Privacy is Dead – Not just yet

(This article was originally published in the Technology Supplement of the Sunday Times of Malta in February 2010)

Mark Zuckerberg, the 25 year old billionaire founder and CEO of Facebook, recently publicly stated that the rise of social networking online means that people no longer have an expectation of privacy and that privacy was no longer a "social norm".

Whilst I may agree with Zuckerberg that the rise of social media reflects changing attitudes among people, I fail to see how social networks should mean that privacy is passé. Our right to informational self-determination is under serious threat. My Orwellian alarm is on.

Zuckerberg's statements follow Facebook's recent developments in the privacy sphere. Last December saw the launch of a new set of privacy controls for Facebook through its 'Transition Tool'. Whilst it was claimed that these tools were going to resolve the various confusing policies which the social networking site had relating to user privacy, many, including yours truly, started to question whether Facebook was clearly moving away from its privacy oriented roots.

By means of the new privacy settings, Facebook is pushing a default where users' updates can be seen by everyone connected to the web rather than sticking to the previous default whereby information posted by one of the over 350 million users is restricted unless the users themselves grant access to their contact lists or subscribed networks. Even though the 'Everyone Update' has been around since summer last year but not many people noticed it. Basically, the default has been simply flipped upside down.

Commenting on this new privacy default, the Electronic Frontier Foundation stated that these changes are clearly intended to push Facebook users to publicly share even more information than before.

Has this new standard translated in more user control? Possibly. Has this new standard eroded on our generally accepted notions of data privacy and our right to informational self-determination? Definitely.

Never did Zuckerberg's wild imagination foresee that his recent statements as well as Facebook's redesigned privacy default settings would have triggered such a response from the corridors of power in Brussels let alone the recent amendments to the code of ethics of the local judiciary which are now barred from having a profile on social networking sites.

Late last month the European Commission announced plans for a comprehensive reform of the data protection directives and regulations arguing that the existing rules dating back to the mid-nineties are "extraordinarily out of date" and that such rules must be updated to keep abreast of technological change in order to ensure that our right to privacy is protected. In her speech on Data Protection Day on the 28th January, EU Justice Commissioner Viviane Redding stated that whilst innovation is important in today's world, it should not go at the expense of people's fundamental right to privacy and that people should have the right to say no. Redding argues that we should adopt a culture of 'Privacy by Design' whereby data protection considerations are an essential element in the beginning of the development lifecycle of technological innovations.

The 1995 Data Protection Directive, transposed in our laws by means of the Data Protection Act (Chapter 440 of the Laws of Malta), will be the first of the legal statutes to be revised. Written in an era were social networks were still unconceivable, the revised version will now need to address not only phenomenona such as Facebook or Twitter but also Radio Frequency Identification technology (RFID), behavioural advertising and the use of body scanners in airports.

We have heard many stories of employers checking out their prospective employees using the information posted on social networks. Surely, the new way Status Updates will work will make life easier for someone to check you out or have access to photos which can then be used to throw light on the private life of members of our judiciary as recent events clearly testify. And this is only the beginning. Facebook has now started sharing content including Status Updates with search engines. Bing is already getting access to these updates and Google will follow soon. This essentially means that even though you clean up your Facebook profile in order to stand a better chance in getting that dream job you applied for, you cannot be sure that the same content you deleted has been cached by search engines. The irony is that Facebook will not take responsibility for that as its Privacy Policy clearly states.

We have to admit that most of us do not even bother to check our privacy settings applicable to social networks. We are growing up accepting any terms and conditions as fast as the notification window pops up on our VDUs in order to get into the applications we enjoy without pondering on whether such applications are slowly but constantly eroding our fundamental human rights.

The internet is a very competitive jungle. Companies need to adapt and change in order to be able to retain their loyal following. Constant change is key but this should not automatically mean that our right to privacy can be modified just to keep venture capitalists and dot com companies pleased.

The recent announcements made by Vivianne Redding regarding the revision to be carried out to our data protection laws is just one of the multitude of examples that sheds light on the fact that law always has a very arduous struggle to catch up with technology and innovation. Our right to informational self-determination will not be immune to this and reading 1984 again might not be such a bad idea after all.