Facebook: Watching your every move since 2012

It finally happened.  My mother joined Facebook.  I’m not sure what the current population of planet earth is, but it’s probably around 1.28 billion.  I know this because that’s how many people are currently using Facebook[1].

A few years ago when the company went public, people started complaining about a perceived lack of privacy.  Most people were concerned that the constantly evolving format created a need to always be aware that what you were posting would be directed to the appropriate audience.  What many people hadn’t yet realized was that Facebook had begun mining information at an unprecedented rate.

Sign-in to Facebook today and notice that those shoes you just considered purchasing are now featured prominently on your news feed.  That Google search you just performed has now caused advertisements to display alongside your profile.  It almost seems like Mark Zuckerberg is stalking us.  Taking their data-mining scheme to the next level, Facebook has gone on a spending spree.  They recently purchased popular apps Instagram and Whatsapp.  Those who use these apps have probably noticed that you can login to them using your Facebook information.

As the complaints have increased, Facebook has come up with a proposed solution – the “anonymous login.”  What it will do is allow users to login to third-party apps without giving any personal information to that app.  However, Facebook will still verify your identity, know what app you’ve signed in to, and they’ll know how often you sign in and how much time you spend on that app[2].

It seems that “anonymous” doesn’t really mean what we thought.  Where should the data-mining line be drawn?


[1] http://expandedramblings.com/index.php/resource-how-many-people-use-the-top-social-media/3/

[2] http://mashable.com/2014/05/01/facebooks-anonymous-login-is-evil-genius/

Facebook After Death

Facebook has recently changed its privacy policy for deceased users’ accounts.   Prior to this change, upon a friend or family member’s request, and upon confirmation that the user had actually passed away, Facebook would restrict the deceased user’s account so only “friends” could view the “memorial” page.  In order to respect the choices a Facebook user makes while still alive, Facebook will now continue to apply, after the user’s death, the privacy settings the user chose while alive.

When I first read about this, I have to admit I thought it was a little creepy.  I’m not sure that I would want my Facebook page to live on after I die, or if I would want random people to be able to look at a deceased family member or friend’s Facebook page.  However, after surfing the Internet for more information about this, I came upon a Huffington Post blog that opened my eyes to the benefit of this new Facebook policy.

The author of the blog, Jordi Lippe, discussed how, after her father passed away tragically, she found herself visiting his Facebook page, posting on his wall, and tagging him in pictures more often than visiting his gravesite. Ms. Lippe didn’t find this to be creepy, as I had sensed it would be; rather, she looked at it as an opportunity to feel more connected to her father, to honor him, and to connect with all of the other people who missed and loved her father.

Various state legislatures are trying to figure out how to deal with digital assets.  For example, Virginia enacted a law enabling parents of deceased minors to obtain control of their child’s various online accounts.  After the parent assumes his or her child’s terms of service agreements, presumably, that parent can delete those accounts.

What are your thoughts? Is Facebook right in honoring a person’s privacy choices after he or she passes away?  Should minors using Facebook receive the same treatment after death, or are parents justified in wanting to take control of their child’s digital assets, including deleting or deactivating those accounts?  Would you want your Facebook page to be memorialized?

Facebook’s questionable expansion further into mobile.

How does a relatively unprofitable company of about 50 employees whose product is a blatant copy of another’s get acquired for 19 billion dollars in five years?  The answer might not be entirely clear, but Facebook shareholders hope that CEO Mark Zuckerberg has a good idea after Facebook’s acquisition of mobile messaging app “WhatsApp” for $19 Billion.  WhatsApp users also would like to know what this all means for the service they have deeply integrated into their lives.

WhatsApp had its start by offering a BlackBerry Messenger like experience for mobile devices other than BlackBerrys.  What that means is that this kind of messaging service offers a much richer experience and allows for enhanced speed and security by utilizing internet data services as opposed to a traditional SMS text message.  Today, WhatsApp has a user base of about 450 million monthly active users, with billions of messages being sent every day, and is growing at 1 million users a day.  The company charges its users a dollar a year to use the service, making a profit nowhere near the $19 Billion purchase price by Facebook.  Looking at Facebook’s current ad based revenue it enjoys through its other services it is not farfetched to suspect a change in the monetization strategy of WhatsApp.  Despite these concerns WhatsApp CEO assures the Wall Street Journal that he believes WhatsApp “will stay completely independent and autonomous.”

