About Us | Site Map

Your Privacy Online

Since the dawn of civilization, people have been concerned about their privacy. We’ve always put great value on keeping our deepest, darkest secrets hidden from others, but now, the internet is changing the subject matter of privacy debates. It’s no longer the exposure of secrets that make news headlines (though this still matters too), but the exposure of more mundane personal information, the stuff we don’t think about: music choice, food preferences, favorite vacation destinations, etc. Marketing based on our preferences is big-business in today’s internet-savvy world. Because of this increase in privacy issues, businesses that are dependent on cloud computing consistently find themselves wading through the deep waters of user privacy regulations. But it’s not just company executives who find themselves faced with privacy issues to sort out. We users constantly find ourselves having to keep up with the latest privacy policy updates and changes to terms of service agreements in order to keep our personal information...well, personal. This issue isn’t new to the cloud: users have been exposing themselves to privacy issues since the beginning of the Internet. The oft-cited example is that of a consumer sending his or her credit card information over the internet to be processed by a company. That consumer trusts the company to keep his or her credit card information to themselves, which, in most legitimate cases, they do. But a risk to privacy is still present. With cloud computing, that risk has grown exponentially.

One thing to keep in mind as we move forward: the issue being dealt with here isn’t security, but privacy. For our purposes, the important distinction between the two is that security breaches are not typically orchestrated by the company, while in many situations, privacy issues are. In fact, violating your personal privacy is the business strategy of many of the major tech industries of the Information Age. The two major players we'll focus on here are Google and Facebook, both of which are heavily dependent on providing cloud computing services.

Google:

One of the most widespread uses of cloud computing is Google’s Gmail service. Many of the top businesses and most prestigious universities in the United States utilize this cloud-based email client. Its consumer platform (Gmail) is made possible by targeted ads sold by Google to companies interested in targeted marketing. Next to every email a consumer reads on Gmail is a list of “Sponsored Links,” each trying to sell him or her something Google thinks he or she might be interested in based on data they have collected. But where does this data come from? Google retains records on its servers of every email sent by its users for a set period of time. Furthermore, by agreeing to use Gmail, you also agree to allow bots to scan your messages for the information necessary to create these "Sponsored Links." Additionally, what most users don’t realize is that Google stores search data as well. As long as you are logged in to your Google account, they are able to match search data with its respective user, and then target ads based on this information.

Obviously this creates some pretty daunting privacy issues. What if I don’t want Google to remember that I searched for “baldness treatment?” Unfortunately, I’m not given a choice. Google will proceed to remember this information, and bombard me with ads promoting products to aid hair re-growth. If we do a simple cost-benefit analysis here, I think we’d come to terms with Google keeping track of some of our information for in-house purposes, even if those purposes are making money off of strategically putting ads in front of us.

But where does it go from here? What if someone else wants (legal) access to Google’s records? That’s exactly what happened in 2005 when the US Department of Justice subpoenaed Google for its search records for users in the United States. The DOJ requested the information based on the claim that it could be useful in combating child pornography. I think we’d all agree that child pornography is something that is evil, and should be eliminated, but I’m not entirely sure I’d like Google to turn over all of the terms I’ve Googled over the past few years. Luckily for me (and every other privacy-concerned consumer) Google fought back and won. They were not required to divulge information on individual search terms on the basis that it was an invasion of user privacy to do so.

So, it appears that our privacy might be safe with Google…to an extent. The company fought on behalf of its consumers to prevent the federal government from perusing through our search records, even if they do it themselves. Maybe Google isn’t so bad...after all, their motto is “Do no evil.”

Facebook:

It’s official: Facebook.com is the most-visited site on the web. This has huge implications in the field of sociology: the way social networks are formed and maintained is changing rapidly and drastically. But sociologists aren’t the only people who should be paying attention to the rapid growth in Facebook’s popularity. Its users need to be aware of how the website sustains itself at no direct cost to the user: by selling access their personal information.

Facebook is much like Google, in that they target their ads at audiences who they’ve determined should see them. In addition, Facebook presents its users with many other privacy woes. For example, Facebook’s Beacon service: “Facebook's Beacon service was released in early November 2007 as a part of the Facebook Ads platform. It was designed to track the activities of Facebook users on participating Web sites and to report those activities to the users' Facebook friends unless specifically told not to do so. For instance, a Facebook user's purchase of an item on a participating vendor's Web site was immediately broadcast to that user's friends, unless the user specifically opted out of such notifications.” Facebook continues to form their privacy policies in this same fashion: users are required to opt-out in order to escape a service’s scrutiny. Privacy advocates continually indicate that the company should default their services to “opt-in,” where Facebook only shares information when users agree to a service…but where’s the money in that?

