Wednesday, April 28, 2010

This blog has moved


This blog is now located at __FTP_MIGRATION_NEW_URL__.
You will be automatically redirected in 30 seconds, or you may click here.

For feed subscribers, please update your feed subscriptions to
__FTP_MIGRATION_FEED_URL__.

Social Web privacy: A new kind of social contract we're all signed onto

1993: In a famous New Yorker cartoon, a dog at a computer says to his canine buddy looking up from the floor, "On the Internet, nobody knows you're a dog." Fast-forward 13 years....

2006: "On the Internet, everybody knows you're a dog," declares the subhead to a Michael Kinsley essay in which he wondered at how narcissistic the social Web was (before it became a cliché). Fast-forward only four years this time....

2010: Although Internet industry CEOs have recently declared the death of privacy (see security expert Bruce Schneier's blog), "privacy is not dead," said social media researcher danah boyd in her keynote at the SXSW conference in Austin last month. "People of all ages care deeply about privacy. And they care just as much about privacy online as they do offline.... Wanting privacy is not about needing something to hide. It’s about wanting to maintain control."

Furthermore, boyd said, privacy and publicity are a mashup. Web meets reality. We all intuitively know there are many gradients between totally private and totally public – some people online know you're a dog, some don't; the numbers vary, based on how you use the Web, who you are, and how you live your life. The Web increasingly mirrors all of "real life." Technology didn't just start interacting with user privacy. Remember "Don't tell anyone who calls that your mom and dad aren't home"? "Will I sound too eager if I pick up after one ring?" Or even: "Who will see me reading this radical book?" Buzz, email, Facebook chat, tweets, texts, etc. are used in the contexts of our real-life relationships and situations just as much. Which is why it's absurd to think privacy is dead, or ever will be.

"Think about a cafe that you like to visit," said boyd. Compare your Facebook page to that public space in real life. "There's a possibility that you’ll intersect with all sorts of different people, but there are some people who you believe you are more likely to interact with than others. You have learned that you're more likely to run into your neighbors and you'd be startled if your mother popped in, since she lives 3,000 miles away. You may have even chosen this particular cafe in the hopes of running into that hottie you have a crush on or avoiding your ex who lives in a different part of town. You have also come to understand that physics means that there's a limit on how many people will be in the cafe. Plus, you'd go completely bonkers if, all of a sudden, everyone from your childhood magically appeared at the cafe simultaneously. One coincidence is destabilizing enough; we can't really handle a collapse in the time-space continuum."

The difference between my old landline and book examples and today's media and communications environment is the speed at which we communicate and socialize and the speed at which new technologies and products become available (the latter are digital, so they can be made available to all users simultaneously and globally within seconds). So we need to think carefully and a lot – in proportion to the speed of technological change, I'd say.

Who needs to think carefully and a lot? Everybody involved, together not in silos – users, companies, educators, policymakers. But let's just consider the two most important stakeholders, which – in the current new user-driven media environment – are really parties to a new, global social contract that's emerging right now, one that I think Secretary of State Hillary Clinton spoke to in her 21st-Century Statecraft" speech early this year. Those two parties are:

1. Internet industry, users are unprecedentedly your bread and butter. They supply all the "content" on your services. You need to bake consideration of the privacy and safety impacts of their doing so into your product development. For example, when you mash services up together, such as email and social-network updates, you need to think about how one tool is very private and the other very public. People use them differently. So combining people's email address books and social-network friends lists instantly without preparing them can create a lot of cognitive dissonance and bad will. "In digital worlds, people need to be eased into a situation, to understand how to make sense of the setting," boyd said. Companies need to poll their users or at least do focus groups before they make significant changes to the user experience, and after product or feature release, do more consumer education.

Users & providers are "dance partners." "When you moved from Web1.0 to Web2.0," boyd said to "the technologists in the room," "you moved from thinking about designing and deploying software to creating living code. You learned to dance with your users, to evolve with them." That's a powerful metaphor: Social-media companies and users are dance partners like never before. Users are much more than mere customers or consumers, and they may increasingly exercise that inherent power.

2. Users, we don't need to become conspiracy theorists, but we need to be serious about paying attention to our privacy settings – and go over them each time our favorite social tools announce a new social feature (such as Facebook's just-announced new Like button and Instant Personalization). Consumer awareness and self-protection are essential to exercising our power in a user-driven or participatory media environment.

