Rob Pegoraro’s article in yesterday’s Washington Post is a worthy read, if only because it puts into context what is and isn’t a privacy breach.
Recently, there’s been a lot of noise–started by a Wall St Journal article–about a supposed privacy breach by Facebook surrounding the misuse of user data by applications installed on the user’s page. But as Pegoraro relates, this information was all public anyway, much like a phone book displays your identity. Here’s what he says is the difference between what is and isn’t a breach:
Privacy breach: Exposes private information you tried to keep confidential, in ways that risk the loss of money or security or otherwise fairly earn the adjective ‘Orwellian.’” NOT a privacy breach: Information about you that is already made public to users of a website, including the “basic parameters of people’s accounts: their name, picture, gender and networks….”
The point is that we shouldn’t conflate the use (or misuse) of public information with the breach of private information. Doing so elevates a lesser offense at the expense of something that is much more serious.
But as much as I like the article, I also have a few quibbles. Pegoraro says that if users are still offended by Facebook, they should blame the site for its default settings and switch to a competitor. And while losing customers is the ultimate penalty for any business, he misses the point in a couple of ways. First, we want to encourage innovation in social media and information sharing, which means companies need the freedom to set and change default settings (I’ve blogged on this before). Second, instead of switching sites users can just adjust their privacy settings! This simple, less drastic measure wasn’t even mentioned.