To close out the week, I’ve finally updated my quick guide for adjusting your Facebook privacy settings. Much has changed with the kinds of controls Facebook provides users, as well as what they let you control at all  (making the 2008 and 2009 versions highly outdated).

My new quick guide is not exhaustive — and Facebook’s help pages are actually quite helpful — but hopefully this can provide a starting point for controlling your privacy online. I especially recommend this for new and younger Facebook users. Details below, and a PDF handout is here.

Ways To Adjust Privacy Settings In Facebook

Have you been wondering how to be social on Facebook while still keeping your privacy under control? When you join a site like Facebook you take the chance of letting your private information run wild. By adjusting your privacy settings you’ll have more control over who sees what.

Dividing up your Friends

Is your mom really on the same level of friendship as your roommate? Is your boss on the same level as your drinking buddies? What to block certain content from an ex-boyfriend? Facebook allows you to organize your friends into different groups, which can later be used to determine who sees what.

To do this, go to https://www.facebook.com/bookmarks/lists. There’s a button at the top that says “+ Create List.” Clicking it allows you to create a list of your choosing, then add any of your friends to it. You might make lists like “high school friends” or “family” or “co-workers” or “only the best friends”.

Once you’ve split up all your friends into different lists—what’s next?

Control Who Sees What you Post

Facebook allows you to control who can see what you post using a special “audience selector” drop down menu. With each status update, photo upload, or information shared, you can click on the small “drop down” arrow to select the specific audience: public, friends, only me, custom, or one of the friends lists you’ve previously created.

Control your Default Privacy

You can also set a default privacy level of all the things you share. To get to your privacy settings, click the account menu (small blue down arrow) at the top right of any Facebook page, and choose Privacy Settings. Here you can select the default setting for you posts: public, friends, or custom.

Choose “custom” in order to select particular friends lists as your default visibility settings. You can also exclude individual people from seeing status updates or photos.

From this same privacy settings page, you can control if people can find you on Facebook, whether people can tag you in photos, your advertising and app privacy, and even whether people can view past posts.

How You Connect

These settings determine how people can find or connect with you on Facebook, including who can search for you via email or phone number, who can send you friend requests, or who can send you Facebook messages. The most open setting is “Everyone”, and the most private is “Friends” only.

Timeline and Tagging

These are important settings to control who can tag you in posts and photos, and who can see those tags:

• Who can post on your timeline?  This setting controls who is able to post on your own Wall and Timeline. The options are either “Friends” or “No one”.
• Who can see what others post on your timeline? When someone else posts on your Wall, you can control whether all friends can see that content, or only certain lists.
• Review posts friends tag you in before they appear on your timeline.  When a friend “tags” you in one of their own status updates, it will automatically appear in your own timeline, allowing your friends to view the item. You can change this setting so you must approve the tag before it will appear on your own wall.
• Who can see posts you’ve been tagged in on your timeline?  This setting controls the visibility of any tags you’ve approved (or that are automatically approved).
• Review tags friends add to your own posts on Facebook.  Sometimes a friend can add a tag to one of your own posts. These can be allowed automatically, or you can control and approve them with this setting.
• Who sees tag suggestions when photos that look like you are uploaded?  Facebook has advanced facial recognition software, so if it thinks it sees your face in a photo uploaded by someone else, it might suggest tagging that photo with your name. You can turn this feature off, or make it available to your friends.

Apps, Games, and Websites

On Facebook, your name, profile picture, gender, networks, username and user id (account number) are always publicly available, including to apps. Also, by default, apps have access to your friends list and any information you choose to make public.

You can edit these settings to control what additional information is shared with apps, games, and websites. You can also turn on “Instant Personalization” which links your Facebook account to external website (like Pandora) to view relevant friend activity off of Facebook.

Public Search

From the same “Apps, Games, and Websites” settings page, you can control whether your Facebook profile is visible on search engines like Google. Turn this setting off if you don’t want your profile page listed in search engine results.

 For more detailed help and descriptions, please spend time on Facebook’s own help pages.

