I deleted my Facebook page because I have qualms with their handling of personal data. Of course, lots of things ask me for personal information, and I share a lot of information too, which begs the question why it’s okay in one scenario and not the other.
I suppose the first part is a distinction: I conceded a while back that applications would want my personal data. This made me uneasy at first but eventually I relented, and I do like a lot of the services and customer experiences I get as a result.
However, I also take seriously how that data is managed. If I give Facebook permission to do something, and if I give an app permission to use that data, that’s it; these are the only groups I want handling that information unless otherwise specified in the terms (which are cumbersome to read, even to a lawyer.) Facebook’s breach of trust was not the mystifying terms of service to which I agreed, but rather they simply did not have a handle on the information at all and with whom it was shared.
Think of it like giving your social security number to a bank: maybe you don’t like sharing that information but it’s part-and-parcel with a lot of bank services, so you do it, but then you find out they’ve been loaning it out to a bunch of people — and they don’t know which people and it was accidentally on purpose and they can’t trace the audit trail back. Bad.
The next part is the kind of information I am used to sharing. I run, and I use Strava. I use Strava because my friends are on Strava. It tracks my routes and my times. I don’t love some of its metrics but it’s fine. Garmin and Smashrun do the same, but it’s the Strava link I share. I did wonder: why am I so willing to share my physical location and typical running routes?
After thinking it over – on my runs, go figure – I realized it had a lot to do with the fact that I am weighing the risk of being out in public every day. Some of this we all do. Men, women, old, young — we know that leaving our house poses a set of risks and we index on them. Women in particularly, however, have a more acute awareness of what it means to be out in public, especially alone, particularly if you’re alone at night. So I find myself accounting for this kind of risk all the time and have been since I was old enough for my school to give me the “Here is how you hold your keys like Wolverine” talk.
Thus the risk might increase and maybe I should rethink that much. If I find it somewhat unsafe to be on my own in a situation, it might be more unsafe if I am taking the same regular route. This might then increase if I post something on Twitter that a person doesn’t like. It could create an opportunity to harass or harm, and I would make the argument that this is a heightened risk online for women over men, as the former tend to be harassed as women and not simply because of the things they say, but I digress.
The kind of risk though? It might seem counterintuitive but I’m more or less used to it. A vulnerability like that runs through the entire part of my life that begins around adolescence. My calculus might change but its existence doesn’t phase me. The landscape of how we deal with these issues is also way more established. There are all kinds of victim-blaming that can occur in physical crime or privacy violations, but we’ve also been dealing with it for centuries and have some sense of what’s actionable and fair versus what is not.
Contrast that with digital privacy. The information I’m handing over is new. The way in which it is used against me is likewise novel, sometimes simply unknown. Leglislators and courts are at a loss on how to counter abuses and correct course. There is minimal to no accountability for the Googles and Facebooks of the world save for market accountability (one reason why I deleted Facebook) even if I am only a drop in the bucket. I have a much greater sense and familiarity with what I’m putting on the line when I post my runs on Strava than when I allow an app to access my photos on Facebook; I know where I go if something bad happens to me, and; I have a basic sense of potential avenues for redress.
Finally, there is something particularly galling about Facebook’s apology tour – or series of apology tours – that makes it that much harder to trust the company. Strava has had its own privacy kerfuffles, but it has also never positioned itself as caring all that much beyond basic control mechanisms. It knows you can triangulate one’s position from its GPS. Whenever there’s a substantive grievance, they take some remediation step, which is arguably sub-par, but never presented as an angelic “oopsie.”
This doesn’t excuse Strava, in my view; I know they are also sharing information. Nevertheless, I do feel like I have a much more realistic expectation with respect to how their app is properly used and what level of work I need to engage in to keep myself and my information safe. The same cannot be said of Facebook, whose only reliable quality is that their privacy protections and customer care are a constant moving target.