (image 1 1) shows the distribution of social network sites in the world. The countries colored in green were colonized by Facebook. With the growing spread of social networks sites, several issues relating
1 Retrieved from http://www.vincos.it/2009/06/07/la-mappa-dei-social-network-nel-mondo/

to privacy were born. Social network services are conceptually designed to lower privacy levels and to exploit the social information users provide willingly in these novel risk communities (Debatin, Bernhard et al. , 2009 p.102). In my opinion, nowadays Facebook represents a good example of this feature of the social networks. 1.1.1 Facebook and the privacy

Currently Facebook is the most used social network 2. Facebook was launched in 2004 by Mark Zuckerberg. At the beginning it was a popular social network reserved to college students. The site essentially served as an online, extended version of paper facebooks 3 that are distributed at many college campuses to incoming freshmen (Yasamine Hashemi, 2009, p.3) Thanks to his growing popularity, Facebook expanded its catchment area to all persons aged 13 years at the end of 2006. The only things required are name, surname, age and a valid e-mail address to confirm the admission. As other social networks, Facebook's function is to find online friend and share interests with other people. Members can create their own personal profile, complete with a profile photo and public photo albums, videos, and notes (Yasamine Hashemi, 2009, p.3). Users can add friends or to be more precise, other members, to their
2 Data found on facebakers. Facebakers.com is a portal to deliver up-to-date data and statistics about Facebook 3 The colloquial name of books given to students at the start of the academic year by university administrations in the US with the intention of helping students to get to know each other better.

profile, find and [] join virtual Groups that are focused around common themes and interests (Yasamine Hashemi, 2009, p.3) Our profile homepage contains our friend's list, a section for notifications and a central wall for news feed. That is the core section of our profile page because every news, information or comment that are published by our friends, are visible inside. When we publish something, this information appears on every news feed wall of all our friends. Facebook knows an immense amount about its users. Facebook seems to be well made for it. Information revelation itself can consist of different types of elements. [DeCew 1997; Goldie 2006]( Cited in Young, A., & Quan-Haase, A. , 2009, p.272) A fully filled-out Facebook profile contains about forty pieces of recognizably personal information, including name; birthday; political and religious views; online and offline contact information; gender, sexual preference, and relationship status; favorite books, movies, and so on; educational and employment history; and, of course, picture (Grimmelmann, J. 2008, p.1149). Many other information are published with superficiality. Wall posts can contain information about the person who post something and about the possible contact who leaves comments to that post. If I Poke you, it indicates that I am online, and I am thinking about you. If I upload and tag a Photo of you, it documents what you look like and someplace that you have been. It also documents that I know you and permits a reasonable inference that I was the photographer. Your list of Causes tells others what principles are meaningful to you (Grimmelmann, J. 2008, p.1150). Facebook has potentially a complete overview of 400M of users.

All the data are keept inside its servers, [..] and, according to Grimmelmann your Facebook presence says quite a lot about you (Grimmelmann, J. 2008, p.1150). Facebook, from its part, offers many privacy setting to users to hide data. Users could choose what kind of informations hide or make visible. But if they do not set their privacy settings, the default mode will be automatically set. Is it safe for our privacy the default setting? Matt Mckeon 4 argues that "In recent months, Facebook has revised its privacy policy to require users to opt out if they wish to keep information private, making most of that information public by default. Some personal data is now being shared with third-party Web sites.(Mckeon, 2010). In the beginning, it restricted the visibility of a users personal information to just their friends and their "network" (college or school).

4 Matt Mckeon is a developer with the Visual Communication Lab at IBM Research's Center for Social Software. mattmckeon.com

Image 2: Matt Mckeon

The image 2 above shows the differentes data section on our Facebook default profile in relation with various users typology: friends, our networks, all Facebook users and the whole internet. The sections filled with color are open to the relative users typology. So, we can see that , in 2005, our default setting was set to protected some of our data from many users. Name, profile picture, gender and networks were visible to all Facebook users instead of wall posts, photos and other data that were only visible by our friends.

10

In five years the situation has changed.

Image 3: Mac McKeon

The image 3 shows the evolution of the default privacy settings. Over the past couple of years, the default privacy settings for a Facebook user's personal information have become more and more permissive (McKeon, 2010). So, by default, the only two things that are hidden are birthday and contact Info.

11

The profile on facebook is open to almost anyone on the social network and the available personal data are growing constantly thanks to daily activities of the user on their profiles.

