Maritza Johnson, Tara Whalen & Steven M. Bellovin, The Failure of Online Social Network Privacy Settings II – Policy Implications

By privacylaw | Posted on

Maritza Johnson, Tara Whalen & Steven M. Bellovin, The Failure of Online Social Network Privacy Settings II – Policy Implications

Comment by: Aaron Burstein

PLSC 2011

Workshop draft abstract:

The failure of today’s privacy controls has a number of legal and policy implications.  One concerns the Fourth Amendment.  Arguably, people have a reasonable expectation of privacy in data they have marked “private” on Facebook; conversely, such an expectation is not reasonable if they have made it available to Facebook’s 500,000,000 users.  Our results, though, show that people often cannot carry out their intentions, and that they are unaware of this fact.  Given this, we suggest that a broader view of a reasonable expectation of privacy is necessary.

There are also implications for privacy regulations.  In jurisdictions that regulate collection of data (e.g., Canada and the EU), the existence of access controls could be viewed as a consent mechanism: a user who has marked an item as publicly accessible has voluntarily waived privacy rights.  We assert that such a waiver is not a knowing one, in that people cannot carry out their intentions.