New survey confirms librarians’ commitment to protecting privacy rights

For Immediate Release
Tue, 05/01/2012 – 15:55

Contact: Jennifer Petersen
Office for Intellectual Freedom (OIF)

CHICAGO – In conjunction with Choose Privacy Week, the American Library Association’s (ALA) Office for Intellectual Freedom (OIF) released preliminary findings from a new survey measuring librarians’ views on privacy rights and protecting library users’ privacy.

The survey, which builds on an earlier 2008 survey assessing librarians’ attitudes about privacy, provides important data that will help ALA evaluate the state of privacy in the United States and libraries’ role in protecting library users’ privacy. The data will help guide ongoing planning for Choose Privacy Week and similar initiatives aimed at engaging librarians in public education and advocacy to advance privacy rights.

Some of the highlights from the 2012 survey include:

• Librarians remain concerned about privacy and individuals’ desire to control access and use of personal information. Ninety-five percent agree or strongly agree that individuals should be able to control who sees their personal information, and more than 95 percent of respondents feel government agencies and businesses shouldn’t share personal information with third parties without authorization and should only be used for a specific purpose.
• Librarians affirmed their commitment to the profession’s long-standing ethic of protecting library users’ privacy. Nearly 100 percent of respondents agreed that “Libraries should never share personal information, circulation records or Internet use records with third parties unless it has been authorized by the individual or by a court of law,” and 76 percent feel libraries are doing all they can to prevent unauthorized access to individual’s personal information and circulation records.  Overall, nearly 80 percent feel libraries should play a role in educating the general public about privacy issues.
• When compared to the 2008 survey, the results showed that the responses given by the 2012 respondents generally mirrored those of the 2008 respondents, with data showing a slight decline in the level of concern over privacy. For example, in both surveys, the vast majority (95 percent in 2008, 90 percent in 2012) of respondents expressed concern that “companies are collecting too much personal information about me and other individuals.”  However those who “strongly” agreed dropped from 70 percent in 2008 to only 54 percent in 2012.

The 2012 survey also revealed some limitations in libraries’ handling of privacy issues.  While nearly 80 percent of the responding librarians said libraries should play a role in educating the general public about privacy, only 13 percent said their library had hosted a privacy information session, lecture, seminar or other event addressing privacy and surveillance. Similarly, while 100 percent agree that libraries should not release library records without a court order, only 51 percent indicate that their libraries offer training on handling requests for user records and only 57 percent indicate that their libraries effectively communicate the library’s privacy policies to their patrons.

The 2012 study is funded by a generous grant from the Open Society Foundations and is managed by Dr. Michael Zimmer, an assistant professor at the University of Wisconsin-Milwaukee’s School of Information Studies, and co-director of its Center for Information Policy Research.

The survey is part of ALA’s Choose Privacy Week and “Privacy for All” initiative, which conducted with the generous support of the Open Society Foundations.  Its website, www.privacyrevolution.org, provides access to privacy-related news, information and programming resources.

The American Library Association’s (ALA) Office for Intellectual Freedom established Choose Privacy Week in 2010 to help libraries work with their communities in navigating these complicated but vital issues.  It is a national public awareness campaign that aims to educate the public about their privacy rights and to deepen public awareness about the serious issue of government surveillance. The theme for Choose Privacy Week 2012 is “Freedom from Surveillance.”

For more information on Choose Privacy Week, visit www.privacyrevolution.org or contact Jennifer Petersen, ALA PR coordinator at (312) 280-5043, jpetersen@ala.org.

The Blackberry Project (formerly known as the Friendship Project) is an ongoing longitudinal study examining teen behavior and sociability, which first recruited its subjects in 2003 (starting with 281 third and fourth graders from 13 Dallas public schools) and relied on yearly laboratory and home observation and surveys for data collection. Then, in 2009, the subjects (now entering 8th grade) were provided with BlackBerry devices with unlimited text and data plans paid for by the investigators. The devices were configured so that the content of all text messages, e-mail messages, and instant messages was saved to a secure server to be mined by the researchers — over 500,000 messages a month are being archived. Preliminary analyses have been published in Developmental Psychology.

