Alex Payne from Twitter has an interesting post up about the costs of privacy in social web applications. The thrust of his argument is that respecting the complex privacy requirements of the average non-geeky user increases the complexity of developing and using social software. While geeks might be happy to broadcast their comings-and-goings to the world, non-geeks (by which he basically means girls) have to worry about creeps and hooligans contacting them or, worse, seeking them out in real life.
Without privacy concerns, Twitter would be an incredibly simple service: basically just lists of posts and lists of users, exactly the kinds of data that database-driven web applications excel at providing. But, as Alex says, "privacy mucks this happy scenario up."
"Ask for a list of users on a social network with privacy controls and you're kicking off a complex series of computations behind the scenes. The database can't just retrieve a simple list when privacy is in the mix. Instead, it has to jump around its tables of data figuring out who's allowed to see who. The web application now has to provide different decorations to denote the private users, so you need extra logic and some new icons. Everything just got twice as hard: harder for the machines, harder for the programmer, harder for the designer, and (before this was a common UI pattern) conceptually harder for the user."
Reading this got me thinking: why isn't this a problem in real life? Why doesn't the coexistence of groups of people with conflicting privacy concerns cause problems in the actual public square? If this is really a problem stemming from the introduction of non-geeks, why doesn't it happen at sporting events or in malls where non-geeks are all too prevalent?
In real life, there's no universal system for privacy that tries to work equally well for all people everywhere. Instead there's a custom solution for each place and each community. In America, the governing law here is the Fourth Amendment and the surrounding jurisprudence, which created the doctrine of 'reasonable expectation of privacy'. In other words, our communal sense of how much we'll be seen or overheard in any particular place actually determines whether and to what extent other people are allowed to observe us there. For example, in our own homes we expect what we say and do to stay within our own walls so police are not allowed to eavesdrop on us there without a warrant even though that prospect becomes technologically easier each day. On the contrary, in an obviously public place like a mall food court covertly observing us (or photographing, videotaping, and RFID-scanning us, etc.) is fair game for cops, mall security, and even our fellow citizens.
Put in terms of social web apps: in real life, which of our data can be read is determined not by our social relationship to the person doing the reading, but by which network we're using and what constitutes a reasonable expectation of privacy there.
Seen this way, the real problem that social networks like Twitter are encountering when enforcing privacy is that they are trying to be all places to all people. They want to build one space in which you can broadcast your political beliefs to the world while I, simultaneously and conterminously, whisper my darkest secrets to only my closest friends. In the technical realm, this creates a major problem by preventing the existence of one coherent privacy policy (the way a bank's site might have). Instead, sites like Twitter are required to enforce as many different privacy policies as there are possible relationships between their users. In the social realm, this creates confusion and conflict by hampering the construction of the kinds of social norms that allow for agreement on what constitutes a reasonable privacy expectation to take hold (the way Wikipedia, with its dead simple, basically non-existent, privacy policy does have). Instead, sites like Twitter become cyclotrons filled with constantly colliding communities with different privacy expectations: if I just use the service to keep in touch with my closest friends then even emailing me about each stranger who starts following my updates can become invasive.
The implication of this seems to be that, like in real public places, online communication platforms will eventually have to sort themselves into the general categories of public and private rather than trying to be both at once. And our most successful platforms are already pretty clearly sorted: you know exactly what amount of privacy to expect when sending email or posting to a blog. Since one of the hallmarks of the new social web apps like Twitter and Facebook is that they're trying to break down this very division (or at least host both halves of it under the same roof) they are going to be running smack into this problem on a regular basis. I wonder how long it will take them to do better than the authors of the Constitution...
Tagged: twitter, social network, privacy, constitution, fourth amendment, al3x