These kinds of changes may concern the millions who use and trust WhatsApp especially with all of this happening on the heels of a report by Canadian and Dutch agencies having concerns over the privacy of users of WhatsApp due to violations of international privacy law.  The report found that although WhatsApp had made some changes, the report still concluded that “The investigation revealed that WhatsApp was violating certain internationally accepted privacy principles, mainly in relation to the retention, safeguard, and disclosure of personal data.”  Facebook has been no stranger to privacy concerns and controversy and users of WhatsApp will have to take all of this information into account when choosing what mobile messaging app they will like to use.

For now it is uncertain what changes, if any, will come to WhatsApp after this acquisition by Facebook.  With more secure services like BlackBerry Messenger recently going cross-platform consumers will have to consider which companies they want to possibly have access to their conversations and personal information.

In the comments I would love to hear how you message friends (sms, imessage, bbm, whatsapp, kik, facebook messenger, etc) and why you use that service.  Should we be concerned about the violation of privacy laws by some of these companies?  What steps should be taken to protect consumers who utilize these services?

Social Media: Brand Builder or Mind Poison?

A recent interview on ESPN’s radio show Mike & Mike (you can find an article and podcast here) featured two prominent NCAA basketball coaches, John Calipari and Rick Pitino. On paper, these two coaches couldn’t be similar; age (only 6 years apart), coaches at powerhouse basketball schools (University of Kentucky and Louisville separated by only 75 miles), banners (three championships and 11 Final Four appearances between the two, although two of Calipari’s appearances have since been vacated) and the list could go on. While their knowledge and love for the game of basketball may be similar, their view on social media is vastly different.

Pitino referred to social media as a “poison” on his players and he bans them from using sites like Twitter while Calipari refers to social media as a brand builder and goes as far as to encourage his players to participate and use social media platforms. These opposite stances on social media couldn’t be a better illustration of why there is so much debate when it comes to the NCAA and its regulation of social media. You have some coaches prohibiting players from using social media and others promoting the use and regardless of the stance of its coaches, the schools continue to shell out the dough to monitor its players use of social media. If that isn’t a clear example of mixed signals then I don’t know what is.

Many schools, like UK and Louisville, spend tens of thousands of dollars to use monitoring software systems that flag certain keywords and content being used in a post or tweet. The athletes actually must agree to let the school monitor its social media use as a precondition to participate in their respective sports. Some legal scholars view this as a clear violation to the athletes’ First Amendment right to free speech and those views have gained traction as some states have prohibited schools from monitoring the social media accounts of its athletes. The NCAA has encouraged schools to monitor its student athletes on social media sites and in response we have state legislatures passing laws to ban the schools from doing so; another example of how far off we are from some type of amicable resolution.

People are entitled to their own opinions about social media, but we run into problems when those differing opinions lead to ambiguous regulations and policies. It’s hard to say which side has the better argument or if monitoring student-athlete social media accounts is warranted in the first place, but it’s clear that this issue is far from being resolved.

A Response to “Blurred Lines and the Right to Privacy”

In “Blurred Lines and the Right to Privacy”, Huffington Post writer Debbie Hines urges people to emotionally connect more with issues of online privacy violation.  Ms. Hines boldly claims that the only way she believes action against online privacy violations will be taken is when we feel as emotionally violated in regards to online privacy as we would if someone were to break into our own homes—and she certainly seems to think we should, given that she states that “our online personal data by far out values any possessions in our homes.”  She also invokes the Civil Rights movement as another example of a situation where serious action will only be taken when the public becomes emotionally involved.  The author’s central inquiry is in regards to what will be the emotional stimulus that will ultimately move us in the direction to take action and protect against online privacy violations?

While I agree that online privacy is important in respect to information that is on the internet without your knowledge and consent, I have to disagree with the general tone of Ms. Hines article.  To equate the emotional violation that is online privacy invasions to that of a person’s home being ransacked by burglars is slightly outrageous to me.  Though I do not doubt that at least an equivalent amount of both financial and emotional harm could be achieved through both kinds of violations, the way we have been taught to view the internet makes this an incongruous comparison.  The internet is premised on the notion of open access to information; it is a forum that we all utilize when seeking out any imaginable type of information.  While it’s clear that the author is not referring to limiting this laissez-faire informational exchange, her opinions on such privacy violations seem to negate the general premise, purpose, and intent of the internet.

