There has been quite a bit of fervor recently about privacy on the web. There was recently an op-ed piece on Mashable that mirrored most of my own thoughts, so I invite you to read that as well.
I’ve heard the rants of several people recently–many among my own friend circles–who bemoan Facebook’s upcoming Open Graph system that will bring personalization to third-party sites based on users’ Facebook activity. The complaints center around the idea that what someone posts on Facebook will be accessible to third-party entities without explicit permission being granted by the user.
My first thought is this: people who publish information about themselves online–in any capacity or forum–should never be surprised by the fact that their information can be used for reasons other than their intended purposes or viewed by people other than their originally intended audiences. Anyone who has ever used a search engine should be aware of this. Search engines are designed specifically to scour the Internet, mining data, and serving it up to anyone. Entering your own name into a search engine will surprise anyone who has never done it before (although the number of people who can honestly say they’ve never Googled themselves must be critically low by now). Your information is already out there, and chances are that you put it there. Welcome to the 21st century: your privacy begins to erode as soon as you set up phone service in your name or have mail delivered to your house.
Next, what are the expectations of privacy in terms of individuals’ rights? Is there a right to privacy? Certainly. But that right is challenged when we begin to share information, and not by the person who receives the information, but the person who offered the information in the first place. Individuals have every right to keep their information private, but once they begin to share information, it is no longer technically private, is it? At this point, individuals must rely on the organizations with whom they share information to respect their information, but there can be no expectation that their privacy will be protected beyond that which is outlined in the agreement between them and the organizations. In the age of social media and networking, if you’re not controlling what you’re sharing, you are already behind the curve.
So what rights do you actually have? Privacy is an interesting right in that exercising it requires someone to do nothing. To exercise your right to free speech, you speak; to exercise your right to assembly, you assemble. But to exercise your right to keep your information private, all you need to do is not give it to anyone. That’s it. Enforcement of that right is simple and doesn’t even require government protection, as long as it refers to information or ideas. The problem is when we expand our definition of privacy to include other things–actions, conversations, possessions. When we move to this, enforcement gets more complicated. We expect the government to protect our right to keep these things private, and even expect the government to respect our idea of what private is. We expect the government to protect us from people who would tap our phones, search our homes, videotape our activities. And we expect this because we believe our right to privacy includes our right to declare things private, and control access to them–and the law (at least in the US) parallels this idea.