Tiffany B. Brown

23 March 2009

Twitter, privacy, and informational self-determination

UPDATE: Tweetdeck does, in fact, tell you whether someone's updates are protected if you click on the user name and view his or her profile. It does not however do this at a glance.

If you're not listening from the CBC's Search Engine podcast, shame on you. It's a kick ass show that looks at technology and culture, globally, but with an emphasis on Canada and the United States.

Episode 25, "CCTVs, biometrics, and self-destructing data," is particularly good. It's an interview with Canada's information and privacy commissioner, Ann Cavoukian about online privacy and using a combination of technology, law, and ethics to protect citizen and customer data.

What stood out for me was this point made by Cavoukian (at about the 6:30 mark):

Your ability to control the information you have shared with others and their subsequent control of that — that's when everything falls apart. You may be able to restrict the information to five people. But what you can't do is — you have no ability to control what they do with your information. And that's when things get weakened in terms of the weakest link of the chain, in terms of security.

I have run into this a few times with my Twitter friends. I have a private feed, largely to keep it from being Googled. I understand that "private" online is not really private — and despite my propensity to overshare, there are some things I just won't tweet. Yet I am still uncomfortable when items in my feed are retweeted, or captured in a screen shot and reposted. My feed is protected, dang it! If I wanted my content to be Googled or re-contextualized, I would have blogged it or published to my public stream.

As J.Brotherlove pointed out in a (protected) Twitter posting, however:

I see your tweet re: your issue with SNS. this isn't new though. we've had this issue with email.

I'll argue, though, that email (and instant messaging for that matter) are conceived of as a one-to-one conversation, rather than a one-to-many conversation. It's true that you can copy-and-paste an IM or email into another medium. But our behavioral norm is that these messages should not be re-shared without explicit permission. It's the same from a technical standpoint, yes, but not a social one.

When it comes to tweets, Facebook data, or Flickr photos, however? As a community, we clearly have different expectations for privacy on social network sites. As thatblackchick put it (in a protected Tweet):

The nature of social networking means that it's a one-to-many conversation, therefore, the sharing rules are different (IMO)

And what's compounding the problem? Jason says:

Twitter, however, and it's tools, don't value or promote privacy. I can't tell by glancing at tweetdeck which people in my stream are private.

He isn't entirely right. Twhirl differentiates between protected and unprotected feeds. Twitter does too, though design changes would make those differences clearer. [Jason corrects himself in the comments: "Twitter does value privacy. The lock icon is clearly seen on the site, protected tweets don't show up in RSS feeds, you can't deeplink to protected tweets and make them accessible to non-permissioned users." I DO think that some UI changes would make it clearer, however.]

The obvious answer to all of this, of course, is don't tweet / post / publish that which you do not wish to be reshared. Still, I'd like a higher degree of informational self-determination and awareness on all sides.

I think Cavoukian and data privacy researchers are on to something with this idea that rules for data use are embedded in and travel with the data. Going forward, I would like to see tools, APIs and user interfaces that enable and encourage people to respect public/protected settings, or enable users to opt-out of certain privacy-eroding features.

Embedding data rules in Twitter posts (or Facebook pages, Flickr photos, etc.) may be technologically unfeasible if not overkill. But how about allowing users to make their posts unavailable to the API? How about interfaces (for desktop clients and the web) that alert users they are about to retweet an item from a protected twitter feed? How about letting users opt out of being retweeted? How about ultra-granular, per-tweet privacy controls (a la Plurk)?

None of those is perfect, of course, but they can encourage a culture in which people are more conscious of and respectful of other users' controls.

Related elsewhere