The Illusion of Privacy: You are Not in Control

Posted on: May 24th, 2013 by Pernille No Comments

By STEFFAN HEUER and PERNILLE TRANBERG

Published first in The Daily Dot

Are you an avid user of Snapchat, that kind of person who likes bits that go poof? If you or your kids are under 25, chances are you do. The wildly popular photo-sharing app—which promises that pictures self-destruct after 10 seconds—is a clear sign that many people long for privacy. Snapchat claims to have finally delivered to us a medium that does not forever save and store our data. We want that! Of course we do.

Unfortunately, Snapchat doesn’t quite transport us to the land of data privacy. It sounds too good to be true, and it is. In much the same way that Facebook deludes people into the belief that they can actually be private, it gives us a false sense of security. Twitter makes no bones about privacy; it is, and claims to be, an open public network where you are public by default. With the likes Snapchat and Facebook—and most of social media, in fact—many mistakenly believe in the illusion of being private.

The specific problem with Snapchat, of course, is that while the photo message on Snapchat disappears from the phone of the recipient after a few seconds, it does not prevent the nimble-fingered receiver from taking a screenshot. If that happens you get an alert, but what good does that really do? It certainly doesn’t prevent the screenshot from being shared with others, as happened at this New Jersey high school. There’s another hack to work around that alert. And last but far from least, a US-based company Decipher Forensics told the Guardian that they figured out how to recover photos from the Android version of Snapchat in a matter of days. The company is now trying to recover photos from the iOS version of Snapchat. The photo-app has been downloaded more than five million times in the Android marketplace and has been at the top of the Apple app store for quite a while.

There are just as many problems, if not more, with Facebook’s privacy settings. The biggest is that the company constantly changes them with the perverse effect of eroding its users’ privacy. It forces millions of people to waste precious time to understand the changes and how to plug gaping new privacy holes. (Check out this brilliant visualization of how Facebook keeps moving the privacy goalposts.)

The bottom line is that your friends tend to reveal your supposedly private data, both intentionally and accidentally—for example by sharing your “private” pictures via their own, wide-open account. Of course, it’s worth noting that privacy in itself contradicts Facebook’s raison d’etre of virality.

So why do services even attempt to create this notion of privacy for users? Because there is a growing demand for services that don’t violate your privacy. If data, or their analytic essence, is the up and coming asset for players such as Facebook, dangling a false or misleading sense of privacy in front of users gives us all an incentive to share even more.  

It’s a con game. But don’t take our word for it—ask Alessandro Acquisti, a behavioral economist at Carnegie Mellon University in Pittsburgh. He created quite a stir at this year’s SXSW-conference where he presented his latest research, entitled “Misplaced Confidences: Privacy and the Control Paradox.” It documents the fact that making people feel more in control of their data can lead to their sharing more sensitive information with strangers.

Acquisti asked two groups the same questions, some mundane, some very personal: Have you ever been fired? Have you ever used drugs? Have you lied about your age, had cosmetic surgery, or had sex in a public venue? He found that the group that thought their answers were treated anonymously or privately were willing to tell much more about themselves than the group that knew their answers could become public.

Companies that make money by first luring you in and then selling out your behavior know how to work it. Acquisti and CMU colleague Fred Stutzmann showed that Facebook users have been engaged in a losing battle with the social network to keep their private data under wraps. In their study “Silent Listeners,” the researchers  analyzed more than 5,000 Facebook users over the course of six years, from 2005 through 2011. They discovered that people tried to increasingly restrict what they shared, but Facebook generated so many new settings and loopholes, particularly in the past couple of years, that its users ended up revealing even more than before. In that sense, the expression “privacy settings” sounds like Orwellian Newspeak.

And speaking of silent listeners—how many are there, really? One Stanford study tried its hand at “Quantifying the Invisible Audience in Social Networks.” People generally have no idea how many parties are siphoning off their supposedly private feed. On average, the audience of a Facebook user is four times the size people assume. In other words: post something to 100 so-called “friends,” and it’s skimmed off by 300 strangers, including app developers and advertisers.

In a recent portrait in the New York Times, Acquisti summarized his findings this way:  “What worries me is that transparency and control are empty words that are used to push responsibility to the user for problems that are being created by others.”

Don’t fall for the privacy honeypots set by current social media services. Chances are they will game you with promises of control and ephemeral content. Once your digital tidbits are out there, you can almost never take them back.

Take a look instead at the new and emerging class of services that let you encrypt and wipe multimedia communications between phones, and even posts on social networks: Silent Circle by PGP encryption guru Phil Zimmermann; or new plug-ins like Privly and scrambls. Apps like these make sure that ultimately, you’re the one in control of your data, not someone else. Because do you really want to trust what they tell you is private? Or do you want to determine your own privacy on your own terms?

Steffan Heuer and Pernille Tranberg are authors of the book “Fake It: A Guide to Digital Self-Defense.” They cover technology and privacy issues in San Francisco and Copenhagen. In this series, Digital Self-Defense, Heuer and Tranberg report with updates from the digital identity wars and teach us how to defend our privacy in the great data grab going on all around us. Follow them at @FakeIt_Book.