Perusing articles on Facebook privacy control changes from a well-known security company, there is the revelation that “no private information should be on the Internet”. A wise statement for an information security purist, but what constitutes ‘private information’, to what degree is it fluid and are the controls within Social Networks sufficient to allow us to restrict access in the ways we demand / require? What are the ‘sociological norms’, and what of ‘super-social’ libertines who have exceeded Dunbar’s Number by a magnitude of 700%?
How does information aggregation affect risk and perception of privacy control – are we at risk through inference channels in the Social Network? How do we perceive and manage trust? With rigour, paranoia, neutrality; is it earned, easily lost. How do we convey this and ensure our privacy is being managed accordingly? This brief set of questions hints at the complexity: cultural and emotional; qualitative; psychological; behavioural that guides our experiences online. Are Social Networks really equipped to meet sophisticated information management demands from a savvy user-base? How will they augment existing controls to facilitate virtual world technologies and context aware devices that would provide further “locational” (excuse the Social Computing neologism) and situational information?
Walled Gardens in Social Networks
Today’s Social Network (I take Facebook as a pervasive example) is a walled-garden (in general terms). Most users create a ‘private’ profile and control access by granting or denying friend requests, which can then (by and large) see profile information, pictures, status updates and other friend connections (there are nuances, but for brevity I generalise). My ‘bug bear’ with this model is a) poor visualisation of what effect the setting of privacy attributes has b) it’s not more walls we need, it’s more gardens! I shall elaborate on my latter ethereal viewpoint. Going back to trust, you may trust someone implicitly in the office, but don’t want to entrust them with private information in a personal Social Network. Trust and privacy are also really inter-woven concepts. There are also gradations of trust. For example I might trust someone based on their profession (doctor, airline pilot), but there is a limitation in the trust.
I might trust someone with another career background differently, or the trust may be quite neutral. We need more trust and privacy zones (which need to be explicitly defined and explicitly visible) to place individual connections inside a more sophisticated information handling model within the Social Network. In a rudimentary sense this exists with “Friend’s Lists”. These can be created in Facebook and ‘friends’ added to multiple lists which can then be used to permit or deny access to information at a group level. I term this ‘rudimentary’ as the configuration is somewhat arcane, and the visualisation of the result is best described as disappointing, a point to which I shall return.
Information Aggregation in Social Networks
Aggregation of information and how this affects risk exposure and privacy concerns are also interesting. Simplistically it might be argued “have a sparse profile with little personal information and this is a non-issue”. Whilst logical from a simplistic perspective, consider the aggregation of information from interaction, commentary, and chat services (etc.) and over time information aggregation becomes an increasing concern. I have also (of late) been thinking about the risk of “Inference Channels” in Social Networks. Database and data mining “theorists” will be familiar with this concept. Without diving into a treatise on Claude E Shannon and Entropy Theory, suffice to say this is concerned with deducible links through network connections and whether knowing about a set of relationships (perhaps even individual pieces of personal information) could lead to the discovery of inferred or elicited relationships or information. This may of course be entirely benign, but the Inference Channel has an implied risk that ‘unknown information’ will be discovered through analysis of multiple relationships (as I mention a known concern in highly secure database systems). A subject on which I have written (at some length) is also the opportunity for Social Engineering and leveraging elicited information for nefarious purposes. I am satisfied that the corporate world is generally cognizant of such risk, but wonder if more could be done in terms of “general public education.”
Risks have a tendency to multiply rather than divide, and the unrelenting pace of Social Network development leads me to concerns over a number of “emerging technologies”. Those that read my recent predictions on Social Network developments will have noted my belief that virtual world technologies will augment the rather unsophisticated and stifled ‘networking’ model that we have today. Context Aware devices will provide further enrichment, but both enrich not only networking experience but also the quality of personal information (now situational) that might ‘leak’. The Social Network’s model for configuring privacy controls, defining trust relationships and visualising the result is not equipped for this (I think it barely struggles with today’s limited demands).
Visualising Privacy on Social Networks
Control, visualisation, predictability have been central themes of my ‘critique’ of existing offerings. I therefore close by suggesting a few improvements and opportunities for development and research in this area:
- Visualisation of Social Network privacy controls is poor. The granularity of access controls is too coarse. My solution would be creation of simply a ‘radar’ or quadrant model on which connections could be placed within ‘trust zones’ (by dragging and dropping them onto the appropriate region). Configuration is half the battle, and visualisation of the resultant privacy controls effect is essential. This is where current controls are weakest. I also want multiple walled gardens to play with (where I could segregate user groups) and ensure no (uncontrolled) information leakage between. So my ‘quadrant model’ needs to work in three dimensions!
- A trust and privacy ‘radar’ would be equally interesting, with those closest to the centre having the greater trust relationship and access to more personal data.
- Inference Channels are ‘tricky’ due to the myriad of links, attributes and permutations affecting such. One area that would be interesting to research further would be ‘real-time risk advisors’ (as an example) on chat services seeking to warn users when the aggregation of personal information across “conversations” reaches a certain threshold. This would have numerous applications.
We don’t agonise over privacy concerns before exchanging business cards, so with a degree of care and attention pro-active and speculative Social Networking can be beneficial and safe.
Article first published on Atos CIO Blog, January 2010.
Further Reading on Online Privacy
- Privacy Online: Perspectives on Privacy and Self-Disclosure in the Social Web
- You: For Sale: Protecting Your Personal Data and Privacy Online
- Analyzing and Securing Social Networks
- Future Crimes: A journey to the dark side of technology – and how to survive it
- The Architecture of Privacy: On Engineering Technologies that Can Deliver Trustworthy Safeguards