Parents and teachers, kids know they don't want others to have power over them. Help them see that that's what privacy settings are about – having control over their own information and public image. When it's put this way, they know they don't want to let peers, companies, or anyone else do whatever they want with their info, reputations, and digital creations. You can help them see a) that it's reciprocal: their friends feel the same way – privacy and safety are necessarily collaborative in this media environment (see this); and b) that honoring this new reality is protective to all concerned – oneself, one's friends, one's community, and ultimately society. It's all interconnected and interdependent now. Mindful, collaborative behavior is baseline online and cellphone safety as well as privacy (see "Social norming: *So* key to online safety" and "From users to citizens").

Other key points in boyd's talk:

  • PII and PEI are intermeshed. We hear a lot about personally identifiable information (PII) but not as much about personally embarrassing information (PEI), which is every bit as important to users. Boyd said: "Because most people are interacting online with people they know, they expect to make PII available. They do so because they want to be found by friends. But they also want to keep PEI hidden, at least to those that might go out of their way to use it maliciously. Unfortunately, it's hard to be visible to some and invisible to others." The reality online as well as offline, she said, is that "when people make information available, they make themselves vulnerable." Product developers need to think about that as much as users.
  • It's complicated, like life. "Just because something is publicly accessible doesn't mean people want it to be publicized," boyd said. Adults, such as Slate's Kinsley, often conflate the two when they talk about the "solipsistic social Web." They're forgetting to ground social-media use in real life, instead somehow thinking technology is layered on top of life as an add-on. For example, you're "publicly accessible" to others when you're at Starbucks, but you're probably not publicizing your presence, though there are times when you might. You might sometimes use Foursquare so that everybody who follows you on Twitter knows you're there. But the reasons for that aren't necessarily narcissism but maybe rather hoping your local friends notice your shoutout and meet you there or, since Foursquare's a game you play, you may be aiming to become "mayor" of that Starbucks. You're probably not thinking that there's a slim chance a burglar is following you on Twitter and – noting that you're at Starbucks – robs your house, which is why social-media companies need to help educate users about that very slim possibility. Digital media use is about as complicated, changeable, and individual as living.
  • No magic formula. "Unfortunately, online environments are not nearly as stabilized as offline ones. While the walls in the streets may have ears, digital walls almost always do," boyd said. The environments (Twitter, Facebook, etc.) aren't stable, nor is our use of them. There's little common sense around their use yet, like the old "Don't let anybody know Mom and Dad aren't home" – though most youth privacy features in social network sites (see this). "There's no magical formula ... no easy algorithm to implement. Privacy and publicity are living things.... They are fundamentally processes grounded in needs, desires, and goals, situated in contexts and transformed by technology." Of course some needs and rights haven't changed, such as constitutional and legal ones for Internet users and providers in each country, though laws need to embrace and adjust to new-media conditions.

    Because privacy's a living thing that's functioning in a new, rapidly evolving media environment, everyone's a stakeholder in supporting it. We need to 1) stay informed and help our children see the importance of doing so and 2) keep revisiting our privacy settings in light of new conditions. Companies need to keep thinking about the impacts on users of the new conditions, bake that thinking into the products they create, and educate users about new conditions. Policymakers need to understand that 1) users want both privacy and publicity as well as the means to calibrate them and 2) need education as much as tools for intelligent privacy management. And we all need to see that – because of the unstable, collaborative nature of everybody's wellbeing in digital media – privacy and safety are an ongoing negotiation, not a one-size-fits-all, once-and-for-all solution.

    So I'd like to hear from you: Do you see it this way too, that a new kind of (multi-party) social contract is now in place, not imposed on us by any single power-holder but by changing conditions in which we are all invested (the social Web, or a user-driven, social/behavioral media environment )? If so, it seems to me that, under this contract, it benefits all parties not only to protect their own interests but to understand those of all other parties and protect them too. Otherwise, misguided "solutions," bad laws and lawsuits, and other signs of dysfunction will continue to distract us from hammering out real solutions together. Sorry to end on such a negative note, but that's what I see. Tell me what you see – via anne[at]netfamilynews.org, in this blog, or in the ConnectSafely forum!

