I'm not going to sanction Facebook's rather cavalier attitude towards the selling/dissemination of personally identifiable information (though I do agree with Michael that Warden's use violates the ToS and their own does not); however, I think it's important to think about the different mechanisms for accountability in both cases. With an enormous data set released to the open web, there are no longer any mechanisms for accounability. Don't like that your personal information is out there? Too bad: it's not coming back, and you can be sure that datamining/harvesting businesses would've been the first to download that data (even if academic researchers would, too). With Facebook dealing in more B2B transactions, there is certainly a high degree of opacity, and I personally would probably disappove of a lot of their transactions. But at least in this case there are clear lines and mechanisms for accountability, derived both from the ToS (however user-unfriendly they are) and through the legally-binding data use contracts that FB is arranging with other companies. In practice, individuals are still up the creek a bit with regard to their own data on a personal basis but there's at least a clear line of blame and accountability for potential abuses. What's more potentially powerful in this context is the possibility of a class-action lawsuit enacted on behalf of a huge mass of FB users against any business that flagrantly violates privacy norms and/or against FB itself, a possibility of which I'm sure FB is keenly aware. Again: not sanctioning their behavior, but keeping this stuff behind a wall does have certain benefits in terms of potential remedies for bad action that become impossible when it's released fully into the wild. jkd On Thu, 18 Mar 2010 14:42:49 +0000, Nick White <air-l@njw.me.uk> wrote:
On Thu, Mar 18, 2010 at 08:32:41AM -0500, Michael Zimmer wrote:
I'm not surprised that Facebook has requested this action. But contrary to Warden's quote, I see a difference between the data being _available_ to commercial firms (which he means crawlable by search engine spiders, if I'm reading the post correctly), and having it _released en masse_ to the public in an easily digestible form.
Given the threat of a lawsuit, it appears that the former is allowed by Facebook's TOS, but the latter is not. And, clearly, there is the problem of taking the information outside of its intended context once you aggregate it and release it to the public, as I previously detailed here:
"Why Pete Warden Should Not Release Profile Data on 215 Million Facebook Users"
http://michaelzimmer.org/2010/02/12/why-pete-warden-should-not-release-profi...
While crawling public information for a generic search engine may not violate a sense of contextual integrity, that isn't the only other use of such data. A couple of examples could be a firm using facebook mining to build up / improve a profile of me to sell to others, or a government using the information to broaden a database on citizen's political leanings. Those certainly go beyond the expectations of usage of a lot of users of facebook.
At present this sort of information is available to anyone with the resources to gather it (which aren't enormous). Of course, even if facebook tightens this up in the future, they're keen to sell plenty of personal information to others (which doesn't seem to be well understood among users I've spoken to), which does weaken the argument that they have an obligation to reconsider how/what public information is published.
Nick White _______________________________________________ The Air-L@listserv.aoir.org mailing list is provided by the Association of Internet Researchers http://aoir.org Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
Join the Association of Internet Researchers: http://www.aoir.org/