Despite the headlines and hyperbole around Facebook information privacy issues--and the public exodus of notable online personalities in protest--the reality is that Facebook membership is actually still growing. Social networking and data privacy are, in many ways, directly at odds and the solution comes down to user awareness and choice.
The latest changes to Facebook policies, and the ways information is shared and distributed by it shouldn't come as any huge surprise. Facebook has had policies in place pretty much from its inception that seem to overtly infringe on personal privacy. I initially avoided Facebook after a fellow information security professional pointed out that Facebook policy essentially claimed ownership of virtually anything published on the site to be used, shared, or distributed to meet Facebook's needs.
Eventually, though, I accepted the risk in order to take advantage of the benefits of Facebook. I wanted to share with family, friends, and old high school acquaintances and I determined that "privacy" is subjective and that the responsibility is ultimately mine to find a comfortable balance between being social and being private.
A few days ago I wrote an article stressing that other Facebook users need to accept responsibility in a similar way, and highlighting the importance of user education and awareness. Many of the comments and e-mails I received in response to that article focused not on the topic of the post, but on my use of the infamous McDonald's coffee lawsuit to illustrate a point.
In retrospect, it does seem that a more appropriate example of misplaced responsibility would be the scenario of someone taking an over-the-counter sleeping aid and then driving heavy machinery, or any of the other cases of a void of common sense on the part of the user leading to some sort of legal or financial burden being placed on the manufacturer.
As a side note, I personally believe that McDonald's should have proactively offered to cover medical expenses in this case, but I can also understand the Pandora's Box of frivolous litigation that would open up for it--customers knocking on McDonald's door seeking compensation when they bite their tongue while eating a Big Mac. Still, there are aspects of the McDonald's case that apply to the Facebook privacy issue.
McDonald's served its coffee very hot, leading to the plaintiff in that case receiving third degree burns after spilling the coffee on her lap. McDonald's had received earlier warnings regarding the temperature of the coffee, so apparently the burden was on McDonald's to change the temperature of its coffee or implement some additional safety controls to prevent injury from it.
Fair enough. However, was it the victim's first cup of McDonald's coffee ever? Was it her first cup of coffee ever? Because the proper temperature for coffee is between 155 and 185 degrees Fahrenheit, and third degree burns can result from liquids at 180 degrees.
McDonald's coffee was about five degrees hotter than the high end of proper--primarily a response to customer demand that the coffee be fresh and piping hot--but the reality is that the woman could just as easily have received third degree burns had McDonald's served the coffee 10 degrees cooler, or by spilling coffee on herself virtually anywhere that coffee is served. I checked the temperature of the coffee from my coffee maker at home and found it to be 175. I guarantee that if i spill that in my lap there will be some painfully uncomfortable results.
Complaining that McDonald's coffee is too hot is like complaining that a scoop of ice cream at Baskin Robbins is too cold. Is it the responsibility of McDonald's, or any business for that matter, to modify products or practices to cater to a minority even though the market and customer demand don't support it?
This brings us back to Facebook. Privacy is subjective. What is appropriate, or how much is too much is a matter of personal opinion and comfort levels--especially where the goal is to share information. The simplest solution to achieve privacy is to not voluntarily share information, so any use of social networking requires some sort of compromise.
Obviously, there are many who are uncomfortable with Facebook privacy policies, and the impact that recent changes have had on the distribution and transparency of personal information. However, with membership approaching half a billion users and still growing, it does not seem that those parties are necessarily in the majority. Should Facebook cease innovation or expansion of its business model to cater to those concerns?
I have said it before, and I will reiterate it here--I do feel Facebook should implement new practices to be more open about upcoming features rather than simply springing them on users, and that Facebook should disclose the implications of using the new features and make them opt-in by default. Doing so would stifle much of the criticism Facebook is currently dealing with, and most likely have little impact on its bottom line because a majority of users will still accept the risk and opt to use the new service.
The issue of personal information online extends well beyond Facebook, and the solution comes down to user education and user awareness. That means that entities like Facebook have to be up front with users about how data will be used, and IT administrators need to ensure that users are aware of the potential issues of putting information online.
Those who take sleeping pills should understand that the pills will make them sleepy. Those who drink coffee should understand that it's a hit beverage with potentially painful results if it comes in contact with skin. And, those who use social networking should understand that information will be shared. In all cases, the vendor needs to be clear about the risks, but the user is ultimately responsible for accepting that risk.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.