Users of social networking websites tend to disclose much personal information online yet seem to retain some form of an expectation of privacy. Is this expectation of privacy always unreasonable? How do users of online social networks define their expectations of privacy online?
These questions were the impetus behind an empirical study, the findings of which are presented in this Article. The project, simultaneously conducted in Canada, at Ryerson University, and in the United States, at the University of Miami, consisted of a survey regarding personal information protection and expectations of privacy on online social networks (OSNs). Approximately 2,500 young adults between the ages of 18 and 24 were surveyed about the personal information they post online, the measures they take to protect such information, and their concerns, if any, regarding their personal information. Respondents also reacted to several hypothetical scenarios in which their privacy was breached on an OSN by measures both within and beyond their control.
The theoretical assumption underlying this research project is that two prevalent and competing notions of privacy online exist: one rooted in control and the other in dignity. Of the two, the idea of privacy as control over one's personal information has, to date, been predominant. Legislation, regulation, corporate policy, and technology are often analyzed and evaluated in terms of the measure of control offered to individuals over their personal information. Leading OSNs, such as Facebook and MySpace, propagate a notion of privacy as user control. However, online social networking poses a fundamental challenge to the theory of privacy as control. A high degree of control cannot preclude the possibility that online socializers would post unflattering, defamatory, or personal information about each other, and that this information would in turn be available to a large, if not unrestricted, online audience. Many online socializers post personal information seemingly without much concern over the loss of control, yet it seems that online socializers react with indignation when their personal information is accessed, used, or disclosed by individuals perceived to be outside their social network.
The findings presented here indicate indeed that online socializers have developed a new and arguably legitimate notion of privacy online, that if accepted by OSNs, will offer online socializers both control and protection of their dignity and reputation. We call this notion network privacy. According to network privacy, information is considered by online socializers to be private as long as it is not disclosed outside of the network to which they initially disclosed it, if it originates with them, or as long as it does not affect their established online personae, if it originates with others. OSNs, as businesses profiting from socializing online, are best positioned to offer online socializers, often the young and vulnerable, effective protection in accordance with their notion of network privacy above and beyond regular measures of personal information control, and they should be required to do so.
Avner Levin and Patricia S. Abril,
Two Notions of Privacy Online,
11 Vanderbilt Journal of Entertainment and Technology Law
Available at: https://scholarship.law.vanderbilt.edu/jetlaw/vol11/iss4/9