A new case study coming out of the University of Minas Gerais in Brazil suggests just how much tagged photos, in particular -- and our connections' tagged photos -- can actually reveal, and predict, about our identities. Sharing and cross-referencing images can bring "collateral damage," the report's authors note: "Users unintentionally put their friends or even their own privacy at risk when performing actions on social networking sites such as Facebook."
The researchers gathered a sample of 664 Facebook users, who, as part of their experiment, installed an algorithmic tracking application into their Facebook accounts. The researchers determined four specific user attributes to track using the app -- gender, current country, current city, and age -- and then tried to infer those attributes algorithmically, according to participants' social graphs.
What they found was that photo tags can work effectively as pieces of the identity puzzle, helping "malicious attackers" (and, in general, anyone who has an interest in figuring our user identity and preferences) to augment the picture painted by friends and photos alone. And that augmentation is particularly powerful when it comes to your closest friends and family members -- the people who tend to star in your Facebook photos -- because "homophily [the tendency of like to attract like] is higher among close friends than among distant ones."
Those are worrying findings, in particular because the tagging process as it currently works on Facebook cedes so much agency to users' networks, rather than to users themselves. You could tag a picture of me, on my behalf, without my knowing it; that tag would link the photo automatically to my Facebook profile. And it might be awhile, particularly if I don't check Facebook that often, before I realize that you've done the tagging. Which is fine if you've tagged a nice picture of me playing with an adorable kitten, but much less fine if you've tagged a picture of me out at a bar, and/or wearing a silly costume, and/or not playing with an adorable kitten. "In the current tagging mechanism," the authors put it, "the tagged user has no means to control the degree of exposure her pictures are getting, since the 'owner' is another user. Thus, although photo tags point exactly to the fact that the user is personally linked to the photo, this does not grant the user any right over it besides denying this link."
The upshot? "Photo-tags can threaten privacy burdens in an indirect way," the authors note, "by pinpointing the nodes in the social graphs on which privacy-attacking algorithms may extract information, thus enhancing their accuracy." The social networks themselves, the researchers suggest, could work to solve that problem -- by, say, creating a "hiding" feature that would allow users to disguise tags and prevent their unauthorized use without fully deleting them. Which would definitely be a nice thing to have. But the real solution, it seems, will be a social one, fit for the age of the social network. And it will start with users re-conceiving of themselves not simply as users sharing their own information, but as actors and influencers who are responsible for the network at large.