On Facebook, Your Privacy Is Your Friends' Privacy

No man is an island. Especially online.

[optional image description]
Examples of networks used in privacy attack algorithms. User u is the subject of the attack, f1::f6 are friends of u and f2::f5 have been photo tagged in u's photos. f2 and f3 have been tagged twice, f4 once and f5 four times. João Paulo Pesce, Gustavo Rauber, Diego Las Casas, Virgílio Almeida

We tend to think about privacy in personal terms: my data, my personal information, my relationship with Facebook/Twitter/Instagram/Pinterest. As our social networks grow and normalize, though, it's increasingly more accurate to think about privacy as a communal affair, something heavily contextual and owned, collectively, by networks. Which means that privacy is something that all of us, as individuals and as a group, are responsible for.

Take Facebook. Aside from the standard, personalized privacy concerns -- algorithms guessing your social security number, say, based on your profile information -- there are also the concerns that expand with network effects. Photos, in particular, can reveal not only a user's favorite places, vacation spots, and closest friends and family members, but also that same information for the other members of the user's network. For those who have an interest, commercial or otherwise, in figuring out users' identities and interests and overall persona on Facebook,  your data can reveal your friends' data -- and vice versa.

A new case study coming out of the University of Minas Gerais in Brazil suggests just how much tagged photos, in particular -- and our connections' tagged photos -- can actually reveal, and predict, about our identities. Sharing and cross-referencing images can bring "collateral damage," the report's authors note: "Users unintentionally put their friends or even their own privacy at risk when performing actions on social networking sites such as Facebook."

The researchers gathered a sample of 664 Facebook users, who, as part of their experiment, installed an algorithmic tracking application into their Facebook accounts. The researchers determined four specific user attributes to track using the app -- gender, current country, current city, and age -- and then tried to infer those attributes algorithmically, according to participants' social graphs.

What they found was that photo tags can work effectively as pieces of the identity puzzle, helping "malicious attackers" (and, in general, anyone who has an interest in figuring our user identity and preferences) to augment the picture painted by friends and photos alone. And that augmentation is particularly powerful when it comes to your closest friends and family members -- the people who tend to star in your Facebook photos -- because "homophily [the tendency of like to attract like] is higher among close friends than among distant ones."

Those are worrying findings, in particular because the tagging process as it currently works on Facebook cedes so much agency to users' networks, rather than to users themselves. You could tag a picture of me, on my behalf, without my knowing it; that tag would link the photo automatically to my Facebook profile. And it might be awhile, particularly if I don't check Facebook that often, before I realize that you've done the tagging. Which is fine if you've tagged a nice picture of me playing with an adorable kitten, but much less fine if you've tagged a picture of me out at a bar, and/or wearing a silly costume, and/or not playing with an adorable kitten. "In the current tagging mechanism," the authors put it, "the tagged user has no means to control the degree of exposure her pictures are getting, since the 'owner' is another user. Thus, although photo tags point exactly to the fact that the user is personally linked to the photo, this does not grant the user any right over it besides denying this link."

The upshot? "Photo-tags can threaten privacy burdens in an indirect way," the authors note, "by pinpointing the nodes in the social graphs on which privacy-attacking algorithms may extract information, thus enhancing their accuracy." The social networks themselves, the researchers suggest, could work to solve that problem -- by, say, creating a "hiding" feature that would allow users to disguise tags and prevent their unauthorized use without fully deleting them. Which would definitely be a nice thing to have. But the real solution, it seems, will be a social one, fit for the age of the social network. And it will start with users re-conceiving of themselves not simply as users sharing their own information, but as actors and influencers who are responsible for the network at large.