Social networks and the app ecosystems that surround them may find themselves at odds over user privacy.
Last week, Cult of Mac had a fascinating, stomach-churning story about an application called Girls Around Me that scraped public Foursquare and Facebook checkins onto a map that showed people in your vicinity. Its branding was crass -- "In the mood for love, or just after a one-night stand? Girls Around Me puts you in control!" -- but, as the developers of the app argued, they had technically done nothing wrong aside from being piggish and crude.
Oddly, they were right.
They took publicly available data and put it on a map. The sexysexy frame they put around it made it *seem* creepier, but in terms of the data they accessed and presented, everything was within the rules of the game. They had done nothing that couldn't be done by another app developer.
This is basically how app ecosystems working with data from Foursquare and Facebook and Twitter are supposed to work. Some people out there get an idea for something that the main services had never thought of and they build it out of whatever data is available.
Using the traditional privacy idea that once something's public, it is public for any purpose, you're lead down a very narrow path of reasoning about this app's appropriateness and what the services it was built on could do about it. If app developers can use any data that's out there and there is data that can be assembled into a creepy application, then there will be creepy applications. Foursquare, Apple, and Facebook are absolved from responsibility because of the technical impossibility of checking on each and every app's creepiness factor. As Amit Runchal put it on his blog:
The implicit blame in these conversations is confusing. What, exactly, is Foursquare et al. expected to do? Comb through each and every request to their API? As of last year there were 10,000 developers using the Foursquare API. There are 146,000 publishers in iOS and likely a similar number to be found on Facebook. Collectively there are well over a million apps between all three platforms, with far fewer employees available to review these apps. What are the solutions? Hire more employees? There will never be enough. Do more in-depth testing of apps? That will merely slow down the already frustrating-to-many approval process and likely threaten the ecosystem that we have come to depend upon. And still creepiness will get through. It's inevitable.
This is where we have to break down the concept of creepiness. And precisely where NYU philosopher Helen Nissenbaum's concept of privacy in context is so important. First, a quick recap of her idea from last week's story:
The standard explanation for privacy freakouts is that people get upset because they've "lost control" of data about themselves or there is simply too much data available. Nissenbaum argues that the real problem "is the inapproproriateness of the flow of information due to the mediation of technology." In her scheme, there are senders and receivers of messages, who communicate different types of information with very specific expectations of how it will be used. Privacy violations occur not when too much data accumulates or people can't direct it, but when one of the receivers or transmission principles change. The key academic term is "context-relative informational norms." Bust a norm and people get upset.
According to the traditional privacy framework, there is no reason for people to get upset about Girls Around Me, or less crass apps that do the same thing. They'd already given up their data to the public, so why was anyone upset? But using Nissenbaum's theory, the bad feelings that people have around the app make sense: People gave data to Foursquare or Facebook in one context and then it showed up in another context that they weren't expecting.