The result? Hill puts it best in her headline and opening thoughts:

A Texas University’s Mind-Boggling Database Of Teens’ Daily Text Messages, Emails, and IMs Over Four Years

For the past four years, the University of Texas-Dallas developmental psychology professor has essentially wire-tapped 175 Texas teens,  capturing every text message, email, photo, and IM sent on Blackberries that she provided to them, creating a rich database that now contains millions of funny, explicit, sexual, and inane messages for academic study. Half a million new messages pour into the database every month. This summer, she’s adding Facebook content to the mix as well. The teens sacrificed their privacy for science… and a free smartphone, data plan and unlimited text messaging.

Dr. Underwood’s study has been approved by UT-Dallas’s Institutional Review Board, and she’s also received a Certificate of Confidentiality from the NIH, which are only granted after considerable scrutiny. Each participant is given a unique identification number so that all information that is collected is, according to the project website, “de-personalized”. The research data is stored securely with the help of Ceryx and Global Relay, data security providers who typically work together to store and archive electronic communication data for financial institutions. The archive is password protected and can only be accessed by a small group of selected researchers.

In short, this large-scale and long-term project has undergone considerable review, and appears to be taking privacy and security quite seriously. That said, there remain certain ethical concerns about the research worth discussing.

(Note: my discussion is based on what I can glean from available reports and documents about the study; I’m trying to gather additional information through various channels.)

Consent

Since the Blackberry Project (and its predecessor) focus on studying the activity of minors, gaining informed consent is of particular importance. Participants and parents were required to sign detailed consent forms annual that clearly stated that all electronic communication were be recorded and monitored. (While the consent forms for the earlier Friendship Project are available online, I haven’t been able to locate the consent documents for the Blackberry Project. I’ll request them from Dr. Underwood.) It appears this consent process was repeated annually, which is particularly important as subjects grow and develop, and the content of their text and email messages might change over time (for example, 10th graders might start texting about dangerous or legal activity, which might not have been contemplated when original consent was provided years earlier).

Parental consent for minor subjects is standard procedure. However, I wonder how well a parent actually understands the extent to which adolescents make use of mobile texting, and whether a parent really is equipped to represent (and waive) the privacy interests of their adolescent kids if they fail to recognize both the scale and types of information contained within those text messages. Is parental consent really sufficient when we’re dealing with teenager’s use of social media and personal technology? This is something I’ll need to think about more….

Further, any consent granted only involves the participants themselves and their outgoing messages. But those sending messages to the participants have not consented to having their messages stored and subjected to analysis. Underwood recognizes this problem, but argues it away:

Pioneering researchers studying online communication have argued that electronic communication can be observed without permission in some contexts because the information need not be uniquely identifiable, unless individuals have chosen to make their online user name their actual name (see Subrahmanyam et al., 2006; Whitlock, Powers, & Eckenrode, 2006). In our study, although we did have access to participants’ phone contacts and could see how they labeled individuals there, these were rarely uniquely identifiable, because most adolescents chose to label contacts with first names only or with nicknames.

However, I find this argument a bit thin. Just because some “pioneering researchers” claim it is acceptable to study online messages observed without permission “in some contexts” doesn’t make it necessarily ethical here. Hopefully the IRB pressed hard on this issue.

Undue Influence

Consent is only valid if it doesn’t involve coercion or undue influence. While paying research subjects is commonplace and generally acceptable, the fact that subjects in the Blackberry Project received a free smartphone with fully paid data and texting plans (and a generous 300 minute voice plan) might quality as undue influence. The Office of Human Research Protections defines undue influence when researchers offer an “excessive or inappropriate reward or other overture in order to obtain compliance.” OHRP also notes that “The level of remuneration should not be so high as to cause a prospective subject to accept risks that he or she would not accept in the absence of the remuneration.”

This is where the free Blackberries and service plans might be problematic. Since 11% of the participating families had incomes under $25,000, and 29% under $50,000, the allure of a free, “highly attractive” smartphone, complete with a free and unlimited data plan, might have persuaded some lower-income families to participate who otherwise might have considered the project too risky. If you’re on a tight budget, and your kids keep pestering you for a smartphone, the Blackberry Project might have been a lifesaver, regardless of the risks.