    Important related links

  • "Youth, Privacy & Reputation" by Alice E. Marwick, Diego Murgia, Diaz, John Palfrey, and the Youth and Media Policy Working Group Initiative – a thorough review of research on the subject which has been published in the US, Canada, the UK, and the EU (released 4/12/10)
  • "How Different are Young Adults from Older Adults When it Comes to Information Privacy Attitudes and Policies?" (released 4/14/10), by Chris Jan Hoofnagle, Jennifer King, Su Li, and Joseph Turow. Their conclusion: "that young-adult Americans have an aspiration for increased privacy even while they participate in an online reality that is optimized to increase their revelation of personal data.... Public policy agendas should therefore not start with the proposition that young adults do not care about privacy and thus do not need regulations and other safeguards. Rather, policy discussions should acknowledge that the current business environment along with other factors sometimes encourages young adults to release personal data in order to enjoy social inclusion even while in their most rational moments they may espouse more conservative norms."
  • Security expert Bruce Schneier blogging about both of the above 2 surveys
  • Consumer privacy experts: the Center for Democracy & Technology and the Future of Privacy Forum
  • "Young Adults Do Care About Online Privacy" in the Washington Post
  • "Keeping Personal Info Private," one of 8 lessons from Cablevision's "Power to Learn" project for grades 4-8 (thanks to educator Anne Bubnic for pointing this out)
  • Tuesday, April 27, 2010

    Facebook to meet with Sen. Schumer on privacy

    Facebook's announcements last week about making the Web even more social caught the eye of Sen. Charles Schumer (D-NY), who has since been "publicly pushing the social networking site to change its privacy policy," ComputerWorld reports. In an open letter, a private letter to Facebook, a press conference, and his press release, the senator called on the Federal Trade Commission "to provide industry guidelines for social networking sites and require full disclosure of how sites use private information." Schumer was joined at today's press conference and in signing the private letter by Sens. Michael Bennet (D-CO), Al Franken (D-MN), and Mark Begich (D-AK). ComputerWorld said Facebook had tried to get a meeting with Schumer over the weekend and was successful in setting one up today. The time of the meeting is not disclosed. Here's Advertising Age's coverage, with more from analysts.

    Supreme Court to consider CA videogame law

    The Supreme Court will consider whether a 2005 California state law banning the sale of violent videogames to minors is unconstitutional, the San Francisco Chronicle reports. The law would bar the sale of any videogame to anyone under 18 if, the Chronicle says, it "was so violent it was 'patently offensive' according to prevailing community standards for minors, and lacked literary, artistic, political or scientific value." It was never enforced. A federal appeals court in San Francisco last year struck it down on constitutional grounds. "Federal courts have overturned similar laws in Oklahoma, Louisiana, Minnesota, Michigan, Illinois and the cities of St. Louis and Indianapolis," which is probably why the Supreme Court has taken on the California case. Here's Reuters's coverage and a collection of past posts of mine on state laws concerning videogames. [See also: "Fresh debate on effect of violence in videogames" and "Play, Part 2: Violence in videogames."]

    Monday, April 26, 2010

    What the new Facebook features mean to us users

    Remember how the word "friends" took on new meaning with the advent of social networking? Well, the same thing might be happening to the word "like." You always liked stuff, but now you "Like" it, as in broadcast that you like it, to the world via Facebook – or just to your Facebook friends, depending on how you've set your privacy settings. FB users, right after logging in today, click on "Learn More" in the box FB has at the top of your page explaining all this (its headline is "Connect with your friends on your favorite websites"). I'm talking about the just-announced latest changes at Facebook, the Like button you'll be seeing in more and more sites and blogs around the Web and "instant personalization," which personalizes your experience of Web services like Yelp, based on the info you've shared about yourself in FB.

    Some pundits have actually called these developments "Web 3.0" (though we can't forget the mobile part of Web 3.0, I think). The BBC's headline was "Facebook's bid to rule the web as it goes social" – or, if not to rule, at least make it much more social than ever, or make the whole Web a more socially informed experience. And then maybe, as the BBC put it, "unseat Google" (and all FB's other competitors) to boot. For more on what it means to us mere mortals, check out GigaOm's "Your Mom’s Guide to Those Facebook Changes, and How to Block Them," then talk with your kids about checking those privacy settings again – make sure the settings are just the way everybody wants them under these new conditions. ReadWriteWeb.com goes into great detail about how Facebook's latest moves, announced at the F8 developers conference last week , affects its competitors and Web publishers as well as users. Remember that word "Like" I mentioned above? Well, ReadWriteWeb already replaced "click" with "like," where it says that Facebook's intent is "to get users to Like on the site and post a link to Facebook." [See also the Oregon Daily Emerald (at the University of Oregon) on how Facebook "surpassed Google in hits in the U.S. in one week during March of this year, the first time Google has been out of the top spot since it surpassed MySpace in 2007," and the New York Times on new apps and services illustrating the trend that sharing personal details is the whole point.]