1.1.2 Facebook's users and privacy Facebook has 400M active users and 50% of them use the social network daily5. Much time is spent on social network. Facebook is deeply integrated into [...] daily routines and rituals [] (Debatin, Bernhard et al. , 2009 p.83). It's common to start the day checking new notifies, taking a look on news feed, changing our status. The habitual use of Facebook and its integration into daily life indicates that it has become an indispensable tool of social capital and connectedness with large numbers of people. (Debatin, Bernhard et al. , 2009 p.100) Lampe et al. [2006] found that 70 per cent of students report spending thirty minutes or less on Facebook per day and 21 per cent indicate spending more than an hour a day on average using the site (Young, A., & Quan-Haase, A. ,2009, p.265). The country with the largest numbers of members is USA with 125,560,420 users, followed by Uk and Indonesia. But who are Facebook's users? According to checkfacebook 6 the most part of users from USA are women (55,8%) in an age range from 18 to 44 (65,1%) 7. University students are heavy users of Facebook (Young, A., & QuanHaase, A. ,2009, p.265). The portrait of the world of Facebook's users is
5 Data retrieved from http://www.facebook.com/press/info.php?statistics 6 Check Facebook is a site that shows information about Facebook's diffusion in the whole world. 7 Data retrieved from www.checkfacebook.com

12

not complete just with this range of people. In fact members of the Facebook today [] include younger students, professionals, selfemployed people who try to advertise their business, parents who want to control their sons and daughters activities on the Internet (Brandimarte et al., 2009, p.22). It's widely popular among all social classes. The user community is heterogeneous on facebook. But what is the users' relationship with their privacy on Facebook? People publish almost everything on social network. A research of Young and Quan-Haase shows that users tend to use real data on Facebook: an overwhelming 99.35 per cent reported using their actual name in their profile (first and last name); nearly two-thirds of respondents indicated their sexual orientation, relationship status, and interests (such as favorite books, movies and activities) (Young, A., & Quan-Haase, A. ,2009, p.268). Other sensible data are published on their profile like e-mail address, birth date and city they live in. By contrast, few respondents reported disclosing their physical address (7.9 per cent), their cell phone number (10.5 per cent) or their IM screen name (16 per cent), thereby limiting the likelihood of individuals contacting or locating them outside of Facebook (Young, A., & QuanHaase, A. ,2009, p.268). Users actively construct their identity on SNSs through the disclosure of personal information [boyd 2008] (Cited in Young, A., & Quan-Haase, A. ,2009, p.267) Their concerns about privacy seem to be less important online than in the real life. In online life they have different sensitivity and concerns about privacy protection (Brandimarte et al., 2009, p.22). In their small-sample study on Facebook users awareness of privacy,

13

Govani and Pashley [2005] found that more than 80 percent of participants knew about the privacy settings, yet only 40 percent actually made use of them(cited in Debatin, Bernhard et al. , 2009 p.86) Probably, this percentages are changed. As we shall see in later chapters, the complications of privacy option in Facebook in the later years could confuse users. We should ask ourself what kind of information are considered personal and sensible by users and what not. They publish name, lastname and e-mail address but they are reluctant when they share physical address or real phone number. Probably users give different weights to different information, suffering from an illusion of privacy. Every single data has the same importance of another. Every data brings with it little parts of information about the user and his life. Like in a puzzle, all the informations that concern us represent the single pieces. More we share on Facebook, more are the risks: other people could rebuild a detailed overview of what we are.

14

2. CHAPTER 2_Risks of sharing information Users share a lot of sensible data. They share private data like name, address, email, genealogical tree and data about their behaviours and their habits. When we publish our informations online, those data become public. The lesson here is that you should only put data on the internet that you are comfortable with being shared, viewed or sold by people that are not you. (Silver, Curtis, 2010). Facebook users could use options that allow to filter friends and contacts. But many users do not operate on the they accepted almost all requests. This is confirmed by the experiment of Missouri University student Charlie Rosenbury, who wrote a computer program that enabled him to invite 250,000 people to be his friend, and 30 percent added him as their friend [Jump, 2005] (Debatin, Bernhard et al. , 2009 p.87). On social networks the risk to give our private data is almost 100%. Social networks are also ideal for mining information about relationships or common interests in groups, which can be exploited for phishing (Debatin, Bernhard et al. , 2009 p.86). Facebook is born with the purpose to share informations, knowledge, to find new and old friends and share with them preferences, attitudes and habits. In order to access to other profiles, new user has to give name, surname an email at least. This data will be published by default on user's profile. In this way users are easy preys for who's hunting personal data. The risks linked to sharing sensible informations on facebook are various. SNSs users effectively place themselves at a greater risk for cyber and selection of new contacts and

15

physical stalking, identity theft [] (Young, A., & Quan-Haase, A. ,2009, p.265). A large number of free personal informations helps those who stalking. Gross and Acquisti [2005] argue that [] disclosing personal information on Further criticism is based on the fact that third parties can use Facebook for data mining, phishing, and other malicious purposes (Cited in Debatin, Bernhard et al. , 2009 p.86). Not too bad, but the risk is an evolution: from a virtual stalking to a real life stalking. But the most devious and dangerous risks are the Identity theft and Personal Data Trade.