Determining undue influence is a grey area, and, again, I hope that UT-Dallas’s IRB considered this matter with vigor.

Privacy and Anonymity

Underwood has taken great lengths to protect subject privacy, including the use of secure, off-campus data storage platforms and replacing account names with ID numbers within the archive. Yet, considerable privacy concerns remain. There are plenty of cases where simply replacing names with ID numbers fails to provide sufficient anonymity, and the content of the messages themselves might reveal various personal details of the participants and their friends. The researchers indicate they use the participants address books to help “replace phone numbers with whatever the participants used to label their contacts” when compiling transcripts. While some of these labels might be un-identifiable, others might effectively “out” particular people within the dataset.

The Forbes article also notes:

Underwood has gotten calls from investigators around the country who would love access to her database, but she says she doesn’t want to hand over the data unless she can de-identify it or anonymize it. I’m imagining many a privacy scholar shaking his or her head in dismay given how difficult true anonymization is.

Indeed. I’m curious to know what steps toward deidentification or anonymization Underwood intends before sharing the data.

The Forbes piece presses Underwood further about the issue of privacy:

When I asked Underwood if any of the kids (or their parents) had ever expressed concern about the privacy of their communications, and the discomfort they might feel about every single thing they send being archived indefinitely for study, she said it had been a “non-issue.”

“We haven’t really directly asked about it. We don’t do anything to draw attention to our monitoring,” says Underwood. She prefers that teenagers act naturally. Asking them too strongly about how they feel about their privacy might negatively affect the “observing them in the wild” aspect of her study.

This troubles me. Here, a researcher collecting millions of personal messages sent between teens admits to not wanting to directly address privacy with the subjects because it might negatively affect the study. If you bring up the privacy concern, Underwood seems to say, it will just cause them to self-censor. Of course, if her hypothesis is true, that validates the privacy concern itself — the participants might actually care about their privacy, once reminded about it. (Note to researchers: if you find yourself wanting to minimize disclosure of privacy concerns, then you have significant privacy concerns that need to be addressed.)

In sum, the Blackberry Project appears to have been managed properly through the IRB rules and regulations. These open issues speak more to the nature of this kind of research generally, versus about this project specifically. I’m very curious as to how the researchers and the IRB discussed and deliberated these issues, and will provide any updates if I’m able to gain access to more details.

For the next few days I will be participating in a project aiming to apply the VID perspective to future Internet architecture (FIA) design eforts: the Values-In-Design Council.

The National Science Foundation has recently funded multiple projects to envision and  pursue new ways to build a “more trustworthy and robust Internet.” As described by the NSF:

The four basic research and system design projects funded under FIA explore different dimensions of the network architecture design space and emphasize different visions of future networks. NSF anticipates that the teams will explore new directions and a diverse range of research thrusts within their research agenda but also work together to enhance and possibly integrate architectural thinking, concepts and components, paving the way to a comprehensive trustworthy network architecture of the future.

The four FIA projects are described in more detail here.

Along with these technical projects, the NSF has also funded the creation of the Values-in-Design Council, a multi-disciplinary team of experts in the social analysis of digital information technologies, led by Helen Nissenbaum, who are tasked to work alongside the recipients of the FIA technical grants. As described by Nissenbaum:

Council members will serve as analysts and consultants to the FIA projects, helping to identify junctures in the design process in which values-critical technical decisions arise; locating design parameters and variations that differentially call into play relevant values; for and with respective projects, developing rich conceptual understandings of relevant values; for and with project investigators, operationalizing values to enable transition from values conceptions into design features; with FIA investigators, examining the interplay of values embodied in design with respective values embodied in law and policy; and where possible, verifying values in design through prototyping, user testing and other empirical analyses.

The full list of VID Council members is here.

