Facebook, it seems, has a privacy issue. Enfant-CEO Mark Zuckerberg recently instructed the investment banks handling its IPO to shut their faces when it comes to news leaks about the company. Turns out juicy details leaked all over the web can make a corporate person feel compromised. After all, who wants one’s past indiscretions out there for all to see?
The issue of online privacy and data aggregation has become a hot topic—finally—in the wake of the Facebook IPO. Max Schrems, 24, the Austrian law student who sued Facebook for its complete record of his personal data was recently astounded to receive 1,222 pages of information. Some of it made sense—old Wall postings and photos—but some of it was material he had never even entered into Facebook. His action spurred more than 40,000 requests for Facebook data in Europe.
The issue goes far beyond Mom’s admonition not to put drinking photos online. And yes, more than 70 percent of human resource professionals have denied an applicant a job offer based on what they found online. (Never mind that in the European Union prospective employers are barred from googling job applicants.) On this side of the pond we hear stories like that of Ashley Payne, the Georgia teacher who was fired for a Facebook photo of her—on vacation—with a drink in her hand.
But have you thought about what lenders, credit agencies, insurance companies, and prospective employers, can do with reports of your aggregated online data, as purchased by third party aggregators? Let’s say you posted Wall posts about a medical problem you or your child faced. Let’s say it was congenital heart trouble—a no-fault diagnosis if there ever was one. Keyword searches can gather this type of data for sale to the insurance industry. That information could result in you being dropped for health insurance coverage, life insurance policy refusal, or even the loss of a prospective job. Don’t believe me? Spokeo is a third party aggregator that offers exactly this type of information to human resource offices. I would bet they have information about you already on file, and some of it may have come from Facebook. And it’s very hard to delete.
Facebook’s astounding net worth amounts to about $130 each for each of its 845 million subscribers. Do you think they earn this by those pop-up ads that nobody clicks on? Research (and investment bank leaks) show that the click rates on those Facebook ads are infinitesimal. That leaves data aggregation revenue from third party advertisers and other users.
And what kind of users are out there? The IRS is using online profiles against taxpayers under investigation. Let’s say your son or daughter posted some really great photos of a recent vacation to Rio for the whole family, just months after you filed your 1040 showing gargantuan business losses that included some hefty business expenses in Rio. Yes, people do. And the IRS finds them this way.
As a public company Facebook will be under pressure to maximize quarterly profits. That means selling your personal junk for profit. That is, after all, the bargain you made when you signed up. You receive the joys of free posting of all manner of personal information in exchange for Mark Zuckerberg & Co. to with it what they please.
In all probability, Facebook as it is presently monetized is a market distortion, a chimera. It must begin to sell more of your stuff to justify its market capitalization. And while the more laissez-faire readers in the audience may hold that users can always just quit—“Nobody is forcing you to put your junk online.”—I hold with the Europeans that users should be able to post and retain an appropriate level of privacy. This can happen if companies are forced to accept some basic rules and play by them. If Facebook is evil, it is probably evil more in its potential for harm than actual harm-to-date. But between Facebook and Google, and other players with less in the way of marquee names, the ground is shifting under our feet. This shift represents a substantial—and real—loss of privacy, and no one from the corporate world is letting on that there is anything, well, weird, about this.
Google Too? (Yes!)
Google sent notice of a change in privacy practices a few months ago. An Op-Ed by Lori Andrews in the February 5 New York Times, “Facebook Is Using You,” points out that you may want to consider not using Google to search terms like, “diabetes” or “pregnancy” in the future. Yes, I know, their slogan was “Do no evil.” But that was then, this is money. And don’t even get me started on how the data in your gmail account will be monetized.
What we need to do, for Facebook, for Google, for Spokeo, is wake up and smell the surveillance. We need to demand European-style protection policies, such as the right to scrub any and all data we choose from whatever providers we choose. Such a law was proposed last month by the European Commission. According to Somini Sengupta, in “Should Personal Data Be Personal?” another February 5 New York Times Op-Ed piece, quoting Simon Davies, the director of the English NGO Privacy International, “Europe has come to the conclusion that none of the companies can be trusted.”
We need to adopt the call initiated by Lori Andrews, the author of “Facebook is Using You,” that we be given the option to register for a national Do Not Track status, modeled on the Do Not Call lists of yesterday. Facebook can keep my dirt, Google, too. But they can’t sell it in any form that allows individual identity tracking. And they can’t steal my face.
So go ahead, post your party photos. Very soon, with the help of facial recognition algorithms, you won’t even have to tag them. And the fact that you are standing in the background of a shot, a sheet and a half to the wind, holding a Bud Lite Platinum, and a friend of a friend will post that memento, and in a few months' time you may be receiving communications from parties who are dropping you, outing you, leaving you, or firing you. It’s a sharing thing.
In the meantime, you really should pay attention to all those horrid little privacy settings, the ones that are designed to give you a headache the moment you think about them. And don’t get me started on all those Facebook-related apps tracking you
UPDATE: May 10, 2012 2:00 p.m. CDT
I just received an email from Vanessa, Director of Public Relations at Spokeo who stated:
Please let me know if you can update your article. I understand that Lorri Andrews also reported this incorrect information and we have been working very hard to make sure and have this corrected.
I did indeed harvest the data in question from Lori (not Lorri) Andrews’ piece and have no additional corroboration of it, except, in part, my own eyes. Ms. Andrews wrote:
A company called Spokeo gathers online data for employers, the public and anyone else who wants it. The company even posts ads urging “HR Recruiters — Click Here Now!” and asking women to submit their boyfriends’ e-mail addresses for an analysis of their online photos and activities to learn ‘Is He Cheating on You?’”
By the way, here are Lori Andrews bona fides, “Lori Andrews is a law professor at Chicago-Kent College of Law and the author of ‘I Know Who You Are and I Saw What You Did: Social Networks and the Death of Privacy.’” I have heard her speak on the Bob Edwards Show. I know of no New York Times retraction for this statement and recall seeing the HR Recruiters ad myself. I will print a copy of the New York Times retraction as soon as I read it. In the meantime, Vanessa is welcome to comment here, now that she is a member of Open Salon.
This is not the first time I have written about Spokeo. In an article for Wise Bread I wrote back in 2010:
I had heard that Spokeo was a particularly impressive site, so I went there first. The personal data is indeed impressive; we'll get to that in a minute. Another button caught my eye, right off. It read: "Control Your Identity — Take Control Now." Upon clicking, I was taken to a page that read, "Monitor and control your public information with IdentityForce™ protection."
That's right. The same site that was causing me all this angst was also selling the solution — a solution just like Reputation Defender [now Reputation.com]! I was immediately transported back to Econ 101. The way to riches in America is to create a perceived problem and solve it. Like yellow teeth and Pepsodent. Or wrinkled brows and Botox. But Spokeo has taken this one step further. They have created an actual problem and the simultaneous solution. This is like a spammer selling a no-spam solution.
So, Spokeo, I hope we can agree to disagree about the nature of your business while we wait for that retraction.
Here’s what Spokeo had on me back in 2010:
They had my address, my birth date, the names and ages of my kids, my home phone, my wife's name, photos, a photo of my house, a flattering assessment of my real estate worth, assorted photos, and much, much, more, as they say in the biz.
But, in their favor, when I engaged in a three-day process to have my data removed, it was! Thanks, Spokeo!
* * *
Correction: It was actually a three-step, one-day process to have my data removed.