Waddell: If you were Facebook, what might you take away from this research?
Mamonov: I think if there’s anything to take away, it’s about managing user expectations in relation to information that’s been shared. Facebook is known for crossing the line: They routinely use things that people post online for social ads, and in some cases that can cause problems, especially if it misinterprets what people post. So user education and erring on the side of caution would be my recommendations.
Waddell: You found that even if a user’s trust is broken but a company says, “Oh, but you signed away your right to that information,” or “We were within our rights to use it in the way we did,” it doesn’t seem to matter much. Do you get the sense that people feel like a company’s being sneaky if they slide that permission into a long terms-of-service contract or in fine print somewhere?
Mamonov: They have done several studies that have shown that effectively nobody reads terms-of-use contracts that come with online services. Even people who say that they’ve read the contract can virtually never answer basic questions about the content of those contracts.
So that’s the reality. And even though those actions might be defensible in a court of law, it doesn’t necessarily mean that they will sustain the user activity that’s critical for the company’s success.
Waddell: Does it matter if a data-gathering feature is opt-in rather than opt-out?
Mamonov: I have not done research in that area, but I would certainly expect that it does. There’s a basic perceived control variable which has been shown to be extremely important to how users perceive subsequent actions. If you give users a sense of control, then they’re must less likely to be reactive to your response.
Waddell: You’ve examined these psychological contracts in the context of social networking and mobile usage. Where else do you expect they exist online?
Mamonov: That was actually the original intention of my work: to develop a framework that would have applications across different contexts. Irrespective of where people share information, I would expect that user concerns about privacy and intellectual property rights are present.
Let me give you an example: If two people meet and one of them shares a business idea that he or she is working on, and the other party goes ahead and starts that business and steals the idea—ideas have no legal protections—if the people were friends, the person whose idea was stolen would likely feel violated.
That’s the expectation of the general framework. Wherever people share information, unless they’re explicitly sharing and waiving rights, they will always be expecting privacy and intellectual property rights.
Waddell: So that could be on Facebook or Twitter—how about email and text messaging? Any online communications platform?