Category: Social Network Websites


More Misguided Responses to the Megan Meier Incident

Last week brought the unfortunate news that Lori Drew was indicted for a violation of the Computer Fraud and Abuse Act for her ill-conceived hoax on Megan Meier. According to an MSNBC article:

Andrew DeVore, a former federal prosecutor who co-founded a regional computer crime unit in New York, said Friday the interpretation raises constitutional issues related to speech and due process — in the latter case, because it doesn’t allow for adequate notice of when using an alias online is criminal.

Because corporations would end up setting criminal standards, a completely legal act at one site could be illegal at another, said DeVore, who has no direct involvement in the case.

Now, the Missouri legislature has just passed a law in response to the incident. According to the bill summary:

Currently, the crime of harassment includes communications meant to frighten or disturb another person. Under this act, communications conducted to knowingly frighten, intimidate, or cause emotional distress to another person are included. Harassment includes communications by any means.

Harassment includes knowingly using unwanted expressions that put the person in reasonable apprehension of offensive physical contact or harm or knowingly making unwanted communications with a person.

A person also commits harassment:

1) By knowingly communicating with another person who is, or who purports to be, seventeen years of age or younger and in so doing, and without good cause, recklessly frightens, intimidates, or causes emotional distress to such other person; or

2) By engaging, without good cause, in any other act with the purpose to frighten, intimidate, or cause emotional distress to another person, cause such person to be frightened, intimidated, or emotionally distressed, and such person’s response to the act is one of a person of average sensibilities considering the person’s age.

This law is incredibly dumb, and I hope that the governor is wise enough not to sign this uniformed and very poorly crafted piece of legislation. It is yet another misguided response to the Megan Meier incident. As I discussed in my book, The Future of Reputation: Gossip, Rumor, and Privacy on the Internet (Yale 2007), we must be careful not to adopt responses to problematic online communication that are too authoritarian and too chilling of free speech.

Under this law, a person could be guilty of a crime for recklessly frightening, intimidating or causing emotional distress to a person they know is 17 or younger. That’s incredibly broad — most likely overbroad under the First Amendment. It sweeps in a potentially broad range of protected expression under the First Amendment.

Read More

Revenge of the Bodysnarkers

Author Hannah Seligson coins a new term in her critique of celeb-mocking websites: bodysnarking, which she defines as

the snide, often witty, comments that have become a ubiquitous part of under-30 female conversation. In an age when the digital camera is a must-bring accessory for a night out (how else are you going to upload the pictures to Facebook?), when blogs give everyone with an opinion a venue for comment, and when tabloid culture has made it fine to dissect other women’s looks, bodysnarking appears to be a favorite female pastime.

The watershed moment for bodysnarking, Ms. Redd says, came a few years ago when Google introduced its advertising program AdSense. “The program allowed sites to track pages viewed and make ad revenue based on the number of visitors. [Blogger] Perez Hilton realized that nobody cared about his personal shopping trips; they cared when he [mocked mostly female celebrities.]” The masses had spoken: Bodysnarking was now a revenue generator.

As I’ve noted before, sometimes the technology that “gives the people what they want” serves only to reinforce destructive trends. In addition to Seligson’s analysis, I’d say that the rise of the bodysnarkers is an unexpected side effect of the prevalence of plastic surgery. Whereas “defects” in appearance were once largely assumed unavoidable, they can now be “cured.” So celebrity’s “fans” demand ever more appearance-wise. Given their wealth, whatever can be fixed, must be fixed.

Read More


Megan Meier Case Update — Drew Indicted

myspace1.jpgI’ve blogged about the Megan Meier case a while ago. This is the case where Megan Meier, a teenager, committed suicide after her online friend from Myspace suddenly started to reject her and say mean things to her. The “friend” on Myspace was actually Lori Drew, the mother of one of her classmates, and some other individuals. They created the fake profile and were pretending to be Meier’s fictional friend.

Now, Drew has been indicted by a federal grand jury for a violation of the Computer Fraud and Abuse Act (CFAA). Here’s the indictment.