2.1 Identity Theft Identity theft occurs when someone uses or exploits the personal identifying information of another person such as: name, social security number, mothers maiden name, ID number, etc...to commit fraud or engage in other unlawful (Chawki and Abdel Waha, 2006, p.1). Publishing personal data, expose everyone to a possible Identity theft. Before the era of Internet, the thieves stole wallet with id-cards, they tried to obtain personal information by phone (thinking to phone frauds), they looked for bank number or credit card number receipt in trashed document. It was not so easy to find sensible data of someone. With the boom of internet things have become easier for thieves. Identity theft is easy to commit because of the ready availability of personal information on the Internet many people are not vigilant in protecting their personal information (Chawki and Abdel Waha, 2006, p.10).
16

Identity theft is often perpetrated against unsuspecting users. People publish any kind of data online and miscreants are ready to catch any juicy information. Social network sites are perfect places to steal data. In cyberspace, identity thieves are looking for sensitive personal information, and there are many pieces of information that could be utilized (Chawki and Abdel Waha, 2006, p.12). The inclinations to add strangers as friend, to join every kind of group and common use to publish any type of contact (like e-mail or phone number) are access points for thieves. These people use these user's weakness for malicious purpose. The IT security firm Sophos set up a fake profile to determine how easy it would be to data-mine Facebook for the purpose of identity theft. They found that out of 200 contacted people, 41 percent revealed personal information by either responding to the contact (and thus making their profile temporarily accessible) or immediately befriending the fake persona. The divulged information was enough to create phishing emails or malware specifically targeted at individual users or businesses, to guess users passwords, impersonate them, or even stalk them [Sophos Facebook ID, 2007] (Debatin, Bernhard et al. , 2009 p.87). Practically the thief could pass of as different person and act virtually as the person he stole the identity to. Creating digital dossiers [] containing detailed personal information would be a relatively simple taskand a clever data thief could even deduce social security numbers (which are often based on 5-digit ZIP codes, gender, and date of birth) from the information posted on almost half the users profiles [Ross & Acquisti, 2005] (Cited in Debatin, Bernhard et al. , 2009 p.87). The profiles on Facebook are full of information: resumes with detailed

17

descriptions, photo albums that tell the story or show the user's last vacation, map of relationships full of links to other Internet pages of each friend. Many people happily display their date of birth and details about their educational and employment backgrounds (Combat Identity Theft ,n.d). Found out a person's full name, date of birth, address, telephone number and social security number, there are many low level crimes that can be committed (Combat Identity Theft ,n.d). Identity theft is rarely one crime, but is composed of the commission of a wide variety of other crimes (Newman and McNally, 2005, p.2). For example, if someone, with stolen data pieces, clones another identity, he could use this fake id to commit fraudulent sales on Ebay or on other e-commerce services. Old scams8 are renew thanks to Facebook. In 2009, a Microsoft employee, Bryan Rutberg, was the victim of a new, targeted version of a very old scam the Nigerian 9 ploy. (Sullivan, Bob, 2009). Initially, his facebook profile was hacked and his status changed to :BRYAN IS IN URGENT NEED OF HELP!!! (Sullivan, Bob, 2009). Then id thief blocked all user's closest friends on his profile, included his wife. Using the internal mail system of Facebook, the thug sent thousand of mails in which he said that he was in London without money , asking for it. One of Rutberg's friend swallowed the bait and sent 600$ to a Western Union branch in London. The day after, he received a phone message with the request of more money. He sent another 600$ via E-transfer. Few hours later, Facebook confirmed Rutberg's identity theft story and
8 A confidence trick or confidence game (also known as a bunko, con, flim flam, gaffle, grift, hustle, scam, scheme, swindle or bamboozle) is an attempt to defraud a person or group by gaining their confidence. http://en.wikipedia.org/wiki/Scam 9 The nigerian or 419 is an advance-fee fraud in which the target is persuaded to advance sums of money in the hope of realizing a significantly larger gain. http://en.wikipedia.org/wiki/Nigerian_419

18

finally blocked his fake profile. Thief used fake identity to access to victim's friend profiles, in which he found other information to continue the fraud. He found the phone number of one of Rutberg's friend who had published it on his profile. By displaying a number of these details online, an individual opens themselves to potential problems. When combined with a little background information which can be found on the site (place of study, hometown, type of job and employer) the task of impersonating a victim becomes much easier (Combat Identity Theft ,n.d). The risk that someone could steal pieces of our life and sometimes our life too is a real issue. Facebook's users should watch out. It is possible to switch off a number of features by using the site's privacy settings and this is a good thing to do. Of course, much better would be to put less information in a profile...(Combat Identity Theft, n.d). 2.2 Personal data trade

Addresses, domestics habits, relation with other people, are available to everyone inside social network sites. We are living in the Information Era, so our data about personal preferences, way of life and styles worth as gold. The modern society is based on trade and marketing. Facebook is perfect to convey data suppliers: people. Debatin, Lovejoy et al., introduce a good metaphor to describe Facebook as data collector. Facebook is like an iceberg.