    This just in!: The Electronic Frontier Foundation has just posted a video and instructions on how FB users can opt out of "instant personalization" in the Web services with which Facebook has struck deals so far: Microsoft Docs, Yelp, and Pandora.

    Friday, April 23, 2010

    Sexting primer for parents: In case some basics would help

    A lot of sexting numbers have been tossed around the airwaves after four separate national studies. I'd go with the latest (last December) from the Pew Internet & American Life Project: 4% of US 12-to-17-year-olds have sent "sexts," 15% have received one from someone they know (see this for more). Why Pew? Because they focused on the age range and issue of greatest concern due to child-pornography laws in this country: 12-to-17-year-olds and photos – specifically, sexually suggestive nude or semi-nude photos, not sex-related text messages, which other studies included.

    It's helpful to remember that there are two sets of concerns, here: legal and social, both deserving of respect.

    Legal concerns

    First, keep in mind that what can happen legally depends a lot on the jurisdiction you live in and how police and prosecutors are applying the law to this bizarre legal conundrum where a child can be both perpetrator and victim at the same time. For example, students involved in a sexting incident in Perry County, Pa., where Susquenita High School is, received felony charges from their district attorney last year, while students involved in a separate sexting case in neighboring Franklin County, a different jurisdiction, were not prosecuted as felons. There are solid indicators that the tide is turning toward not treating juvenile sexting as a felony crime, but the possibility remains: People involved with creating, sending or even receiving a nude or sexually explicit photo of someone under 18 can be charged with production, distribution, or possession of child pornography.

    A spectrum of causes

    It's important for adults to keep in mind that sexting can have lots of causes – something that it seems law enforcement is beginning to understand, fortunately. The difference between parents and police is, we start with kids and adolescent behavior; police, rightfully, of course, start from the law. But, in some cases to tragic results, laws haven't caught up with kid behavior in a digital world. Sometimes the law can help, though: for instance if school officials confiscate and search student cellphones in states where a search warrant is required to search a phone as well as a home. The law may apply differently on school grounds, however. [It might be helpful for you or your PTA/PTO to contact your local district attorney and/or school board and find out what the law says about sexting by minors and searching private property, on or off school grounds, in your jurisdiction – just in case.]

    The causes of sexting range from developmentally appropriate behaviors like "Truth or Dare" games gone very wrong ("I dare you to send a naked photo of yourself to the boy you like," says one 13-year-old to another at a sleepover – see this) to malicious peer pressure (popular boys pressuring shy girls in a "prank," an incident the mother of one of those shy girls emailed me about (e.g., this) to criminal intent like blackmail (e.g., this). In the Pennsylvania case I blogged about this week, the photo-sharing was all consensual – "among friends" – the girls themselves having taken the photos, I was told. But humiliation did become a factor on the girls' part, sadly; I can only imagine it kicked in very quickly.

    The Pew study's "three main scenarios for sexting" are 1) romantic partners sharing images just between the two of them, 2) romantic partners sharing images of themselves outside their relationship (e.g., to show off, get revenge after a fight or breakup, and so on), and 3) the sharing of photo by someone who wants to get involved with the recipient – in a "flirting" or solicitous scenario. Most of this is not criminal behavior. I hope all adults, from schools to parents to police, will come to see that, as we deal with sexting incidents, punishment and prosecution are not the goal, but rather support for any child being victimized and community-wide learning in the areas of critical thinking, ethics, and civility (as well as restoration of order, if needed, so students can get back to being students).

    What to tell your kid

    What do you tell your child? If a sexting photo gets sent to a kid's phone, in most cases, he or she should just delete it. Certainly tell your child never to forward a "sext." At the very least that's truly mean to and disrespectful of peers; it also amplifies the problem and could potentially be seen as trafficking in child porn. Keep the conversation calm and supportive, get as complete a story as possible, and work through together how to proceed.

