For those who have been following the debate on online privacy, this letter should come as no surprise—countless advocacy groups have criticized companies like Facebook and Google for what they see as the erosion of user privacy online. However, contrary to what critics may say, the latest offerings from companies like Facebook and Google do not herald the end of privacy as we know it on the Internet. Instead, it reflects the natural evolution of online applications as they increasingly make use of user data to offer more personalized products and services and find ways to monetize an otherwise free service. Yet unfortunately privacy fundamentalists (e.g., those individuals and organizations who place the protection of privacy above all else, refusing to see it as one value competing against others) continue to generate headlines by raising objections to the efforts of these companies by arguing that they “violate user expectations” and “diminish user privacy.”
There are two different questions central to this debate: first, should Facebook be able to use private information to deliver products and services to its customers; and second, should any company be able to do this?
Yet even if you accept the premise that consumers had an expectation of privacy, the last few years of debate over online privacy should make it clear to even the most casual user that this is no longer true. Many Internet companies clearly intend to continue to find innovative ways to use personal data to deliver products and services to their customers. While Facebook CEO Mark Zuckerberg may or may not “believe in privacy”, it is clear that Facebook thinks that companies should respond to changing social norms on privacy and that the overall trend is towards more sharing and openness of personal data. So going forward, no Facebook user (or privacy fundamentalist) can continue to use the service without admitting that the benefits of using the website outweigh any reservation the user has about sharing his or her personal data. As the saying goes, “Fool me once, shame on you. Fool me twice, shame on me.”
Even Facebook responds to public opinion and consumer pressure. In December, Facebook modified its privacy settings so that certain information including friends list, gender, city, and profile photo, would be public information. In response to complaints from some users, Facebook modified its interface to give users more control over the privacy of different types of information. Neither was this the first time that Facebook revised its policies in response to consumer behavior. In 2006, Facebook altered its policy regarding its “news feed” feature that updates users about their friends’ activities.
This is not to say that online privacy is not a topic worthy of government oversight and legislative action. As ITIF has argued, existing protections for individuals from laws such as the Electronic Communications Privacy Act (ECPA) are woefully outdated and in need of reform. Citizens should have a right to privacy for their electronic data and safeguards should be the same regardless of whether data is stored at home on a PC or remotely in the cloud.