Drew was charged with conspiracy as well as three counts of accessing protected computers without authorization. According to the indictment:

On or about the following dates, defendant DREW, using a computer in O’Fallon, Missouri, intentionally accessed and caused to be accessed a computer used in interstate commerce, namely, the MySpace servers located in Los Angeles County, California, within the Central District of California, without authorization and in excess of authorized access, and, by means of interstate commerce obtained and caused to be obtained information from that computer to further tortious acts, namely intentional infliction of emotional distress on [Megan Meier].

From the AP:

Each of the four counts carries a maximum possible penalty of five years in prison.

Drew will be arraigned in St. Louis and then moved to Los Angeles for trial.

The indictment says MySpace members agree to abide by terms of service that include, among other things, not promoting information they know to be false or misleading; soliciting personal information from anyone under age 18 and not using information gathered from the Web site to “harass, abuse or harm other people.”

Drew and others who were not named conspired to violate the service terms from about September 2006 to mid-October that year, according to the indictment. It alleges that they registered as a MySpace member under a phony name and used the account to obtain information on the girl.

Drew and her coconspirators “used the information obtained over the MySpace computer system to torment, harass, humiliate, and embarrass the juvenile MySpace member,” the indictment charged.

UPDATE: Over at the Volokh Conspiracy, Orin Kerr believes that the indictment should be dismissed. Kerr believes that it is a stretch to apply the CFAA to violations of a site’s terms of service.

If the computer owner says that you can only access the computer if you are left-handed, or if you agree to be nice, are you committing a crime if you use the computer and are nasty or you are right-handed? If you violate the Terms of Service, are you committing a crime?

Kerr also argues that the prosecution will have a ver yhard time demonstrating that Drew intended to violate MySpace’s terms of service. He writes: “But here there is no evidence that Drew even read the TOS. Most people don’t, of course; I would be surprised if 1 person in 100 actually tried reading it. If Drew wasn’t aware that she was violating the TOS, she couldn’t be exceeding her authorized access intentionally.”

I agree with Kerr on these first two reasons. While Drew’s conduct is immoral, it is a very big stretch to call it illegal.

Kerr offers a third reason why the indictment is faulty — it is unclear whether the goal of the conspiracy was to obtain information, as was charged in the indictment. Kerr writes: “[I]t doesn’t seem that Drew had the intent to obtain information from her victim. Her apparent goal was to harass her victim and to cause emotional distress, not to obtain information from her.” On this reason, however, I’m not so sure I agree. The news accounts I read about the case indicated that one of Drew’s primary motivations for creating the fake profile was to learn information from Megan Meier. She wanted to know information from Megan that pertained to her own daughter, who was a classmate of Megan’s. The harassing came later on.


Facebook in Real Life

Here’s a hilarious video imagining what a social network website encounter would be like in real life.

One of the difficulties with social network websites is that they present a very simplified picture of human relationships. A person’s social world cannot readily be divided up into friends and not-friends. Human relationships are much more complicated and diverse. The simplified matrix of relationships available on social network websites can result in some awkwardness, and it can also result in too much information disclosure. We might want to disclose a lot of information to certain close friends, but much less information to acquaintances or to friends in a more professional context. There is no easy solution for this problem, because a social network website with hundreds of categories for relationships might be rather complicated and oppressive to use. And people might not be pleased to know precisely where on one’s relationship matrix they stand. Jack might think he’s good friends with Jill, but Jill might classify him as merely a distant acquaintance whom she merely wants to associate with for the purpose of climbing hills.

Hat tip: Sivacracy

Facebook Frenzy: Faking Friendships?

Thoreau was famously skeptical of communications technology, wryly observing that when the telegraph connected Maine and Texas, citizens of each state could find they have little to say to one another. Shannon Vallor, Professor of Philosophy at Santa Clara University, struck a similarly cautious note at a fascinating discussion of the ethics of social networking at Stanford. Mining the rich tradition of virtue theory in moral philosophy, Vallor observed that social networking can both undermine and reinforce the persistent dispositions of character that promote human flourishing. Here are some similar observations of Vallor’s from another panel:

[W]hat impact is social networking technology having on the ways that people build and sustain close interpersonal relationship and, in particular, the communicative virtues that help such relationships to flourish? I will identify five communicative virtues that I believe warrant careful reflection in connection with social networking technology.