19

Image 4: TheFacebookIcebergModel(IcebergimageRalphA.Clevenger/CORBIS)

As showed in image 4,

the visible part of Facebook, innocent-looking

user profiles and social interactions, must be neatly separated from the invisible parts. As in the case of an iceberg, the visible part makes up only a small amount of the whole (Debatin, Bernhard et al. , 2009 p.88). The small part of the Facebook iceberg is the social aspect seen from user's point of view. Fun, talk, interaction between users. The invisible part, on the other hand, is constantly fed by the data that trickle down from the interactions and self-descriptions of the users in the visible part (Debatin, Bernhard et al. , 2009 p.88). The data rich soil is hidden to user's eyes. The scary thing is that [] to maintain the separation (and the users motivation to provide and constantly update his or her personal data), any marketing and advertising based on these data must be unobtrusive and subcutaneous, not in the users face[...] (Debatin, Bernhard et al. , 2009 p.88).

20

So, Ads companies play with users trying to keep a good balance. Users are happy, they give more and more data; companies mine these data. Some users know something about that and try to protect their privacy but they do not seem to realize that restricting access to their data does not sufficiently address the risks resulting from the amount, quality and persistence of the data they provide. After all, restricting profile visibility to friends only simply means restricting it within the visible part of the iceberg. As long as users feed the invisible part of the iceberg with extensive personal data that they update voluntarily and continually, their privacy is at risk (Debatin, Bernhard et al. , 2009 p.103). In my opinion, the most dangerous consequence of easily sharing personal data, is to become like dispenser of information for the big marketing companies. Unconsciously. Giving information about our life is not so wrong because our society is based on trade and trades are strictly connected with people interests and habits. People should have the control over their life. Sharing personal data must be a decision of owners. I want to decide, what kind of information give to industries, how, when and who will uses my data. What do we mean for data? Loren Feldman 10, on an article appeared on Wired, tries to explain the meaning of the term. [...]Data is what you put in the computer, that goes to the internet and either gets lost or sold. That is what data is. Its inevitable and a side effect of doing business on the internet. Its also a side effect of doing pleasure on the internet [...] (cited in Silver, Curtis, 2010).
10 Loren Feldman is an entertainer and videographer based in New York City. He comments on the tech industry on 1938media.com. He is president of 1938media, a video production company. He has been called the most controversial video blogger in social media today. http://www.crunchbase.com/person/loren-feldman

21

What is the role of Facebook on data trading? [] Facebook is in fact, a business, and that your so-called personal data was for sale[...] (Silver, Curtis, 2010). All these things happened without any control by the original data owners. Marika Lders, talking about social networks, said that "[] online content and service providers have developed a commercial logic where they offer their material for free in return for users giving away personal information (Lders, 2009, p 463). Users are like mines of informations and Ads Companies, through Facebook, mine data. Social network sites provide an ideal, data-rich environment for microtargeted marketing and advertising, particularly when user profiles are combined with functions that track user behavior (Debatin, Bernhard et al. , 2009 p.88). Professor Ben Edelman 11 after a study on computer code of seven social network sites, said about Facebook: "If you are looking at your profile page and you click on an ad, you are telling that advertiser who you are" (cited in Steel E. & Vascellaro, J, 2010). People's data are continually under siege. There is now an established trend to add more friends as possible. More friends you have on Facebook, more you are cool. Facebook are making a big push for users to find more of their friends online through use of their friend finder tool. Why? The answer is quite simple. The more engaged users are, the more time they spend on the site and the more pages they see. The more pages they see, greater is the number of ads that Facebook serves. Facebook increases its profits by increasing relations of the contacts and
11 Assistant professor at Harvard Business School who studies Internet advertising. http://www.benedelman.org/

22

data exchange. In this way, the social network abuses a human necessity to be friends with someone. Contacts and applications are the best tools to mine information. In late 2007, Facebook announced three new features involving partnerships with third-party websites: Public Search, Social Ads, and Beacon. 2.2.1 Public Search

When Facebook was initially opened, only members could search for other members. On September 5, 2007, Facebook announced that it had made limited public search listings available to people who are not logged into the Facebook website. These search listings expose members names, profile pictures, the ability to send a message to a member, view his or her friends, and request to add that member as a friend (Yasamine Hashemi, 2009, p.4) This operation was announced only through Facebook blog, not through email. A big part of Facebook's users was not informed about changes. After the public search change, all users were automatically included in the public search listings, but users can opt-out of the public listings, after the fact, via Facebooks individualized privacy settings page (Yasamine Hashemi, 2009, p.5). This feature changed the nature of Facebook. At the beginning, you had to become a facebook's member before being able to take a look on other profiles. Even though Facebook limits the amount information in member profiles that is publicly available, a full name and picture alone may be an

