The Pimps and their Whores: Personal Privacy with Facebook, Google, Twitter and Co.

As all Web users are well aware of by now, whether for better or worse, third party embeddable social networking bookmark and sharing buttons, plugins and other components have completely and utterly infested and taken over almost all Web sites on the Internet. It seems everyone wants a piece of the pie that the now famous Facebook “Like” button has ushered into the mainstream and this shows no signs of abating. The only thing that seems to be coming to heed are the motivations of those behind these “free” embeddable services and the fact that these now ubiquitous providers seem to be narrowing and converging in scope, being monopolized by a few key corporations who are emerging as the winners and sole arbitrators of this particular round of Internet monopoly. All competing in a data harvesting gold rush for the new asset class to exploit for profit, that of course being we the people and our personal private data.

“Personal data is the new oil of the Internet and the new currency of the digital world.”
Meglena Kuneva,
European Consumer Commissioner,
March 2009

Sure, Facebook wasn’t the first to come up with this idea nor implement it, but they were probably the first to really overtly start leveraging it commercially online using their massive highly personalized social network to tie personal identity across sites on the Web and push widespread adoption and acceptance of this practice out to the masses. All it apparently took was to get the mainstream sites using it first, then all the sheep started following their favorite shepherds in the hopes of reaping the perceived benefits and soon thereafter the whole flock started to move in sync until the snowball effect became such that now a majority of Web users out there simply expect such functionality from a site without being aware of the massive privacy concerns it brings with it. The same thing goes for site owners and operators.

Website owners of course frequently only look at one side of the coin when it comes to these types of things, that of course being what perceived benefits it can bring to them. In the case of these types of centralized embeddable third party link sharing components such as the “Like” button, the main goal of site operators is of course to encourage and have visitors spread your site’s URL‘s (links) on their own volition in the simplest manner possible, currently with a simple click (or two) of the mouse.

Of course there’s nothing wrong with having people share your links as such and it all seems like pretty benign and sensible stuff, and many sites have great success in bringing in traffic this way. The problem lies in the fact that these embedded third party Web components whether they be Facebook, Google, Twitter or others are hosted off of external servers by companies who apply their own set of privacy and information gathering policies independent of the site being visited. Their motivation to having their embedded Web components adopted and implemented on as many sites out there as possible is not to help you bring traffic or grow your site but rather to track, harvest and profile all your visitors preferences, usage patters and personal data.

Incidentally, as is frequently the case in the Internet world, the major players in this gold rush on an international level currently all seem to be U.S. corporations with unavoidably close ties to the government and intelligence circles due to the sensitive domain they operate in. They also all pretty much seem to have the same commercial and political ideals and motivations on what to do with all the personal information harvested from both voluntary and involuntary visitors, whether they explicitly interact or not with a component. For it is important to note that personal data and Web profile patterns are not only being compiled and stored for visitors explicitly signed in to their services while browsing (although this certainly makes things easier for them) but rather for all visitors to a site containing their components.

All you need to do is take a look at their privacy and terms of usage policies and you’ll see the striking similarities. Some of them are almost complete copy paste’s of each others. Sometimes I wonder if the same lawyers wrote them all? There are of course some exceptions to the rule on the Internet with the major being Web users in China, where the government long ago took certain fascistic albeit understandable policy decisions in order to assure they remain the masters of their own highly regulated section of the Internet, not having to worry as much about foreign corporations or governments harvesting and trying to control or influence aspects of its citizens data patterns emanating from its territory. Of course currently they do this by simply black listing and banning access to services they deem engaging in this type of behavior if it doesn’t suit their government’s interests. In other words they really only want companies under their own jurisdiction and control engaging in such data mining of their citizens. I still find this to be a poor approach to combating this problem even if it is from a technical perspective one of the simplest and most logical.

However the Chinese are clearly not the only ones who are concerned over this increasing occurrence and trying to actively do something about it. The European Union and particularly Germany who currently have some of the most strict and comprehensive national privacy laws in the World have apparently started to act and draw international attention to the need to protect their sovereign citizens privacy from the snooping and profiling for profit of foreign corporations. Don’t get me wrong, I’m sure if it were European of German corporations who monopolized this information and data across the Web they would probably be singing a very different tune, but the fact that they don’t means they are trying to take precautions, or perhaps just make a political point.

As many may have read, recently Germany actually has started to outlaw the use of embedded Facebook “Like” buttons on web sites in some of its federal states imposing fines of up to € 50,000 EUR against site owners who do not comply due to privacy violations of German and European law. I believe Germany is the first European country to start taking such concrete actions but others are starting to investigate similar proceedings. Naturally Facebook is responding to this and trying to adjust their legal terminology and offer feature sets that allow them to go about their business without risking losing critical ground in such a vital market as Europe.

