Thursday, February 7, 2008

social graphing, identity and privacy

Google has recently announced the availability of its Social Graph API, which is an application programming interface that allows software developers, product developers, and frankly anyone who reads and writes in the languages of the Internet, to uncover the people connected to each other through their connections to Internet documents and services. for more on this see

i use the word uncover appropriately here since because i have a webpage, a blog, and a facebook account, and you may have linked to any one of these three "documents" but have decided against making yourself explicitly known to me; what API's like Social Graph does is remove the documents so that i can now see that you and i, and some of your friends who are linked to you, are indeed connected.

in the initial reactions to Google's Social Graph API some* have raised concerns about privacy. the debate can be over-simplified into two camps: a) it's all public information anyway, and privacy by obscurity is dead already, so why not? And b) even if a) is true, just because we can mine this data without requesting user permission, ethically speaking should we?

i want to point out a fundamental flaw in the way privacy as a socio-legal construct is interpreted. in north america the legal doctrine considers what our "reasonable expectation of privacy" is in public. with the exception of Quebec**, case law says that our houses (the brick and mortar ones versus "home" pages) is the place where we should expect to be protected from the prying eyes of the state and others. however, once we step outside of the home this expectation rapidly diminishes. according to the laws of our lands there is a geographical delineation of where we can expect that our actions are private. this falls apart in online communities where there is no geography of bits. where when we post something, like a revealing photo to our Facebook friends, we may not expect that only our fb friends are watching. yet, there is nothing equivalent in the physical world to applications like the Social Graph API. short of having a way for armies of private investigators to very quickly amass the data on everything and everyone we connect to in public spaces, and the friends of their friends too. for this reason and many others, the way that privacy as a legal doctrine is currently used is not valid when we look at these api's. there is a growing gap here between what privacy means ethically and what our recourse will be legally.

my second, thought on this is that there is a troubling and, depending on who is using these api's, dangerous underlying assumption at work; that the identities that we construct in these different online spaces, connecting to very different groups of people, may be summed up to equal a coherent representation of a person. if you strip out the context of the interactions - which is what these api's do - is the resulting data on the social connections even sensible anymore? for a good read on this see David Phillips' paper on the use of pseudonyms as identity masks online and the implications for software designers (***reference below). because the word surveillance is coming far to quickly to my mind and i wonder if what is being interpreted is anything worth having at all.
then again, it always is...

L8R, R
(ne1 can undRst if th will is thR, IMO. nuf Z)


**Quebec is the only place in North America where photographers are required to get permission from the subjects of photographs that will be presented to the public.

***Phillips, David J. (2002). "Negotiating the Digital Closet: Online pseudonymity and the politics of sexual identity", Information, Communication & Society, Vol 5, No. 3, pp. 406–424.

1 comment:

Kishor, Shamita John said...

I feel that we are living in the age of internet, and every bit of information that may be Public or Private is easily accessible, if we worried about privacy means we are not accenting the change. If we really worried about privacy then leave the idea of creating open identity.