At this week’s meeting, hosted by Colorado State University’s Computer Science Department, each of the four project teams will provide an update of their work, and then discussion will focus on this set of questions:

Who are the service providers in your architecture, and what is the resulting provider ecosystem? (Some of the FIA architecture seem to presume a provider ecosystem similar to today: a connected set of packet forwarders. Some presume other services related to carriage, such as storage providers. )

• What is the incentive of each of these actors to enter into their line of business? Where would your architecture require payments among actors to sustain viability?

Options for control: which actors can influence the behavior of a transfer?

• Does your architecture provide user control over aspects of service selection: routes, service qualities, or providers of support service (e.g. like DNS in today’s Internet)?
• To what extent does your architecture support or resist the goals of those who wish to control access to classes of information (e.g. governments, rights-holders). How does this position influence the balance of power in your network, and its viability? Which actors have the ability (or perhaps the easy ability) to block communication among willing end-points?
• IP addresses accidentally turned out to be scarce resources, for no good reason. What features of your architecture might turn out to be “scarce resources” or resources over which some potentially powerful actor could exercise control?
• Do you have hierarchies with single points of control at the root? Is there information you share with partners that has to be signed by a trusted third party?
• Are there policies that you have explicitly embedded in your design?

What is the range of services that the system provides to the higher layers?

• Compared to today’s Internet, would you expect the same sort of commercial entities at the higher layers?
• For example, (especially in the context of those architectures that emphasize information retrieval), would you imagine that there would be CDNs operating on top of your architecture?
• Does your architecture provide an API that defines the service interface of your system?

Interfaces among providers

• What types of information is expected to be exchanged between providers?  This goes beyond packet forwarding to include:
  • Routing information
  • Naming information (e.g. DNS zone transfers)
  • An interconnection agreement between providers in today’s Internet may have Service Level Requirements, or specify aspects of routing policies (cold potato, hot potato).  What would you expect to find in inter-provider agreements in your architecture?
  • To what extent do services provided to higher levels (see above) require negotiation or cooperation among the various actors that make up the overall network?
  • What mechanisms does your architecture provide for negotiation among service providers?
  • What range of functions are supported by the protocols and mechanisms that hook them together?
  • Operators are sometimes worried about all getting together to solve operational issues. It is hard to do and looks like anti-trust. What are the “top five” aspects of your architecture that require operational coordination?

Market forces and regulation

• To what extent does your proposal facilitate or limit the use of competition as a discipline on the market?
• If regulation were proposed to require some sort of non-discriminatory access or “network neutrality”, what might that mean in your design? Where might forms of discriminatory service emerge?

Evolvability

• How does your architecture allow innovation and the migration to new mechanisms?
• Which sorts of evolution seem to require global coordination, like the migration to IPv6 today?

Trust, isolation and availability

• What sorts of trust assumptions does your design make about the various actors that make up the ecosystem?
• Does your architecture provide means for instrumentation or data-gathering? What sorts of data? Internal structure of the network, usage, routes, outages, etc?
• To what extent does your architecture include tools to detect that actors are not functioning properly? Which actors have access to these tools?
• How do your options for control allow different actors to respond to actors that are not trustworthy or mis-functioning?
• Availability often implies “extra” or “diverse” resources. Does your architecture depend on resources that are otherwise under-utilized to achieve high availability. Is economics a barrier to a high-availability network? Both within a region and across regions, does your design allow the operator to trade off explicitly between cost and availability/resilience?

Implicit in these questions are various ethical concerns, including: autonomy, access, freedom from bias, control, and trust. I’m excited about the conversations that will unfold over the next couple of days, and will provide public reflections here as appropriate.

