+44 (0)20 7930 4158POPULAR TOOLS
FEATURE: Is privacy overrated?
Personal data is a valuable commodity in the information age. As a result, internet firms now struggle to reconcile their need to collect ever greater amounts of data from web users with the consumer's desire to retain control over what companies, friends and the wider world know about them. The manner in which online firms handle user data is the most likely point of conflict with their customers.
Two of the web's most powerful properties, Google and Facebook, clearly illustrate the controversy over online privacy. Both provide high-profile examples of the two key online privacy issues; how much we share with others on the internet and how much data companies collect on us as we surf the web. Both are lightning rods for the criticism and court action stemming from controversy over online privacy.
A sharing revolution?
Social networks have transformed traditional attitudes to privacy, creating a culture in which users broadcast their lives continuously and widely. No firm has done more to spread this culture than Facebook and last month CEO Mark Zuckerberg proclaimed that privacy is dead, arguing that people are now comfortable sharing their lives online.
"People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time."
eMarketer analyst Debra Aho Williamson agrees with Zuckerberg: "It has become so engrained in people's lives to share information about themselves publicly, because of Facebook, that if it was somehow taken away or the privacy law was slammed shut, I think some consumers would be really unhappy."
But while most of Facebook's 400m users may be happy to share their lives this widely, the social network has become a focal point for those who resist this openness. One of the earliest high-profile privacy complaints about social networking revolved around Facebook's Beacon targeting programme. Facebook let Beacon publish activity from partner sites to a member's Facebook news feed, prompting user outrage. Many members reacted angrily to having their online activity shared without explicit consent and Facebook finally pulled the plug on Beacon last year following a legal battle. However, a settlement payment of USD9.5m establishing a foundation to promote privacy failed to put Beacon to rest. Privacy groups oppose the settlement, claiming the foundation will be biased.
Facebook has grown more mindful of privacy issues when introducing new features. However, one of its most controversial moves came late last year when it decided to allow Google, Bing and other search engines to index user names, fan pages, home cities, gender and profile pictures.
"The main concern is that information that wasn't publicly available is now automatically available. Even if you opt out there are still third-party developers and so the privacy protections you might have had before are gone and there's no way to prevent that," says Kimberley Nguyen, consumer privacy counsel at the Electronic Privacy Information Centre. Facebook insists it gives members extensive control over their data, and everything bar basic information is controlled by its users.
"We took the unprecedented step of requiring all 400m people who use Facebook to confront privacy by asking them to make affirmative decisions about their level of sharing," says Facebook spokesperson Sophy Silver. "We're not aware of any other company that has ever engaged in such a massive consumer privacy awareness campaign."
Nonetheless, Facebook is something of an obsession for the privacy rights brigade, with its content-sharing initiatives consistently attracting media scrutiny in a disproportionate manner to that applied to other online players. Google's whole business relies on data tracking and is arguably just as invasive, but it doesn't attract criticism in quite the same way. In this arena a bad name is hard to shake.
Harbottle & Lewis digital media solicitor Cate Halway says Facebook has actually done more than necessary to avoid legal ramifications.
"The privacy exercise sent notifications to every user telling them settings were going to change and sort of forced them to go through a step-by-step process with a lot of handholding. They have done more than they need to do legally, it means they are covering their backs."
Facebook is caught in the same conundrum as all social networks. To earn revenue and expand, it needs its members to share. But persuading users to share more of their lives is likely to conflict with their desire to determine exactly how open they are. While changing social norms mean most are willing to share more widely, many still feel aggrieved when that decision is taken out of their hands. Nguyen says that social networks cannot assume that all users are happy having even basic information broadcast.
"I think some people are OK with sharing widely and some aren't, which is why there needs to be a choice," she says. "Users must have meaningful control over their information. It's great that some of the users want to share with the world, but Facebook's choice to make certain information available also affects those people who don't want to share that information."