23

intrusion upon users privacy (Yasamine Hashemi, 2009, p.13)

2.2.2

Social ads

On November 7, 2007, Facebook announced on its blog that it was introducing what it called an entirely new advertising solution for Facebook Social Ads. Social ads display relevant advertisements related to actions that users have taken on the site (Yasamine Hashemi, 2009, p.18) Social Advertising represents ad formats that engage the social context of the user viewing the ad 12. The Social Ads are internal campaigns to social networks that serve to publicize any fan page. You can choose keywords that you want to associate the ad and in addition you can define the target based on interests, age, place of residence, sex and other personal information from your profiles. 2.2.3 Beacon

On November 7, 2007, Facebook also announced the introduction of its new Beacon product on the Facebook blog. Beacon tracked user actions on third-party websites that are partnered with Facebook (Affiliate Websites) and shared these actions with a users friends through the News Feed in the form of news stories (Yasamine Hashemi, 2009, p.4). Beacon tracked users's activities even if they were not logged on Facebook or they disabled the option to work with that Ads system. As for Public Search, the news was not notified to users by email.
12 Definition retrievable on http://en.wikipedia.org/wiki/Social_Advertising

24

The service became the subject of a class action and was suspended in 2009. Although Facebooks decision to implement Public Search, Social Ads, [] may make commercial sense [] many users still consider these features offensive (Yasamine Hashemi, 2009, p.12). Showing little respect of personal data treatment, Facebook has always tried in every way to make the most profit from its users. For Facebook, 2007 was the turning point, in marketing sense. Made strong by growing number of members, it decides to exploit the huge load of personal data. Moreover, all data were (and are) constantly updated because users work daily on Facebook. Actually, Public search and Social ads still works. These services are a little bit more clean and clear than Beacon. Practically, Beacon was an abuse against user's privacy. It was a very intrusive tool. After few years of polemics and discussions, it was abandoned. But a new dangerous ads service was born in april 2010. 2.2.4 Instant personalization Instant personalization is a Facebook new service that allows to affiliate websites (Microsofts Docs.com, Yelp and Pandora) to use personal information published on Facebook profile, like name, sex, pages and connections with contacts. In this way, when user browses those website, he will be redirected to a personalized page with precise ads tips about his interests. This is a powerful, inventive and creepy tool that the company hopes to extend to other partners. (Gannes, Liz, 2010). Do users have still control on their online activity? Probably not.
25

Facebook defends itself and says that users could stop this kind of service on their account setting. But how many users know how to change these options? Facebook tells its subscribers it will not share their details without any permission. However, it has handed over information that advertisers can use to look up individual profiles. Advertisers thus were getting reports whenever users clicked on their ads, as is typical across the web. Moreover Facebook did not send any email notices to its users notifying them that service. Data mining is hidden under the mask of personalization. Many users are thinking to leave the social network, consider it invasive towards their privacy. There was been a campaign on the internet for users to not log into Facebook for a whole day on June 6th, 2010 13. We have seen that social networks are rich soil for mining of tons of personal data to sell to the best offer. Why people continue to use Facebook and give it more and more data?

13 On June 6th a group called Facebook Protest was asking those who disagree with the
changes Facebook has made to its privacy policies to commit to not logging in or interacting with Facebook in any way. http://facebookprotest.com/

26

3. CHAPTER 3_Sharing sensible data on the internet plaza. Why?

In offline life, we are quite restrained to give information that we consider private or sensible. Do you give to a stranger on the street, information about your family, the place where you live, your girlfriend and your birth date? Probably not. [] People are typically very concerned about protecting their lives and private information from the indiscreet eye of outsiders [] (Brandimarte et al., 2009, p.2). Online, things were almost the same, especially thanks to fake identity and nickname. This until the boom of social network sites as Facebook. With Facebook the concept of sharing information is radically changed: by its very nature, it asks to its users to share personal data on different size groups (from a little group of friends to the entire network). The Facebook's users used to reveal a lot about themselves to strangers [] (Brandimarte et al., 2009, p.2). After we have seen which could be the risks, we have to ask ourself: why the people share sensible data on the internet plaza? In this chapter I will try to explain two possible reasons of this sharing. The first one is about the inability and the difficulty of the user to manage privacy setting of his profile. Basically that reason is based on two consideration: the ignorance of the risks that sharing your data involve and the impossibility to suitably protect the information published, even if you know the risks. The second possible reason is about the volunteer and conscious sharing of personal data. This reason could present two aspects: on one side, the people insert their real name, their interests, their contacts thinking

27

that they have the complete control on that because they share data; on the other side the people perceive the benefits of social network sites more than the risks: they want to share information to be part of social group, of community.

