Information Gathering by Social Networks
Background
One major issue that raises substantial privacy concerns is the accumulation of private information by social networking services. With more than 68 million users, Facebook stores an immense volume of private data that is constantly expanding: 14 million new photos are uploaded to Facebook's servers every day. In addition to private photographs, Facebook stores many other types of personal information that users submit, including relationships, political views, sexual orientations, and credit card numbers. Facebook also keeps track of its users purchasing habits through the Beacon affiliate program: even when users decline to publish stories on Facebook about their purchases, the information is still sent to Facebook's servers.
Once your private information has become part of a social network's massive archive, it becomes hard to remove. For example, to completely remove your profile from Facebook, you need to not only manually delete every piece of information that you have stored about yourself, but you must also send an email to Facebook after closing your account specifying that you want your account completely wiped from the Facebook servers. Failing to do so will result in your personal information being saved on Facebook's servers indefinitely even after closing your account. Although this allows users to quickly and conveniently reopen closed accounts, it also increases the vast mass of private data stored by Facebook that users do not want exposed to the world at large.
Examples of Privacy Concerns
Centralized databases of personal information are inherently dangerous to user privacy. With more and more information being stored on these servers, the potential for abuse by insiders working at social networking services grows. Even when insiders behave ethically, the centralized nature of the servers make them vulnerable to leaks and a tempting target for hackers. One notable recent example of this was the MySpace photo leak, where 17GB of images -- nearly half a million private photos -- were downloaded through a security hole in the MySpace site and posted to peer-to-peer file-sharing networks. Although MySpace fixed the vulnerability shortly thereafter, the damage had been done.
On the other hand, social networks are little different from other large repositories of data. A similar scandal occurred two years ago when AOL accidentally published 21 million search queries recorded from 650,000 unwitting users. Although AOL quickly retracted the listing, the damage had been done: the private lives of thousands had been exposed to public view. The same issues occur outside of the online world: toward the end of last year, the British National Health Service lost discs containing the medical records of hundreds of thousands of Britons. When managing databases that contain vast quantities of personal information, be they social networks or national medical archives, the same ethical obligations apply: to not allow insiders to abuse the system for their own gain, and to take proper measures to safeguard the system against hackers and inadvertent data leaks.
Ethical Analysis
Although these are serious ethical obligations, there is reason to believe that, for the most part, social networks are responding well to these challenges. For example, although large centralized repositories of data are necessarily vulnerable to malicious insiders, social networks have had few reported problems of this variety. This may be the result of sound professional ethics on the part of the employees at social networking services, or good business sense on the part of their managers, who undoubtedly realize that users will be driven away from a service that has a reputation for employees abusing their powers to exploit users' private information.
Furthermore, although social networks are subject to hackers and data leaks releasing private information into the public sphere, such breaches of privacy present less danger with social networks than with other large repositories, due to the social nature of the data stored within. Users post information to social networking services in order to share it with others: a breach of privacy that lets anybody view photos that you only intended for your friends to view may be damaging, but it is likely less damaging than a breach of privacy that reveals your PIN number or your medical history, which you intended for nobody else at all to see.
Thus, although the massive accumulation of personal data on social networking services raises privacy concerns, these concerns are not fundamentally new: they appear in every instance when large amounts of private information are aggregated in a single location. Considered in the context of other such systems, social networks appear to be doing a reasonable job carrying out their ethical obligations to protect privacy, and those breaches of privacy which do occur are comparatively harmless.
| « Information Gathering |
|
By Authorities » |