Social Networks and Privacy

Home ] Up ] Site Map ]



Contact me!



Social Networks and Privacy

In mid-2006, some people invited me to join their group on LinkedIn, a "social networking" site that maintains forums and mailing lists. I said I didn't want to join because I didn't want to give the social-networks data miners that kind of data for free. Some of the people I was talking to didn't seem to understand or believe in the problem, so I wrote this.

KnowNothingInternetUserAndGroupJoiner wrote:
> But part of my point is that LinkedIn doesn't _have_ any data 
> that would bother me if it got "out".

And if you're not doing anything wrong you shouldn't mind when the cops demand that you show your papers. And if there is nothing illegal in your house you shouldn't mind if they search it.

I hope you find this chilling: the ongoing NSA wiretap business works by identifying calls between the USA and "People of Interest" overseas. If you call one of those people, you become a Person of Interest, and they start watching your calls. If you call somebody else or they call you, then THEY become a Person of Interest. And so on. Linkage like this is precisely LinkedIn's stock-in-trade. You think the NSA doesn't know about LinkedIn, and wouldn't harvest the links to find similar information?

The data miners (basically two groups: advertisers and investigators) have just about sewed up the "individual information" part of the business. The next generation is mapping connections, and LinkedIn is gold for them. Any time you see a news story where they say somebody is "associated" with another person, or has "ties to" an organization (or members of an organization), you're seeing that kind of information at work.

And LinkedIn is all about creating linkage data in a harvestable way. Link with somebody? LinkedIn sees that. Click to send mail? LinkedIn knows you sent mail, even if they can't see the content, and it increments the "link strength" counter. Click on an ad? LinkedIn knows that, and adds one to a counter for you and that ad, and also adds one to the counters of people you link with, to say "People this person is linked to have clicked on ad X; maybe this person would too." Harvest that information over enough people, enough links, and enough time, and they'll know more about you than you do.

Want to see how this can go bad? Imagine: one of the people you link with (or one THEY link with) gets accused as a pedophile. A prosecutor might want to "roll up the whole gang," and ask LinkedIn to turn over the person's links (direct and indirect). Who's going to say no to an investigation of a child-pornography ring? Now you're being investigated with no convictions and no other evidence, just "links." Protecting your data with "industry standard practices" means nothing. It certainly means turning it over with a subpoena, and often without - just ask Microsoft and Yahoo. The investigation might clear you, but not before your family, friends, and employer get some uncomfortable questions. And if your LinkedIn network happens (by sheer bad luck) to lead to anybody ELSE of interest to the cops, you're gonna need a lawyer.

A more amusing and revealing way that linkage goes bad has been seen on once you buy a book, you start getting "recommendations" based on the purchases of other people who bought that book. If you buy a pregnancy book for a friend's shower, suddenly Amazon thinks you're having a baby and starts "recommending" all sorts of baby stuff. This got so bad that Amazon had to add a feature to let users REMOVE purchases from their "recommendation" pool.

Maybe you like Amazon's ability to recommend books you might enjoy. But try this: you buy a book on depression (for a friend), and now Amazon thinks you're depressed, and later some politician is able to dismiss your objections because you have a "history of psychological problems." Nuance and second-order justifications aren't good shields against easy sound bites.

Or just listen to the novelty song, "My TiVo Thinks I'm Gay." The singer says he watched "Will and Grace" once, and now TiVo is recommending TV that it thinks would be enjoyed by the kind of person who makes that lifestyle choice. Did you know that TiVo constantly logs your viewing (and re-viewing) habits and sends them back to the home planet for further study? I use DishNetwork, partly because I never have to hook it up to a phone line. (If I used Pay-Per-View features then I would, but I don't.)

By the way, thanks to Google Groups and this e-mail message, "they" can now see that you got mail with the words "pedophile" and "child pornography" in it. Echelon carnivore NSA CIA FBI terrorist attack. Does that make you squirm? If it does, remember that when you vote. If it doesn't, well, maybe it should.


This page was last edited January 19, 2015.