Facebook’s Lesson: The Demise of Privacy or Will You Fight Back?

Facebook's new advertising feature ‘Beacon’ created a storm of protest for using the personal content their users have posted for advertising purposes. Launched last month, their ads grab users’ photos, personal content, purchases and online actions and share it with their ‘friends’.

The purpose of this new functionality is to turn the service’s users into personal promoters of merchants and their products. Not surprisingly, Facebook’s users were outraged at the blatant violation of their privacy and forced the company to retreat – somewhat. Facebook has modified ‘Beacon’ to allow users to choose whether or not their private information is displayed in ads, but it still forces them to opt out each time rather than a blanket opt out option.

The real misstep here wasn’t that Facebook chose to exploit consumer content as that’s been going on a long time; it’s that they moved too quickly. Had they been more cautious in increasing the exploitation they may have avoided the outrage.

Like the adage of the frog that jumps out of boiling water, yet remains and is eventually cooked if the temperature is slowly increased, consumers have been lulled into accepting the gradual encroachment of their privacy online. Now that Facebook has turned down the heat a bit, the real question is whether consumers will adjust to the current escalation in exposure, or is there enough awareness and outrage to demand fundamental changes.

The level of exploitation consumer’s face in online services today has a long shadow. It started when Internet services sprouted like mushrooms on the assumption that users would pay subscription fees for all these cool new features. But companies got few subscribers. Companies tried increasing the number of services they offered and reducing prices, and still they got few takers. Companies who didn’t have deep pockets to tide them over went bust.

Then a new idea emerged - If you can’t sell products to consumers, how about making consumers be the commodity and selling them to advertisers? Offer the online services to consumers for ‘free’ to get a substantial user base (the real commodity) and then sell advertisers access to the user base.

The basic concept wasn’t new. Magazines, newspapers and TV all allow advertisers to reach specific audience segments, but they do so through the content they offer – ads on the financial page differ from the fashion pages, ads on Nickelodeon differ from CNBC, and so on. This balances the desire for a targeted market segment with the privacy of individual consumers – you opt into the ads by the shows you choose to watch or the magazines you read. This advertising does not exploit individual consumers’ information.

Online, this change of focus had potential, advertisers were willing to pay for access to consumers, but there was a frustration over the lack of targeting available - few companies want to target all consumers. Targeting content works well enough for models where content is served up – like news sites and search engines – but it doesn’t work as well for sites where users generate their own content.

It was at this point in time that Internet companies truly sold your privacy; what have followed are just enhancements in exploitive methods

To effectively place targeted ads on sites hosting user generated content you need to know what the content is about and who is generating and reading it. The better you understand what the user is doing, who their friends are, what their attitudes are, what they buy, and so on, the more money you can earn from advertisers.

Google, who ironically claims ‘do no evil’ as their mantra, was an early pioneer of this concept. They addressed this issue in their gmail service by extrapolating from users’ emails what their interests were and therefore what ads to would be most relevant. Many found this invasion creepy, but enough people either didn’t care or more likely could not see the long-term ramifications and embraced the gmail service primarily because it dangled the bait of larger storage capacity than other ‘free’ services.

Each step since has been to increase companies capacity to translate your information into cash. Data-mining – the euphemism for extracting your personal information and packaging it for exploitation – became the game. Internet companies raced to realize the financial potential in the information they were storing about individual users as it could allow them to ‘target’ users much more precisely than other media forms were capable of doing.

Whether these companies ever stopped to consider the difference between can exploit and should exploit is unclear, what we do know is that companies decided to disregard consumers’ privacy and target individuals rather than content. (See Amy Tiemann’s blog Facebook execs could use some adult supervision)

What happened next was entirely predictable – a boom in the number of features positioned as enhancements ‘allowing’ consumers to customize their experience and share more information. Not coincidentally these features allowed companies to harvest ever more information useful to advertisers.

A classic example of services created to collect information are the ‘fun’ survey’s/quizzes that litter consumer sites – it isn’t hard to recognize the real purpose of these – every answer has commercial value to someone or some company.

• Blogthings - What Style of Womens Jeans Are You?
• Bratz Quiz - What Kind Of Fashion Pixie Are You
• Quizilla Quizzes - What Kind of Coffee are You?
• Myspace Quiz: What Kind Of Drug Are You?

Not every online company is racing to exploit your privacy. Amazon for example uses your information to provide you suggestions (ads) about similar content – people who bought X also buy…. But they do not expose your information to others except in an aggregated and anonymous way

Facebook may represent the extreme end of exploitation with the launch of ‘Beacon’, but there are plenty of companies jockeying for position as they chase the money.

Privacy experts are challenging this new form of consumer exploitation on several levels. It appears to violate an old law in New York, and it may also violate laws that allow people to sue if their name or photos are used without permission, and it is currently being investigated for using deceptive advertising practices.

What will consumers do about it?

When consumers are the commodity they have enormous power – as this recent Facebook debacle shows. Every company using this business model knows that if their consumers revolt and leave, the company dies. In this particular case, over 50,000 consumers signed a petition within days of Beacon’s launch demanding Facebook change the functionality and the company had to beat a hasty retreat.

Yet Facebook’s apologies were both disingenuous and patronizing. In response to the petition organized by MoveOn, Facebook issued the following apology: "We're sorry if we spoiled some of your holiday gift-giving plans." In a press release Facebook said "we appreciate feedback from all Facebook users and made some changes to Beacon in the past day. Users now have more control over stories that get published."

At stake is far more than ‘a holiday gift disappointment’ and the company know it. Their failure to acknowledge the affront to consumer privacy is an insult. And consumers gave Facebook more than ‘feedback’ from consumers, they got an ultimatum.

Demand your privacy be respected

Before consumers get edged further down the path of lost privacy, we need to draw a clear line in the sand. This is not something any one individual can affect on their own; it takes national (as well as international) discussion to create clearly defined standards for privacy protection online. Europeans have considerably stronger consumer privacy standards in place and we would do well to consider their models as we move forward. But the key is to demand that elected officials step up to do what consumers cannot do for themselves.

Let companies and elected officials know that you demand that your safety and values be protected and respected; if you don’t let companies know your expectations it will surely take longer to achieve them. (To fuel your demands, read my blog, Your Internet Safety Bill of Rights.)

It’s time to fight back to protect your privacy

Linda