Of course banning Facebook “Like” buttons on its own is not going to achieve the result they’re looking for if they’re really seeking to protect their citizens privacy as there are many other far more invasive embeddable Web services in wide spread use across the Internet and who have been in this game a lot longer than Facebook. Naturally I’m thinking more along the likes of corporations such as Google, because at this point they pose a far greater privacy risk as they are harvesting and controling a far greater swath of personal data than Facebook and have been doing so far more meticulously and for many more years. For example take their all inclusive centralized Google accounts made possible by Gmail’s widespread adoption, tie that together with their ubiquitous search engine monopoly, their Google Ads monopoly, their Analytics monopoly, add their new Google Plus identity service and +1 buttons to the mix, the insane amount of YouTube videos embedded all over the Web and I could literally go on and on. I’m not even going to bother mentioning the Google Chrome browser either at this point. Anyways, this would surely make Facebook or Twitter’s plethora of “Like” or “ReTweet” buttons littering websites across the Internet look like chump change in terms of detailed personal information gathering and profiling abilities.

I think we’re all for more privacy, transparency and accountability in terms of what companies and governments do with our data, however while it may be apropos to single out Facebook in particular to get publicity due to their popularity, I’m not sure if the Germans or Europeans are really fully aware of just what a massive can of worms they are opening up here or if they even intend to fully do so. I certainly hope they do, as like most people I’m all for ripping the lid off of this can of worms and seeing what’s really inside as it’s well over due and will likely only get worse if clear up to date limits and sanctions are not drawn out and put in place to prevent abuse. However I don’t think taking such small posturing steps like simply banning Facebook Like buttons from sites in certain states is anywhere near effective nor the best place to start.

All these companies draconian privacy policies and terms of use agreements really need to be legally scrutinized by law makers without the influence of lobbyists and new privacy laws drafted and passed to force compliance and remove the complete lack of accountability that these corporations currently seek to give themselves through obscure legal terminology that most people wouldn’t understand even if they did read through them carefully. Unspecific terminology left so vague with the excuse that this is necessary because it’s their business and intellectual property’s privacy that is at stake should they be forced to explicitly tell people what’s going on behind the screen and in the databases. While that’s all fine and well, but what about we the people’s intellectual property and personal privacy? Does that not trump some corporations need to make money for its handful of investors and shareholders?

The whole “carte-blanche” approach these companies use to more or less state that because they’re offering “free” services this means that their users are not really legally considered “customers” and therefore waive most if not all of their normal rights that would apply to service providers in other contractual scenarios is completely unacceptable. This practice really needs to be outlawed and done away with for good. The truth is that currently we are not viewed by these companies as legal customers, this is because we’re viewed as the actual product.

People and governments need to realize this fact and enact new statutes and controls that clearly take this new business paradigm into full account to make sure it cannot be abused as is being done and limit the ability for it to continually be taken to even more and more invasive levels. For if as mere “free” users we are indeed relegated to being the product itself, to be offered up and sold to their customers as such, then shouldn’t we get a cut of the revenue also? Heck, even pimps know enough to give their whores a little cut to keep them producing right? The scary thing is that perhaps people’s vain narcissistic herd mentalities encouraged to never before seen levels by these social networking aka identity services which promise to satisfy the “cult of me” actually seem to motivate and propel us to offer ourselves up as the product voluntarily and for free. One thing’s for sure, it’s certainly an interesting albeit disturbing business model.

The question is though, are we really all willing to spread our legs and let someone pimp out all our personal information and intellectual property to paying customers and get nothing in return except for a few vain followers, like’s or +1′s? Maybe there should be a total and extensive privacy opt-in / opt-out option with legal requirements tied to technical ones that can actually be checked by an independent body? I’m sure even if there was, many people would still voluntarily opt-in and be ready to whore themselves out for pennies on the dollar or even for free. If the ever successful Google online Ads monopoly model is anything to go by, many of us are already having to pimp our information and content out for scraps of spare change due to a shortage of online advertising options while Google rakes in the big bucks off the back of our content and visitors personal information.

As it is though, the opt-in / opt-out offer from companies controlling such services does not really exist at least from a legally verifiable technical perspective and rather is simply expressed as such, “Hey, it’s a Free service, so if you don’t like it, don’t use it!”. Perhaps this used to be a valid argument, but now a days with much of these services having apparently reached a critical mass and continue to spread and grow, they have almost become unavoidable to interact with or use in one way shape or form in people’s day to day web usage. This is normal of course at not by accident because these companies have set out to achieve this, they’ve worked hard and lobbied hard when necessary in order to try and create and hold on to monopolies which most antitrust regulators all but seem to ignore. At this stage only really the truly tech savvy people with some solid programming and Web understanding can really even hope of blocking access to such services if they wanted to control their personal information and even then, it would be a tall task and by avoiding them the content they could access online would be so severely limited it would no longer be very motivating to do so.

Surely coming up with some comprehensive new up to date privacy laws that take into account these new online realities in a globalized international context and actually seek to protect the individual before the money grabbing business looking to exploit them would be a better solution. This of course should not stop at corporations or transnational companies, government must also be held accountable to the same stringent privacy laws and forced to actually respect them by the scrutiny of independent open bodies with corruptible politicians and lobbyists being kept out of the process with a vigilant and discerning eye.

Are we going to be pimps or whores? How about neither.

Tagged as: , , , , , , , , , , , , , , , , , , , , , ,

Leave a Response