The event is free and open to the public:

• Tuesday, May 8, 2012
• 6:00-8:000pm
• UW-Milwaukee Union Theater (2200 E. Kenwood Blvd, 2nd floor)

Following the film, a panel of privacy advocates will discuss its implications, including:

• Emilio De Torre, Youth and Program Director, ACLU of Wisconsin
• Stacy Harbaugh, Communications Director, ACLU of Wisconsin
• Angela Maycock, Assistant Director, Office for Intellectual Freedom, American Library Association
• Michael Zimmer, Assistant Professor and Co-Director, Center for Information Policy Research, School of Information Studies, UW-Milwaukee

During the week of March 5, we’re going to hold an online symposium on Julie Cohen’s important and engrossing book Configuring the Networked Self: Law, Code, and the Play of Everyday Practice (Yale University Press).  As Rebecca Tushnet noted at a celebration of Julie’s book held at Georgetown Law School (see here for her post on the event), Cohen “challenges us to imagine better: understand culture’s power and make policies that both acknowledge and attempt to work with that power.”  Some of what appealed to Dan Solove is the book’s exploration of privacy and creativity together, with all of their nuances. As Dan explained, “copyright and privacy both concern control over information; tension because scholars who argue for limits on copyright are often arguing for more protection for privacy—less control/more control over information.  Is there a coherent way to argue for less copyright/more privacy?  Cohen’s work establishes the normative foundations for that.”  One of my favorite contributions is the book’s illumination of networked architecture’s impact on human flourishing and her development of the Capabilities Approach to address pressing challenges to the practice of everyday life.

Concurring Opinions is thrilled to welcome an all-star group of scholars to lead the discussion, including the author Julie Cohen:

• Anita L. Allen
• Ann Bartow
• Kristin Eschenfelder
• Edward Felten
• Ian Kerr
• Jaron Lanier
• Paul Ohm
• Hector Postigo
• Ted Striphas
• Valerie Steeves
• Michael Zimmer

In the meanwhile, get your copy of the book and mark your calendars!

Zimmer, M. (2012). The ethical (re)design of the Google Books project. In iConference ’12 Proceedings of the 2012 iConference, 363-369. DOI: 10.1145/2132176.2132223

Today, the Google Books project is at a relative standstill — lawsuits against the project remain outstanding as the courts rejected a proposed settlement agreement. The failure of the original vision for the Google Books project to become fully realized presents us with a unique opportunity to ensure that whatever final form Google Books will take in the future, it is designed to support the values respected within the domain of information ethics. This paper will proposed an ethical re-design of the Google Books project, focusing on three core ethical values of primary interest to librarian and information professionals: privacy, intellectual freedom, and public access to information. Advocating for these values in the next iteration of the mass digitization service can help ensure that the informational norms of the library are embraced and upheld.

The Reputation Society: How Online Opinions Are Reshaping the Offline World
Edited by Hassan Masum and Mark Tovey
Foreword by Craig Newmark

In making decisions, we often seek advice. Online, we check Amazon recommendations, eBay vendors’ histories, TripAdvisor ratings, and even our elected representatives’ voting records. These online reputation systems serve as filters for information overload. In this book, experts discuss the benefits and risks of such online tools.

The contributors offer expert perspectives that range from philanthropy and open access to science and law, addressing reputation systems in theory and practice. Properly designed reputation systems, they argue, have the potential to create a “reputation society,” reshaping society for the better by promoting accountability through the mediated judgments of billions of people. Effective design can also steer systems away from the pitfalls of online opinion sharing by motivating truth-telling, protecting personal privacy, and discouraging digital vigilantism.

About the Editors

Hassan Masum is a policy and technology strategist and Affiliate Researcher at the Waterloo Institute for Complexity and Innovation at the University of Waterloo.

Mark Tovey is an Affiliate Researcher at the Waterloo Institute for Complexity and Innovation at the University of Waterloo. He is the editor of Collective Intelligence: Creating a Prosperous World at Peace.

This book was inspired by the “Symposium on Reputation Economies in Cyberspace” I helped organize at the Yale Information Society Project in 2007, and I’m excited to see the results of that event finally get published.

I’m also happy to note that I co-authored one the chapters in the volume with Anthony Hoffmann, a PhD student at UW-Milwaukee School of Information Studies. Our contribution is titled, “Privacy, Context, and Oversharing: Reputational Challenges in a Web 2.0 World“:

When personal information is shared online, it may spread farther and faster than expected or inappropriately push intimate details to near-strangers. Zimmer and Hoffmann address the twin risks of information spreading beyond its intended context and the oversharing of personal information.

You can purchase the book at Amazon, etc. Enjoy!