Digital safety & implicit privacy: When it’s private because it’s separate
I’ve been thinking a lot about digital safety. We have shared understanding about road safety, personal safety and even safety in the workplace, but we don’t yet have commonly understood ways of talking about digital safety.
It’s a topic close to my heart. Not least because I have been cyber-stalked in the past, but also because as a designer and empath, I can see how your average, low-digital literacy person just hasn’t got a clue about how to keep themselves safe online, and is therefore more likely to be a. freaked out a lot, and b. a victim of some sort of criminal activity.
For a while now Danah Boyd’s voice more than any other has resonated for me on how I view privacy and my explicit choices about what I do and don’t want to share online. In 2008, she wrote a post discussing Google’s Social Graph API. At the end of her post, there is one paragraph that really sticks out to me:
“Just because people can profile, stereotype, and label people doesn’t mean that they should. Just because people can surveil those around them doesn’t mean that they should. Just because parents can stalk their children doesn’t mean that they should. So why on earth do we believe that just because technology can expose people means that it should?”
The concept of profiling is something that society generally considers a negative concept. We know that we are creating judgements based on presumed (and possibly false) truths and stereotypes about other people. Digital profiling on the other hand is somehow seen to be a positive thing (by technology companies that is). Because digitally, we move from presumed truths, to actual truths; things people have said and done, or more explicitly, things that are available within the public domain.
It is very clear to me that information being publicly available, doesn’t mean it’s appropriate or safe to bring it into every context.
Unless we as individuals are able to manage our personal information and data in the same way we are able to manage our personal safety in offline contexts, we don’t have appropriate control over our privacy or digital safety.
In order to give you some real examples, I have to rant about one of my favourite digital service providers; I’m in a long term love hate relationship with Google. You may tell me to leave them and never come back, but to me that would be like never having a juicy, fat-rich burger, even though it’s killing my arteries. I’m lovingly addicted and traumatised at the same time.
Example 1: I don’t like the idea that Google increasingly wants me to have a public profile to access its services.
I rationalise that every social network has a small amount of publicly available info, no matter how private you choose to be, but I resent the pressure Google ruthlessly enforces.
Now, discussions about value and purpose to one side, the reality of my *forced* public existence on Google+ is that I struggle to use it in any real or honest way. I don’t feel like I control who can see my content. Worse than that, I know Google wants to make me more public than I would choose to be about my life in any other context so I am not getting any value from the service.
You could argue the same could be said of Facebook, but actually, I don’t have an ecosystem of services from Facebook so the risk of wrong person wrong context is lowered. Also, after my scary cyber-stalking episode, I simply deleted my Facebook account and set up a new one where my real name will never ever exist. Simples. Not so simple to do with Google. Particularly in the digital design world where the blend between work tools and the Google docs and drives of this world means that we are faced with potential exposure.
Example 2: The ‘People’ widget in gmail kindly shares alternative email addresses for people other than the one they have emailed you from.
Did that relative stranger ever want me to know that they had an email address of the form “firstname.lastname@example.org”? I sincerely doubt it. Do I want a colleague or client to see what I have two other gmail addresses, three yahoo ones and a personal life that has nothing to do with them? Absolutely not.
To me, having separate online identities, multiple email addresses, different profile names and even multiple accounts within the same application means something; it means I want to keep things separate. It means I choose to create boxes and put things in the right boxes.
This idea of digitally aggregating an individual and exposing everything at every juncture, directly compromises their right to manage their digital profile and more importantly, their digital safety. It’s one thing for a very determined journalist or even curious friends, acquaintances or strangers to sit down and choose to trawl the internet to get information about you (and we already know that is a problem), it’s quite another to hand that same detail on a plate to anyone you come into contact with digitally.
It scares me as a highly literate digital practitioner and I believe it scares your average non-digital person even more.