Dangerous data
How we share our data across social networks is just one facet of the privacy debate, but personal data is incredibly valuable to a broad range of companies who take less care to keep users appraised of how their data is used. This is because data about consumers is the key to two things: tailoring services and, more importantly, creating more effective ways of advertising online. In terms of scale and detail, few can match the web's biggest advertiser, Google.
The recent ‘KnowPrivacy' report from the University of California, Berkeley, revealed the extent of online tracking. Google's DoubleClick ad network and Google Analytics tools track activity across 92 of the top 100 ad firms, with trackers from both properties overlapping. Companies such as Microsoft and analytics firms Quantcast and Omniture also collect data widely, keeping a tracking presence on well over half of the top 100 sites.
"Data is valuable currency in internet marketing and the more information companies can glean about consumers the better they can deliver targeted advertising," says eMarketer's Williamson. The ‘KnowPrivacy' study found that Google is the most comprehensive information collector on the web.
Google has become a multi-billion dollar business in just over a decade with quarterly profits approaching USD2bn. It achieved this success with fast, accurate, tailored services and targeted ads that effectively predict consumer needs. But both the accuracy of its search engine and its business model are completely dependent on the data it collects.
"This data is absolutely necessary to providing this service. If we can't account for the validity of the clicks that we provide to advertisers we can't charge them and we can't make any money," says Google communications and public affairs manager Anthony House.
As long as firms collecting such data follow protection procedures faithfully, privacy is unlikely to be breached. Most data is anonymous, existing as raw statistics rather than anything traceable, and even data linked to an individual is carefully controlled. However, this anonymity is under threat as firms increasingly combine data from different sources to build up detailed pictures of consumers.
"One of the trends that is happening now is the merging of online and offline data," says Williamson "For example if you are a retailer with information about people who shop in your store because they use a loyalty card you can potentially merge that information with what you know about their interaction with your online store to build a profile of that person and market to them more effectively."
Furthermore, says Williamson, firms are increasingly sharing data, raising questions about the way information is used to build up complex pictures of consumers which may verge on intrusion.
"Advertising agencies are building their own data networks that take their clients' data and merge that with information they gather themselves. They hope to deliver targeted advertising that is more relevant based on client data and the data that they get online."
According to the ‘Know Privacy' report, many users are completely unaware of how much their activity is tracked, and where to access information about tracking. "I don't know if tracking appears to be as disturbing because I think users don't entirely understand what's happening," says EPIC's Nguyen. "With something huge like Google Buzz, users say ‘before I had this kind of privacy expectation whereas now I don't'."
"But with things like the targeted advertising that Google does, that's how it was from the beginning so there's no shock value. I don't think they completely understand what's happening, but from EPIC's perspective it's still an important issue."
Will online privacy be impossible?
It is clear from the privacy issues afflicting Google, Facebook and other firms that base their business on information about individuals that the internet will continue to erode privacy. New services that encourage consumers to create more online data about themselves inevitably make lives less private.
For instance, Dutch programmers recently launched website PleaseRobMe using location data from Twitter to track when users are not at home.
New developments are also undermining many of the precautions designed to protect privacy. The Vienna University of Technology in Austria recently produced a proof-of-concept demonstrating how to match browser histories to social media accounts by comparing pages visited with a user's groups. This makes using browser histories as anonymous data a highly questionable practice.
Perhaps even more worrying is technology from US startup Scout Analytics which claims to be able to identify individuals by their typing. The software inserts Java script into a website to record typing rhythms. Matching this pattern to an individual could theoretically allow tracking across any website with the script, even on different computers and without logging on to any services.
Complex balancing act
Web user data supports a huge range of services that could not exist otherwise. Facebook and others often bear the brunt of online privacy criticism, but they are merely part of an overall trend for collecting ever more information on individuals. While personal data such as social networking profiles are relatively well protected, consumers are blasé about other forms of data collection. This data can reveal a huge amount about internet users, especially when collated or combined with social media. This will only increase, but firms must be careful they don't cross the line between useful information gathering and intrusion into what consumers consider to be their private online lives. The potential for bad press impacting businesses is considerable.