3.1 Inability and difficulty The first consideration, as I said in the chapter introduction, is about the ignorance. A big number of Facebook's users don't know the risks of sharing and posting personal data on social network. As Grimmelmann said [...]users dont pay attention to them when making decisions about their behaviour on Facebook (Grimmelmann, J. 2008, p.1141). That's happen especially for those people who doesn't have a great knowledge of internet and of its dynamics. The users, especially the teen agers, simply don't think that their data could be collect and used for different purpose. Then there are other kind of users that know the risks, or at least know that publish all their data could be not so safe. Nevertheless, they often ignore it because most of users don't know how to set privacy setting. This happened basically for two reasons: complicated setting and difficulty to read Facebook's privacy policy. Privacy settings are hidden and hard to set, especially for new people on social network and people with few digital literacy. The actual privacy options, in Facebook's opinion, should help people to manage their profile privacy better but it's not properly true. An article of New York Times shows how complex is to change your default privacy setting. To manage your privacy on Facebook, you will need to navigate through 50 settings with more than 170 options. Facebook says it wants
28

to offer precise controls for sharing on the Internet. (Bilton, Nick, 2010).

Image 5: By GUILBERT GATES/The New York Times

The complex structure showed by the picture above suggests a question. With this [] complex privacy preferences [...], is there still a need to be worried? The answer is a definitive yes [] (Lders, 2009, p 465). People are inclined to bypass to much complex setting information. Due to this unclear privacy options [...]many users are not changing default privacy settings, making them rely on lax, initial startup settings (Debatin, Bernhard et al. , 2009 p.100), even if they are informed about the possibility to customize their privacy. As we seen in previous chapters, currently the default settings make
29

your profile available to almost the entire social network. In this way, the user contributes to spread personal information, losing almost the complete control of them. So arise questions like, who will use these data? And how? Due to the difficulty of the privacy setting, we can suppose that a user, willing to protect in a certain way his data, could try to read privacy policy. That is surely possibile: the terms are available to be read every time on Facebook's help section. But if you try to read them, to know more about personal data treatment, you will realize that the policy is really complex and long. Facebooks Privacy Policy is 5,830 words long; the United States Constitution, without any of its amendments, is a concise 4,543 words. (Bilton, Nick, 2010). The length of text is a big obstacle for users. In fact their attention, after few pages, quickly decreases and they are brought to stop reading and probably to ignore the most important parts of the terms. Moreover, Facebook's privacy policy is subjected to a lot of changes and often Facebook doesn't inform its users about them. The problem, from a disgruntled Facebook users point of view, is not that the user is unaware of the intricate details of Facebooks privacy policy, but rather that Facebook may not be required by law to take sufficient efforts to adequately notify its users of these details (Yasamine Hashemi, 2009, p.17). Most of the common discussions made on Facebook are about all this issue and currently Facebook is doing a backward step, probably due to the many user's protests and the rumors about class actions against it. On May 26th, Facebook's CEO, Mark Zuckerberg, announced new significant changes to privacy tool. He said that privacy setting panel will be simplified and the number one thing we've heard is that there just

30

needs to be a simpler way to control your information. 14 Will this initiative help to have a better control personal data management? Probably, the users, with their everyday's activities on Facebook, will give us the right answer to this question.

14 Retrievable on http://blog.facebook.com/blog.php?post=391922327130

31

3.2 Voluntarily The second main reason of sharing information is based on a volunteer choice of the user. In the following sections I will try to show the two possible aspects of this choice.

- Illusion of control The people, who probably know the risks of sharing data, continue to give information to all other people, so also to strangers online (think to friends of friends, or to unknown people added on your profile). That's because maybe they, as human being, need to feel safe in every context (online and offline) and they consider Facebook as a tool that contribute to increase their sense of protection and safety in their online lives. Facebook give users the possibility to create something that seems a safe virtual world. Users feel safe because [] since they have control over the publication of their private information, they believe they also have control over the accessibility and use of that information by others (Brandimarte et al., 2009, p.3). People, to use a Brandimarte's term, have an Illusion of control over the data that they share. What Brandimarte means by illusion of control in the context of privacy is the belief that direct publication of private information implies, in the publishers mind, control over access and use of that information by third parties (Brandimarte et al., 2009, p.7). As Tufekci [2008] has suggested, the users's [] perception of the site as a secure and private community may have been altered, affecting their behaviour and information revelation practices (Cited in Young, A.,
32

