WeKnowWhatYoureDoing.com: When Trashing Your Boss on Facebook Suddenly Becomes Very Public

A demonstration of just how easily accessible your personal updates are


Let me give you this hypothetical about privacy. You and a friend walk into a public subway station having a conversation about how much you hate your boss. Someone happens to be recording every word spoken listening for the search string "hate my boss" while running facial recognition software to figure out who you are. This information is then being posted in another public location for anyone and everyone to see. Would that be OK?

My intuition is that almost everyone reading this post would say no. And yet, that is precisely what the website, WeKnowWhatYoureDoing.com is doing with public Facebook updates. The site scrapes public Facebook updates and searches for people saying "hate my boss," discussing doing drugs, giving out their phone numbers, or complaining about being hungover. It then handily formats them for broader consumption.

Like the all-knowing technology in the hypothetical I gave, Facebook makes this amplification easier: You don't need the facial recognition component and you don't need the software to parse the audio. But the type of privacy violation is the same. And all the difficult parts in the physical world scenario are getting easier by the day.

What's important is that people can have discussions in public places that are not intended for a global audience. We recognize that in the offline sphere, but the same norms have not developed online. To many people, if someone says something in an online forum, it is public for all intents and purposes. In fact, the whole "ecosystem" way of thinking about many web tools builds this idea into the structure of many sharing tools. APIs, which allow outside developers to access portions of the data you create on social networks, are designed to unlock the value of what you're putting on Facebook or Foursquare or Twitter in ways that no one can anticipate.

So, on a practical level, WeKnowWhatYoureDoing.com is probably doing a service in raising the awareness that public updates are, in today's world, open for any and all uses.

But on a theoretical level, the tech community needs to establish norms that incorporate Helen Nissenbaum's thinking about "contextual integrity" into its standard thinking about APIs and the use of private information shared within public forums. To recap her theory:

Privacy violations occur not when too much data accumulates or people can't direct it, but when one of the receivers or transmission principles change. The key academic term is "context-relative informational norms." Bust a norm and people get upset.

Obviously, WeKnowWhatYoureDoing is intentionally busting this norm to make people upset. Its creator Callum Haywood, is aware that what he's done will make people cringe. But his answer to the new privacy problems introduced by the Internet is to put the responsibility onto the people who are posting status updates, NOT the people profiting from all that information sharing.

In an FAQ on the site Haywood responds to the question,"These people probably wouldn't want this info publishing, would they?" like this: "Probably not ... but it was their choice, or lack of, with regards to their account privacy settings."

Imagine someone making a similar remark about a physical public space. "Sure, you only intended to tell your friend about hating your boss, but I just happened to be searching through millions of conversations looking for these kinds of remarks and therefore, it's your fault for not anticipating that this would become very public information. Guess you should be more careful next time!"

And online, the situation is even more silly. Facebook, Twitter, Foursquare, and every other social network benefits from people sharing parts of themselves. App developers feed on the this firehose of data through APIs and no part of geek culture sees anything wrong with changing the context of information shared "publicly." There is a stunning lack of nuance or common sense to this understanding of "public" that just so happens to benefit social media companies who live off people's information.

Out of self-preservation, the social networks need to figure this one out. They need to set standards for their ecosystems of developers that don't just ask, "What is technologically possible?" but "Is this use consistent with people's expectations of the way data was going to be shared?" Otherwise, we're just going to see endless repetitions of the Girls Around Me story in which benign data becomes recontextualized by jerky young men into something gross or annoying. Ultimately, that kind of problem makes people less likely to share online and that's not good for any of the social networks.