    If your child came to you, that's great; you want to keep those lines of communication open because he or she may need a lot of love and support. Chances are, you're not the first to hear about the problem, and you need to be able to have as complete a picture as possible to help contain or stop harm to young people, especially the subject(s) of the photos. You may want to talk with the parents of other kids involved, but keep you child part of the process as much as possible. If you're not the first to hear, someone's probably already pretty humiliated, and that's almost certainly enough "punishment" – or better, enough hard lesson learning – for the young people involved. You don't want legal (or criminal) repercussions added on top of that for any child, not in the current legal environment.

    By all means, help all kids understand the psychological risks, preferably and if possible before sexting happens, whether they somehow find themselves in disrespectful or abusive relationships or are floating in a "romantic" bubble of denial that says "maybe other people would share these private photos with anyone, but we never would." They must know by now that all digital media can easily be copied and pasted into the permanent searchable archive called the Internet! If not, keep reminding them.

    The key social concern

    As for the very important social concern: An expert I heard at a conference recently said that, if you peel off all the legal and moral layers in these situations, once photos have been circulated, what you have left is violation of a friend's trust. That's tough for any human being of any age to deal with. Add to that the challenges of teen identity and social development, and these are extremely rough waters for a young person. That's why great care must be taken to support young victims.

    This isn't about technology or some new thing under the sun. It's about learning to be respectful of one's self, peers, and community online and offline when surrounded by a pretty sexually charged media environment and tethered by phones and other devices to the 24/7 reality-TV drama of school life.

    Related links

  • To go more in-depth: "Sexting & Youth: Achieving a Rational Response," by Nancy Willard at the Center for Safe & Responsible Internet Use
  • "We know that for teens the peer network is crucial in terms of their sense of who they are, the communities they build, the people they trust," said University of Texas Prof. S. Craig Watkins in his keynote at the 2010 Digital Media & Learning Conference (at about 45:18 in the video).
  • "Kids need adults," said Philadelphia high school principal Chris Lehmann. "The world is bewildering.... The flow of information – you know, that drinking-from-the-firehose metaphor, it's happening to kids too. They need people to help them make sense of their world. But to do that we have to be willing to access their world.... If they're willing to let us into that world ... we should go there, and we should help them," Lehmann said in a talk at last month's TEDxNYed conference on the future of education.
  • ConnectSafely.org's Tips to Prevent Sexting
  • About the MTV study (released a week or so before Pew's last December), offering important insights on "digital abuse" and sexting
  • About being tethered to "The Drama" of school life: "Parenting & the digital drama overload" and "Cyberbullying & bullying-related suicides: 1 way to help our digital-age kids"
  • Thursday, April 22, 2010

    NY's e-STOP law: Not sure how much it protects

    New York Attorney General Andrew Cuomo recently announced that his state's new "e-STOP" law has "resulted in the removal of accounts associated with at least 4,336 registered sex offenders" (RSOs, some of whom had more than one account) from such social network sites as MyLife (formerly Reunion.com – 2,100 accounts), Tagged (950), hi5 (575), BlackPlanet (570), Bebo (542), Flixster (508), Flickr (448), Friendster (271), eSpin (120), Orkut (113), Stickam (109), Buzznet (18), and Fotolog (12). Without providing any detail, in his press release, General Cuomo also called on more than a dozen kid sites to screen for RSOs, among them BarbieGirls, Build-a-Bearville, Club Penguin, Girlsense, Neopets, and Webkinz. I think this announcement represents progress in the form of more granular understanding of the social Web as something hugely larger and more diverse than MySpace and Facebook. But it's not a particularly protective state law in that 1) it can only affect offenders in that state; 2) if lots of states adopt such a law with lots of different reporting procedures to social sites, the burden on sites to do anything with that data becomes greater and greater, which makes cooperation less likely (e-STOP requires offender compliance, not site cooperation, partly because the sites aren't based in New York); and 3) this would be more effective as federal law, in which case it would provide some protection to minors, but only from convicted and registered sex offenders in social sites, not from those who prey on children in real life, where the vast majority of such abuses occur, presumably most going unreported (even a law enforcement officer I spoke with recently said scrubbing social sites of predators doesn't go very far in protecting children).