Recently I read a very interesting article by Alison Leigh Young and Anabel Quan-Haase about privacy protection strategies on Facebook: http://bit.ly/12jVTgM
The authors take up the distinction between social and institutional privacy. Social privacy concerns describe people’s fear of intrusion caused by other people. They capture, for example, the fear of being stalked, bullied, made fun of, or being exposed to unpleasant content. Institutional privacy concerns, on the other hand, involve skepticism and unpleasant feelings, because private companies and public institutions, such as the state, use personal data for undesired purposes (e.g. targeted messages and personalized ads).
Interestingly, Young and Quan-Haase showed that young university students have a strong consciousness of social privacy. Many of them establish strict privacy settings, strongly regulating the access to and visibility of their profiles. However, awareness of institutional privacy is much less pronounced. Only a small minority of study participants worry about institutions accessing and using their personal data. Considering that the sample consists of educated, young people (the prototypical group of web-savvy, online skilled, and aware users), this finding appears even more remarkable. Obviously, the control over the more tangible and approachable form of privacy satisfies many users.
Social media providers have been very successful in empowering users’ social privacy – thus cleverly taking away the attention from the serious problem of institutional privacy. “Since I have strict privacy settings on Facebook, I can post whatever I want and don’t have to worry about my privacy anymore.” That’s – in a nutshell – the very shortsighted view many study participants convey. We can’t be 100% sure that the findings generalize beyond the sample. But very probably, many Facebook users in the overall population share the same attitude.
SNS providers encourage non-users to participate and users to engage more and more. This is done by means of the site design (“what’s on your mind?”, “help XY find friends”, “write something”, “write a comment”…), the affordances of the technology and driven by SNS’ very business model. Not surprisingly, the most effective tactics against institutional privacy breaches (not having a profile at all, providing false or sparse personal information) are heavily battled by the SNS providers. Quite successfully so, as Young and Quan-Haase show: users frown upon these tactics and very few study participants give wrong information, such as pseudonyms or fake birthdays. They don’t want to confuse their friends and find it strange when someone portrays wrong information. Such straightforward reasoning coincides nicely with the SNS providers’ intentions.
In sum, the study makes clear we need to be more specific when we talk about privacy. Is it social privacy or institutional privacy? It also shows that one problem might be(come) solved to a large degree… but only to conceal a much more subtle and harder to grasp issue: that of institutional privacy, that of more distant actors collecting and (ab?)using our personal data, that of new risks and threats.