However, there is some good news on the Facebook privacy front: the controversial Beacon service was actually shut down in 2009. Consumers are also becoming more privacy conscious, with numerous help sites being set up to assist users in securing their private data. Unfortunately, Facebook finds numerous ways around such tactics by allowing advertisers to use users’ friends to access profiles and get to data they want. This follows the old logic of “a system is only as strong as its weakest link.” Choose your friends wisely…

Of course, Facebook isn't the only one to blame when it comes to online privacy. Users themselves willingly put many personal aspects of their life on display for the rest of the Internet's viewing pleasure. Lack of online privacy is also a social issue, in addition to a technological one, though through government regulation, the technological issue would be much easier to solve. If Facebook is not willing to protect our right to privacy, the U.S. government is happy to step in and do it for them. Through organizations such as the Federal Trade Commission (FTC), the federal government is beginning to take matters into their own hands; whether or not this is the right approach is still up in the air.

 

FACEBOOK FIGHTS BACK AGAINST GOVERNMENT REGULATION

Senator Charles Schumer is pressuring the Federal Trade Commission (FTC) to create guidelines on the use and distribution of private information online by social networking sites. Furthermore, multiple privacy and consumer-protection groups have filed complaints against Facebook with the FTC, accusing Facebook of leveraging the personal information of its users for commercial gain.

In the complaint, the privacy watchdogs urged the FTC to scrutinize Facebook's privacy policies and ramp up security. Numerous other privacy advocates have called on senators to strengthen the regulatory and rulemaking authority of the FTC so it would have the authority necessary to properly regulate the social networking giant.

However, Facebook has vowed to not go down without a fight. According to the Electronic Privacy Information Center, Facebook has agreed to contribute $6 million to the establishment of a privacy organization, but its top lobbyist would become co-President, and all significant decisions would require unanimous vote. Furthermore, Facebook has hired a former senior Bush administration regulator to defend its privacy practices, arguing that it has given users more control over their privacy in response to FTC complaints, and thus does not require additional regulation. Facebook has dug its heels into the sand, and is bolstering its D.C. presence as it prepares to defend itself against both Congress and federal regulators. It will be interesting to see how this debate plays out – how far will Facebook go to defend its interests?

PCWORLD: 5 WAYS FACEBOOK SHOULD IMPROVE USER PRIVACY

With its latest privacy policy change, Facebook has bitten off a bit more than it could chew. Four U.S. Senators recently sent a letter to Facebook urging the social networking giant to change the way it gives user data to third-party advertisers. As these Senators stated in their press release, "Social networking sites are a Wild West of the Internet, and users need ability to control private information and fully understand how it's being used."

Facebook has been relatively responsive to user concerns in the past, and according to PCWorld, could easily regain user trust if it changed some of its behaviors. If Facebook no longer wants to be seen as the Eye of Sauron, here are five things experts recommend it do:

  1. End the addition of new features that can only be disabled through a multi-step, ambiguous opt-out system, and instead have a preference for opt-in features.
  2. Stop changing the wording of both its privacy policy and Statement of Rights and Responsibilities without announcing or clearly discussing the changes.
  3. Remove vague and ambiguous language from its policies, so most of its users can actually understand the privacy changes when Facebook makes them.
  4. Let users control their access to third-party websites or applications through a new permissions model requiring express consent from the user before data is shared.
  5. Forbid third-party websites and applications to store Facebook user date indefinitely, and instead bring back the 24-hour user data storage policy.

Even if Facebook only implements a few of these changes, user privacy as a whole will benefit. If Facebook doesn’t get its act together and start working to regain user trust, it’s very possible Congress will.

ARE USERS THEIR OWN WORST ENEMY FOR ONLINE PRIVACY?

Even though Facebook has taken a lot of flak lately concerning its privacy policies and the freedom with which it shares data to all those willing to pay for it, a study by Consumer Reports finds that users themselves are really their own worst enemy when it comes to online privacy.

According to the study, "an estimated 5.4 million online consumers submitted personal information to e-mail (phishing) scammers during the past two years." Furthermore, over half of all users of social networks are posting information that could put them at risk of cybercrime. The number of American households that use social networking has doubled over the past year, so these numbers are only expected to rise.

This data represents a significant social problem that only exacerbates the technological one. The same adults who post unsecured personal information online bring these practices into the workplace, threatening not only their own data security, but their employer's data security as well. In today's Information Age, data is everywhere. Every time someone fills out an online form or subscription, more of their personal information voluntarily handed over to those who may share that data with anyone willing to pay the right price. By all means, social networking providers should tighten their online privacy controls, but when it comes to exposing sensitive information and sharing personal details, "you might want to look in the mirror instead."

This website represents our own work in accordance with Princeton University regulations. Website template borrowed from Adobe Dreamweaver Development Center and Codify Design Studio. All media on this website link to their original source. These links are for sourcing only, and are not intended to provide any substantive addition to the information on this website.