Privacy in Social Network Sites

Privacy and Identity-relevant Information in Social Network Sites

Archive for August 2008

Privacy Enhancing or Privacy Invasive Technologies?

leave a comment »

On the second day of the conference ‘Privacy in Social Network Sites’, there is a round-table discussion with several scholars, privacy activists and people from the industry about Privacy Enhancing Technologies (PETs) in Social Network Sites.Tavani and Moor (2001) call this the ‘management of privacy’, unlike the ‘concept or privacy’ and the ‘justification of privacy’.  In an earlier blog post, I mentioned that the SNS industry seems to be catching up a little more with privacy, most notably in the announcement of SNS Genome to implement different privacy settings for various types of friends. This separation between social spheres could help user to disseminate information about the books they buy to their bookclub only, and not to their fellow employers.

However, there is a long history of Privacy Enhancing Tools that turned out to be Privacy Invading Tools. I argue that the group of Privacy Enhancing Tools is just a convenient name for all kinds of tools or instruments that supposedly give users better control over their privacy. But such a broad and vague definition does not make it easier to distinguish tools that really empower users from tools that are just proxies for data collection. Many privacy controls on Social Network Sites are presented as giving the user more control over their data, as if this is a great service by the SNS and really helps users get more control.  In reality, users gave all their identity-relevant information away to marketers, and are given a few controls to exercise some authority over the information they just gave up. They have given up most control, and in return, get a little bit back.

If we do not define what the activities exactly are that PETs specifically constrain, talking about Privacy Enhancing Tools does not help  us. To define those activities, the information streams in Social Network Sites need to be clear. If I opt-out of Facebook’s Beacon, my friends will not get information about my buying behavior on Facebook websites. But does Facebook still collect this information? Yes, they do, although they mention they discard it.

If information streams in Social Network Sites stay this unclear, the debate about users’ privacy and privacy controls is moot.


Tavani, H.T. & Moor, J.H., 2001. Privacy protection, control of information, and privacy-enhancing technologies. SIGCAS Comput. Soc., 31(1), 6-11.


Written by davidrip

August 19, 2008 at 9:01 pm

Posted in Uncategorized

David Riphagen quoted in Dutch newspaper NRC Handelsblad

leave a comment »

Today, I got quoted in the Dutch National Newspaper NRC Handelsblad. Read the Dutch article as you scroll down this post, but also, let me give you a short English summary:

A Dutch woman is convicted for libel because she called her ex-husband a pedophile on a profile on Dutch SNS Hyves. The profile was, and this makes the case interesting, set to private. The Dutch judge stated that even this private profile, only visible for friends, was public, because anyone who was a friend of the woman could see it. And anyone could become here friend, by adding her to their friends list.

In the article, I mention that in the USA, prosecutors and lawyers already use SNS in court cases. Earlier, I blogged about the case of Joshua Lipton, who was charged with driving under influence, see my earlier post. The journalist, Marie-José Klaver (check her blog in Dutch), also mentions the Electronic Privacy Information Center as my American host for my graduation research.

Then the CEO of Hyves says that the police can not copy information from Hyves, because that is in conflict with his Terms-of-Use. (This is a very awkward statement to make, as if Hyves’ Term-of-Use is not subject to laws that allow criminal investigations). He also mentions the new privacy controls they are publishing next week.

In response, I reply that although I do think that Hyves is working seriously on  these privacy controls, they still (like Facebook) allow third parties to access data of friends without their consent.

The article ends with Remco Pijpers, from the Dutch organization Stichting Kind Online (translated as: child online), saying that we in he Netherlands have smaller SNS such as and, which have 1,4 million members and even more lacking privacy policies.

Please follow the Privacy in Social Network Sites weblog on both the quote of the Hyves CEO that the police can not collect information from his website under the Hyves Terms of Use and a more in-depth analysis of the judgement that a private profile on a SNS is public in terms of libel and slander.


Many thanks to Marie-José Klaver for approving the full post of the article on this weblog.

Written by davidrip

August 7, 2008 at 10:01 am

Posted in Uncategorized

Taking a party pic and putting it online: taxonomy for privacy harms in SNS

leave a comment »

Currently, I am writing my research thesis on Privacy in Social Network Sites (SNS). I propose a framework for structuring the analysis of SNS and especially the privacy harms that could occur through the use of users’ information.

Two of the most influential papers in my respect are Daniel Solove’s ‘A Taxonomy of Privacy’ and Jeroen van den Hoven’s ‘Privacy and the Varieties of Moral Wrong-doing in an Information Age’ (need login).

Solove (2006) gives a good classification of the various activities that could harm the privacy of users in the information age. His classification is broader than the privacy torts identified in American law. He distinguishes between Information Collection, Information Processing, Information Dissemination and Invasions.

Also, read Solove’s new book ‘Understanding Privacy’, for his newer work on privacy.

Van den Hoven examines the concept of privacy from a different perspective. I find his work very fundamental. He deals with the specific reasons why we want to restrain access to the information that we disseminate to others. Van den Hoven identifies four reasons to restrain access to this information: information-based harm, informational inequality, informational injustice and moral autonomy and moral identification.

Please check Van den Hoven’s website for new work of his hand.

In my research paper I use the following example to describe how Solove’s taxonomy and Van den Hoven’s moral reasons combined give a very clear analysis of why people feel there privacy is invaded and exactly how they have been harmed. Following Van den Hoven, I’d rather speak of restricting the access to people’s identity-relevant information, a term coined by Van den Hoven and Manders-Huits, see my earlier post. Read the example, from my research paper, below.

The example of the embarrassing photo taken at the disgraceful party is striking.

First, the photo is taken at the party (Solove’s information collection), and not many people would judge this as immoral.
The picture is posted online (Solove’s information processing), and as long as this would happen on a website that allows restricted access in addition to the subject’s consent, this also is not very objectionable.

The problems start when the photo is disseminated (Solove’s information dissemination) to people without the subject’s consent. The picture might be disclosed to persons belonging to a social sphere within which the subject does not want the photo to be disclosed (Van den Hoven’s informational injustice).

Furthermore, by tagging the photo with the subject’s real name, the photo can become the basis for scrutiny by future employers (Van den Hoven’s information-based harm). Because the users cannot unbundle the services from the SNS, he cannot ex ante prevent the dissemination from happening (Van den Hoven’s informational inequality).

Finally, if the photo is disclosed to people that the subject does not know, he does not have the freedom to present his moral self to the people as he wants, as those people already have an image of him (Van den Hoven’s moral autonomy and moral identification).

This example clearly illustrates which activities (Solove’s taxonomy) are harming the user for which reasons (Van den Hoven’s moral reasons). I had the pleasure to conduct interviews with both gentlemen and this has really helped me in understanding the various harmful activities that are happening on SNS and understanding how we could prevent this from happening.


van den Hoven, M.J., 1997. Privacy and the varieties of moral wrong-doing in an information age. ACM SIGCAS Computers and Society, 27(3), 33-37.

Solove, D.J., 2006. A Taxonomy of Privacy. University of Pennsylvania Law Review, 154(3), 477-560.


Note that, although I say that many people would judge taking a picture at a party as immoral, the Fair Information Practices have a principle ‘purpose specification’, that states that the purpose for which the data is collected should be specified not later than at the time of collection. The use of the information should be limited to that purpose. In other words, the photographer should have notified that subject of his intent to place the picture on a SNS and the subject should have consented to that, according to FIP. But is this a real scenario?

Written by davidrip

August 2, 2008 at 3:58 pm

Posted in Uncategorized