First is patience. Patience is, without a doubt, one of the most important virtues for sustaining close relationships. It develops through communicative activities such as listening. For example, listening to a friend tell a story or recount a lengthy anecdote without jumping in and finishing the story oneself or interrupting with hey, that reminds me of this thing that happened to me yesterday. Patience, once it becomes not just a momentary indulgence of the other, but an enduring part of one’s own character, that is, a virtue, allows one’s relationships with others to manifest deeper, mutual understanding, greater and more lasting commitments and a feeling on the part of others that you are willing to connect with them on their terms and not just yours; that your interest in them does not end with their ability to keep you constantly amused or fascinated.

Yet the style of communication favored by digital natives and fostered by social networking sites like Facebook and MySpace, privileges brevity and directness. And, thus, we must ask whether, and in what ways, such technologies can also encourage and reward patience as a virtue.

Read More

Computers, Freedom, and Privacy Conference

As a member of the Program Committee, I just wanted to post this announcement for CFP. This has been a great conference and I’m sure this year’s will be a terrific event. Note that the deadline for Panel, Tutorial, and Speaker proposals is March 21, 2008.


18th Annual CFP conference

May 20-23, 2008

Omni Hotel

New Haven, CT


This election year will be the first to address US technology policy in the information age as part of our national debate. Candidates have put forth positions about technology policy and have recognized that it has its own set of economic, political, and social concerns. In the areas of privacy, intellectual property, cybersecurity, telecommunications, and freedom of speech, an increasing number of issues once confined to experts now penetrate public conversation. Our decisions about technology policy are being made at a time when the architectures of our information and communication technologies are still being built. Debate about these issues needs to be better-informed in order for us to make policy choices in the public interest.

Open participation is invited for proposals on panels, tutorials, speaker suggestions, and birds of a feather sessions through the CFP: Technology Policy ’08 submission page. More details below.

Read More


Facebook Banishment and Due Process

facebook3.jpgRecently, I was talking with David Lat, author of the blog Above the Law, and he was complaining about being banished from Facebook. David was an active user of Facebook, and he suddenly and inexplicably found himself banned from the site. Facebook didn’t supply him with any reason.

I found the issue quite intriguing, and David said I could blog about it. In particular, what makes this issue of interest to me is how it applies more generally to Web 2.0 applications. With Web 2.0, people invest a lot of time creating profiles, uploading information, and so on. And they start to depend upon these applications in their lives.

lat-david-2.jpgDavid also said he has a lot of important information on his Facebook profile. He uses it as a way to communicate with people, and he uses it to help him gather information for use in his blogging. So being kicked off Facebook is a big deal to David. It can impact his job. It can also impact his friendships and professional relationships. For example, David told me he received emails from several friends who wondered where he had gone. They thought David might be ignoring them or might no longer be their “friend” on Facebook.

As more of our lives become dependent on Web 2.0 technologies, should we have some sort of rights or consumer protection? Is Facebook the digital equivalent to the company town?

David checked Facebook’s website, which has a FAQ about disabled accounts. Facebook states:

Your account was disabled because you violated Facebook’s Terms of Use, to which you agreed when you first registered for an account on the site. Accounts can either be disabled for repeat offenses or for one, particularly egregious violation.

Facebook does not allow users to register with fake names, to impersonate any person or entity, or to falsely state or otherwise misrepresent themselves or their affiliations.

Read More


The Future of Reputation — Now Online for Free!

future-of-reputation-free2.jpgI’m very happy to announce that my publisher is allowing me to post a copy of The Future of Reputation: Gossip, Rumor, and Privacy on the Internet free online. Of course, I’d love it if you bought a copy, but if I can’t convince you to buy it, then I hope you’ll at least read it for free online. There really is a free lunch after all! And if you read the book and don’t like it, well . . . you get what you pay for.

I think that it is great that Yale University Press is allowing me to do this. I hope more publishers decide to let their authors do this in the future — especially academic presses, whose mission is not just to make a profit but to help spread ideas.

The book is licensed under a Creative Commons license — it can be used for non-commercial uses.

To download the full-text of the book, click here.


Facebook Applications: Another Privacy Concern

facebook3.jpgRecently, I’ve been complaining about Facebook’s mishaps regarding privacy. Back in 2006, Facebook sparked the ire of over 700,000 members when it launched News Feeds. In 2007, Facebook launched Beacon and Social Ads, sparking new privacy outcries. An uprising of Facebook users prompted Facebook to change its policies regarding Beacon. For more about Facebook’s recent privacy issues, see my post here.

