The latest privacy furore surrounding Facebook involves its new facial recognition feature. According to Facebook’s own blog entry on the feature, when you upload photos of people who are already tagged in other photos, Facebook will suggest their names, making it quicker for you to tag your photos.
Now I’m just as keen on privacy as the next person, but some of the anti-Facebook responses appear to me to be slightly overblown, especially those that think that this facial recognition gives governments greater access to information about its citizens. First of all, if governments can access our Facebook photos, they don’t need Facebook’s facial recognition technology to identify us. I’m sure they have their own. So the problem would lie with the photos being online, not with their being tagged. Secondly, just because someone has tagged a photo as being a photo of me doesn’t make it a photo of me. It may well be a photo of me, but the person tagging may have made a mistake, or may have tagged someone else as me in order to get my attention. Thirdly, to the best of my knowledge, I cannot prevent myself being tagged by someone else (but I can prevent other people from checking me in with them to places). I can remove the tag if I wish, but it may be too late. And disabling the facial recognition feature doesn’t mean I can’t be tagged anyway, which suggests that the problem, if there is one, is with tagging itself, and not with the new feature.
Most interestingly for me, though, as a sociologist of technology, is the fact that Facebook is offering a technological means for doing something that we can (and do) do anyway: Facebook says that 100m tags are added to photos every day. Actor-network theory analyzes how networks of humans and non-humans are configured so as to successfully perform so-called “programs of action”. It looks at those tasks that are undertaken by humans and those undertaken by non-humans, without privileging one type of “actant” over another. Often, non-humans (computers, say) can carry out out tasks much quicker than humans: a computer will find me someone’s phone number in the phone book much quicker than I can. Sometimes we are happy for non-humans to be involved in programs of action (such as finding someone’s number in the phone book) and sometimes we are less happy (for instance, cameras that photograph us speeding on the motorway).
I think the way to think about this new feature on Facebook is in terms of actor-network theory, and your view on the feature will be determined by whether you think that having a computer do something you could do yourself (and have been doing yourself) makes the action qualitatively different. Is having a machine help you identify your friends’ faces qualitatively different from you identifying them yourself? Does the fact that the machine can do it far quicker make the very task itself different? If it is OK to tag your friends, does having a computer help you tag them faster make it wrong? If so, how come?
And finally a quick “I’m not naive” disclosure. Of course, the reason Facebook wants to “help” us tag our friends is because Facebook makes money from the information it collects. A tag on a photo is information. I’m not so naive to think that Facebook is taking pity on those who have to spend hours tagging their friends in all their photos. There is real economic value in those tags, and so we should always be suspicious of everything Facebook does. Also, I have no doubt that there are serious privacy threats latent in facial recognition software. The state already knows what I look like (there are photos in my passport and on my driving license). If it wants to, it can film me at a political gathering, run facial recognition software, and thereby know I was at that gathering. That, to me, is much more worrying than Facebook’s offering.
…but sometimes we do. So a new startup, Memolane, wants to help us remember. You sign up and then add the services you want to add to your digital memory lane. Memolane then collects pretty much everything you’ve done using those services (Picassa, FourSquare, Twitter, and so on) and puts them in a time line. The right to be forgotten? Forget that. This is the most amazing instantiation of the internet’s memory that I’ve seen.
And I write this having just created my own memolane. It goes back to 2006, when I first posted a photo online using Picassa. I have to say that I’m sitting here looking at my screen with my jaw on the floor. It is completely remarkable.
The privacy issues here barely need stating: hack this, and you’ve hacked all of my Web 2.0 activities for the last five years. Having said that, the Memolane folk are very clear about privacy being extremely important to them.
I need to go and stare at my timeline for a bit longer and say wow a few more times. Perhaps then I’ll come back with something more intelligent to say. Until then, eat your heart out, Viktor Mayer-Schoenberger.
(Thanks to the New York Times for bringing my attention to this.)
In an interesting post on ReadWriteWeb.com (Location-Based Social Networks: Delightful, Dangerous or Somewhere in Between?), some questions are posed about location-based social networks. To me it seems perfectly obvious that if I’m out meeting someone somewhere in town, or at the beach, I should be able to ping him with a location request, at which point he should be able to ping me back. At that point, my phone should just lead me to my friend, even if he is moving. (I know that echoecho for the iPhone does something like that, but last time I checked the maps for Israel were just blank…)
There are clearly privacy issues here, but they should be dealt with by the right kind of opt-in agreements.
However, what about the issues that arise because people don’t know what they are doing? Towards the end of the blog I linked to above, the questions is asked whether the average computer/mobile phone user is
capable of using mobile social networks properly in ways that won’t put them at risk? Or will they add friends willy-nilly, broadcast their every move then be stunned when something bad happens?
So my question is: whose responsibility is this? What are we meant to do with technologies that can seriously impact on our privacy, but mostly because we don’t use them properly? Or because we didn’t read the instructions? Should people be protected from their ignorance? Or should we call it laziness? I haven’t made up my mind on this yet.