Fast Forward

It's not a privacy 'breach' when information about you is out there already

By Rob Pegoraro
Sunday, November 14, 2010

Facebook and Google have been in the news for the wrong reasons lately.

The social network is in the doghouse for the misuse of some users' data by applications it installed on their pages. The Web-services giant earned itself multiple government investigations - including an inquiry launched by the Federal Communications Commission on Wednesday - for collecting data from people's wireless networks as part of its Street View mapping project.

Both of these episodes show that we need to upgrade how we think about privacy online - starting with the vocabulary we use.

The Facebook and Google issues have both been called "breaches." But they're not. The information at stake in each case was already public by any meaningful definition. It would have remained public no matter how good or evil the two companies had been.

In Facebook's case, the data consisted of the basic parameters of people's accounts: Their name, picture, gender and networks, all of which Facebook already makes public to all of the 500-million-plus users on the site. Unless you change its default settings or you're younger than 18, that information is also visible to anybody online.

Facebook's own rules prohibit applications from using these data for their own purposes, and the Palo Alto, Calif., company has since cracked down on app developers and banned one data broker from doing business on the site.

But if you're on Facebook, your basic identity remains as visible to everybody else on the site as before - in the same way the White Pages broadcast your identity to anybody who still gets the phone book.

If you want to be angry about all that, don't gripe about evil app developers or Web coding by Facebook that made it too easy for them to capture this data. You should blame the site for its default settings.

Unfortunately, without an effective competitor for Facebook, your only viable protest against its defaults besides closing your account is to post misleading public information in your profile.

(Disclaimer: Post Co. Chairman Donald E. Graham sits on Facebook's board of directors. You may also see this item get promoted on Facebook by the Post, as the paper markets itself extensively on the site.)

In Google's case, the problem began with people leaving their wireless networks unencrypted. People have been neglecting to take this simple step since the arrival of consumer-grade WiFi routers, either because they're confused about its necessity (see the puzzled questions about it in this 2004 chat transcript) or because most routers' hideous configuration interfaces make it too difficult to activate strong "WPA" encryption.

CONTINUED     1        >

© 2010 The Washington Post Company