But that’s not all. Over at CNET, Chris Soghoian reports about some severe privacy concerns with Facebook applications. An application (or “app” for short) is a program that is created by a third party that adds interesting features to one’s profile. These apps have become quite popular with Facebook users. But they come with some very serious potential dangers. Soghoian writes:

[A] new study suggests there may be a bigger problem with the applications. Many are given access to far more personal data than they need to in order to run, including data on users who never even signed up for the application. Not only does Facebook enable this, but it does little to warn users that it is even happening, and of the risk that a rogue application developer can pose. . . .

In order to install an application, a Facebook user must first agree to “allow this application to…know who I am and access my information.” Users not willing to permit the application access to all kinds of data from their profile cannot install it onto their Facebook page.

What kind of information does Facebook give the application developer access to? Practically everything. . . .

The applications don’t actually run on Facebook’s servers, but on servers owned and operated by the application developers. Whenever a Facebook user’s profile is displayed, the application servers contact Facebook, request the user’s private data, process it, and send back whatever content will be displayed to the user. As part of its terms of service, Facebook makes the developers promise to throw away any data they received from Facebook after the application content has been sent back for display to the user.

So when you use a third party application, you basically must put your trust in that third party to follow Facebook’s rules in good faith. In other words, Facebook users use applications at their own risk.

But what if an application is created by some hacker in Russia? Or is designed by a creepy child molester to harvest people’s personal information? Should Facebook be doing more to protect users against the bad-apple application developers?

Soghoian notes that in many cases, applications are being given access to much more personal data than they actually need to function:

Read More


Responses to Blog Reviews of The Future of Reputation: Part III

Cover 4 120 x 176.jpgIn this post, I’ll be responding to a few more reviews of The Future of Reputation: Gossip, Rumor, and Privacy on the Internet. This is the third installment (for more responses to reviews, see Part I and Part II).

1. Ethan Ackerman at Technology & Marketing Law Blog

Ethan Ackerman, an attorney and former legislative and technology counsel in the US Senate, has reviewed the book as a guest blogger on Professor Eric Goldman’s Technology & Marketing Law Blog. He writes:

It is this aspect of Solove’s book – the deep AND wide thinking about an individual’s interaction with the modern Internet – that moves the book out of the one-point-rigorous-analysis of an academic article and the semi-random anecdotal topicality of a blog post and into the category of critical (in the must-read sense) literature. Where Solove’s previous work tackled the pressing but somewhat solvable problems that arose from individuals losing control of their personal information to government and commercial entities, this book tackles individuals’ loss of access and control of their information at the hands of other individuals – and, increasingly, by their own hand on blogs, social networking and image sharing sites of their own.

One of the things that enticed me to write about the issues in my book was the fact that they are so difficult to solve. In the end, there’s no good solution, just ways to cope. Ethan understands and sympathizes with my struggle, and he writes:

I’d have to agree with what I think Solove’s ultimate aim is here – informing people and getting them to think more about privacy themselves. To put words in Solove’s mouth, if everyone is more informed and thinks about these issues themselves, not only will any ultimate solutions probably be better, but they will also perhaps be moot, as more people will have chosen the non-problematic action in the first place.

The most effective solutions encourage norm change, and that occurs not just through the law but through making people more aware of the consequences of their online speech. Currently, I see both in the law and in the discourse an exaltation of speech over privacy, a strong sentiment that people should be able to say whatever they want with impunity. Shaping these norms to a more even balance between free speech and privacy is key if we are going to make any headway in addressing these problems.

2. Jon Garfunkel at Civilities

Software architect Jon Garfunkel has posted a review of the book at his blog Civilities. He writes:

The book was a delight to read, intensely footnoted and calmly presented. While there is no shortage of rhetoric extolling the virtues of new media, Solove takes that as obvious enough, and presents instead the dark side of cyberspace.

Jon agrees with my criticism of the CDA § 230, which provides immunity for ISPs and blogs for content posted by others, but he notes that I should do more to lay out the contours of an alternative rule:

Read More