& Quan-Haase, A. ,2009, p.272). If the users feel safe when they share their data, when it's their conscious decision, user's feelings about their data management change [] when someone else is responsible for the publication, or when the publication itself becomes uncertain (Brandimarte et al., 2009, p.21). They feel naked and without control and [] consequently, refrain from revealing it (Brandimarte et al., 2009, p.21). In privacy context, the weak rings of the social network's chain are friends and contacts. [] The facade of only allowing friends access, eases users into believing that they have done an adequate job in protection (Debatin, Bernhard et al. , 2009 p.101). Other users [...] restrict their profiles, they do not seem to fully understand that their level of privacy protection is relative to the number of friends, their criteria for accepting friends, and the amount and quality of personal data provided in their profiles, which they tend to divulge quite generously. In other words, users are unaware of or unconcerned about temporal boundary intrusions (Debatin, Bernhard et al. , 2009 p.102). People don't see the differences [] between (Brandimarte et al., 2009, p.21). Even if users could have a little bit control over their publications, they cannot control contacts use of their data. Have the control on personal information does not regard only set your profile page and your account data; it involves also the consideration of what the others publish related to you. In an era of social network, have complete control on your data and on the web path they follow is quite difficult, probably impossible. control over publication and control over access and use of their private information by others

33

- Sense of community One of the other reason the user wants to voluntarily share information is based on his feature of social human-being. The people need to be together, meet new people in order to create a community in which they can express themselves. The human-being is incapable to be alone. Georg Simmel (as cited in Lders, 2009) argues that: sociability characterizes interaction for its own sake and has no objective purpose[...] is simply being together and acknowledging the other in one's ife (Lders, 2009, p 458). The sensation to be part of community is important both in everyday life and in online life. Just as playful interaction is important in people's offline lives, sharing a playful togetherness has emerged as an appealing aspects of online spaces. (Lders, 2009, p 458) As we seen in the previous chapter, be online and expand our contacts network presents risks. Several studies found that users continually negotiate and manage the tension between perceived privacy risks and expected benefits [Ibrahim, 2008; Tufekci, 2008; Tyma, 2007] (Cited in Debatin, Bernhard et al. , 2009 p.87). When the users think about that issue, inevitably they have to face two unfavorable option: protecting their privacy by not being present online, despite potentially undesirable personal and social consequences; or, alternatively choosing to have an online presence and so jeopardizing their personal privacy (Lders, 2009, p 463). The most important benefit of online networks is probably, as Ellison, Steinfield, & Lampe [2007] showed, the social capital resulting from creating and maintaining interpersonal relationships and friendship (Debatin, Bernhard et al. , 2009 p.87) So [...]not being online means not

34

taking part in an important social arena (Lders, 2009, p 463). According this overview, the users choose to give more attention and importance to the benefits of online life, passing over consequences of their behaviour. To be part of network, they have to show themselves to others and provide personal information online. To meet your offline friends on a social networking site, you must tell the truth about your name and age. (Livingstone, 2009, p.360). Individuals may understand the dangers of posting personal content on Facebook (Debatin, Bernhard et al. ,2009 p.100), but because of nowadays people look at the internet as a valued new place for social exploration and self-expression. [Holloway & Valentine] (Cited in Livingstone, Sonia, 2009, p. 352). Users are voluntarily, even enthusiastically, asking the site to share their personal information widely (Grimmelmann, J. 2008, p.1141). According to a PEW 15 study, [] 49 percent of social network users said that they used network to make new friends (Lders, 2009, p 457). What attracts students to social networks is their ability to converse with friends, share digital cultural artifacts and ideas, and connect to vast networks of people [Boyd and Heer, 2006] (Cited in Young, A., & QuanHaase, A. ,2009, p.265). While it is possible, in a certain way, work on all the other aspects found behind the activity to share information, it is quite impossible try to change this last aspect about the sense of community. As I said before, be social is one the main feature of the human-beings.

15 The Pew Research Center is a nonpartisan "fact tank" that provides information on the issues, attitudes and trends shaping America and the world. It does so by conducting public opinion polling and social science research; by analyzing news coverage; and by holding forums and briefings. It does not take positions on policy issues. Www.pewresearch.org

35

Conclusion

The best way to protect our privacy online is to not publish anything. Everything everyone. Apparently, this could be a solution to our privacy issues online but it is not true. We have also think to what are our relationships in the real world and what kind of activities our friends have online. Even if we don't have a Facebook profile our private life is not safe. Anybody, who has some link with us in the real life and is a Facebook user too , could publish something about us like photos or name tagged on, addresses and other personal data. Another possibility could be to create a fake identity. But if we create one, we cannot publish any real information and we cannot add our real friends on Facebook to not compromise our privacy. This means that our life online will be different from our real life, the social network could lost their main feature. Could Facebook lose its social aspect, if we totally block the access to our personal data? Probably yes because it is based on links, connections and data sharing between members. On social networks, especially Facebook, more is the privacy level, less are the social and the networking aspects. Facebook is not our friend when we have to keep safe our personal information. It advertises a better control over personal privacy but in fact it doesn't. we publish on Internet becomes available to almost