Furthermore, the expectation of privacy issue needs to be addressed.  In our society, we are taught to view our activity on the internet through a distrustful lense.  We are continually warned of the pitfalls that come from simply ignoring the privacy settings on social media accounts, let alone the far more damaging threats of identity theft, both in regards to our personal, professional, and financial lives.  While I do believe that it would be nice to feel a sense of security on the internet, I just do not think that the public’s expectation of privacy on the internet is particularly high, nor should it be; and it is certainly not near the level of privacy expectation one would have in one’s own home.  To feel as secure on the internet would be dangerously naïve, particularly in light of some of the egregious and highly publicized internet privacy violations that the author refers to.

So while I am in no way belittling Ms. Hines proposition, I think that until the internet is a truly safe place, it would be more prudent and practical to instead focus on taking defensive measures to protect ourselves and our online information.

Social Media Privacy v. Regulation

How much access should employers and schools have over their employees and students? Bill L.D. 1194, currently pending in the Maine legislature, would restrict employers access to employees social media accounts, as well as the accounts of elementary, high school, and college students. The bill was originally introduced in March 2013 but was carried over into 2014.

 

One potential problem with this bill lies in the financial industry. The Financial Industry Regulation Authority (FINRA), an oversight group that licenses brokers and regulates the securities industry, requires securities firms to oversee their employees business communications, specifically including social media accounts. If, for instance, a securities broker messaged a client on Twitter or solicited clients via LinkedIN, the securities firm would be obligated under FINRA’s directives to record that communication. The goal of this is to maintain a regulated financial industry where no “secret” communications or deals are being commenced.

 

A securities industry trade group, the Securities Industry Financial Markets Association (SIFMA), has filed a letter with the Maine legislature asking them to write an exception into the law for securities companies to comply with FINRA and other regulatory directives. They believe that many employees use a personal social media account for both personal AND business related goals and that the employers must have access to those accounts. Illinois enacted a similar law this past summer, with exceptions for the broker-dealer employers

 

This shows FINRA and the securities brokers take social media accounts seriously and showcase how they play a role in the securities trade. It is a thin line between privacy and 1st amendment rights on one side, and the need to regulate an important industry in American economics. It is also interesting to note that without the exception,  the law in Maine may create an unbalanced securities industry and force brokers to choose between following FINRA directives and state law.

In this case, I believe the employee’s privacy is not something that should be expected. If using social media, it makes sense to create a personal account and a business account. The employer, however, must trust the employee is not using their personal account for business purposes.

Source: Bloomberg Law: Securities 

Boxer Curtis Woodhouse Tracks Down Twitter Troll, Shows Up at His House

Reading this article made me consider the legality of “doxxing” a person.  For those unfamiliar “dox” is an internet slang word for finding and releasing personally identifiable information, such as their real name, address, or account information. In this instance, I am unsure how he got the person’s name and address, but clearly he had intentions of confronting the person.  This could have resulted in a violent altercation.  A couple of questions that came to mind:

Can a person be liable (criminally or civilly)  for “doxxing” someone who then suffers harm as a result of being “doxxed”?

Should the act of “doxxing” be considered a tort?

In some states, you can be sued for publishing private facts about another person.  “Private facts” refers to information about someone’s personal life that has not been previously revealed to the public, that is not of legitimate public concern, and the publication of which would be offensive to a reasonable person. However, the law protects you if you publish something that is already publicly available.

Some states also consider it a tort to unreasonably intrude upon the seclusion or solitude of a person.  In order to bring an action for tort of privacy invasion based upon the concept of intrusion on the seclusion of another, the following elements must be established (Doe v. High-Tech Inst., Inc., 972 P.2d 1060 (Colo. Ct. App. 1998)):

-that defendant committed an unauthorized intrusion or prying into plaintiff’s seclusion;
-that intrusion was highly injurious and objectionable to a reasonable man;
-that matter intruded on was private; and
-that intrusion resulted in agony and suffering to plaintiff.

It seems from this that a person can be held liable for “doxxing” someone if that person is harmed, or if the information released is not newsworthy or publicly available.

Thoughts?