36

While many users dont care about privacy, and others believe that the information isnt really that important, if you promise to give users complete control, you should do exactly that. Let them decide who they want their information should be shared with, dont do it for them. (O'Neill, Nick, 2010). In my opinion, the protests against Facebook users' privacy treatment, mainly in the last months, are a strong signal. People, participating in these protests, are still low compared to 400 million active users on Facebook but something is moving. Nevertheless, people want to be online; many people want to shift their entire life on social network. We are so embedded in the social network system that we cannot see it in an objective way.

37

References Bilton, Nick, 2010. Facebook Privacy: A Bewildering Tangle of Options, The New York Times, Retrieved in: http://www.nytimes.com/interactive/2010/05/12/business/facebookprivacy.html?ref=personaltech Bilton, Nick, 2010. Price of Facebook Privacy? Start Clicking, The New York Times, Retrieved in: http://www.nytimes.com/2010/05/13/technology/personaltech/13basics. html Boyd, D. M., & Ellison, N. B. (2007). Social network sites: Definition, history, and scholarship. Journal of Computer-Mediated Communication, 13(1),article 11. Retrieved from http://jcmc.indiana.edu/vol13/issue1/boyd.ellison.html Brandimarte, L., Acquisti, A. and Loewenstein, G. (2009) Privacy

Concerns and Information Disclosure: An Illusion of Control Hypothesis, poster, iConference 2009; Retrieved from: http://nora.lis.uiuc.edu/images/iConferences/Privacy_concerns_and_info rmation_disclosure.pdf

Chawki M and Abdel M S (2006), Identity Theft in Cyberspace: Issues and Solutions, Lex Electronica, vol.11 (1) available at http://www.lex-electronica.org/articles/v11-1/chawki_abdelwahab.pdf

38

David Gabriela, (n.d.), Clarifying the Mysteries of an Exposed Intimacy: Another Intimate Representation Mise-en-scne, in Kristf Nyiri (ed.) Engagement and Exposure: Mobile Communication and the Ethics of Social Networking, (Vienna Oassagen) 77-86 (10)

Debatin, Bernhard, Lovejoy, Jennette P., Horn, Ann-Kathrin, Hughes Brittany ,N. Facebook and Online Privacy: Attitudes, Behaviors, and Unintended Consequences, Journal of Computer-Mediated Combat Identity Theft, (n.d). Retrieved May 12, 2010 http://www.combat-identity-theft.com/facebook-identity-theft.html. Communication, Volume 15 (1), October 2009 , pp. 83-108

doi:10.1111/j.1083-6101.2009.01494.x

Gannes, Liz, 2010, http://gigaom.com/2010/04/22/facebooks-instantpersonalization-is-the-real-privacy-hairball/

Grimmelmann, J. (2008). Saving Facebook. NYLS Legal Studies Research Paper No.08/09-7; Iowa Law Review, Vol. 94, p. 1137, 2009. retrived form: http://ssrn.com/abstract=1262822

39

Livingstone, Sonia, (2009). Internet, Children, and Youth. In Burnett, R., M. Consalvo and C. Ess (Eds.), The Handbook of Internet Studies, 348368, Blackwell.

Lders, M (2009) Why and how online sociability became part and parcel of teenage life .In Burnett, R., M. Consalvo and C. Ess (Eds.), The Handbook of Internet Studies, 456-473, Blackwell.

Mckeon, Matt, 2010, http://mattmckeon.com/facebook-privacy/

Newman, G. and McNally, M. (2005). Identity theft literature review. Retrieved from http://www.ncjrs.gov/pdffiles1/nij/grants/210459.pdf

O'neill, Nick, 2010, http://www.allfacebook.com/2010/05/dont-expect-instantpersonalization-to-become-opt-in/

Sullivan, Bob, 2009. http://redtape.msnbc.com/2009/01/post-1.html Silver, Curtis , 2010, http://www.wired.com/geekdad/2010/05/the-

facebook-privacy-war-what-is-personal-data/#ixzz0pEsfgQkZ

40

Steel, Emily, Vascellaro, Jessica, 2010, Facebook, MySpace Confront Privacy Loophole , Retrieved in : http://online.wsj.com/article/SB10001424052748704513104575256701 215465596.html

Yasamine Hashemi, (2009), Facebooks Privacy Policy and Its Third-Party Partnerships: Lucrativity and Liability, 15 B.U.J.SCI. & TECH. L. 140 .

Young, A., & Quan-Haase, A. (2009). Information Revelation and Internet Privacy Concerns on Social Network Sites: A Case Study of Facebook. CT, 265-273.

41