Category: Web 2.0


Rulemaking 2.0

Government officials are increasingly adopting Web 2.0 technologies to connect with citizens. Governors and mayors are blogging and posting videos on You Tube. See here. The State Department has an internal wiki called Diplopedia, which it presented at the Wikipedia conference in Alexandria, Egypt. Perhaps agencies will similarly embrace Web 2.0 platforms to transform their e-Rulemaking efforts, which to date have simply reproduced offline NPRMs and comments online. Rumor has it that the ABA has a committee working on potential e-Rulemaking projects. If the ABA produces a report, it might interest the new administration, but only if online tools would cheaply and effectively bring together stakeholders and the public to discuss proposed agency action.


Facebook, Myspace, and College Admissions

social-network1.jpgLast year, I noted that employers and others were increasingly looking at applicants’ social network website profile pages in their hiring decisions. Apparently, now college admissions officers are also using social network sites like Facebook and MySpace to make decisions on applicants. According to the Wall St. Journal:

A new survey of 500 top colleges found that 10% of admissions officers acknowledged looking at social-networking sites to evaluate applicants. Of those colleges making use of the online information, 38% said that what they saw “negatively affected” their views of the applicant. Only a quarter of the schools checking the sites said their views were improved, according to the survey by education company Kaplan, a unit of Washington Post Co.

Some admissions officers said they had rejected students because of material on the sites. Jeff Olson, who heads research for Kaplan’s test-preparation division, says one university did so after the student gushed about the school while visiting the campus, then trashed it online. Kaplan promised anonymity to the colleges, of which 320 responded. The company surveyed schools with the most selective admissions.

The article notes that most colleges don’t have policies with regard to when and how college admissions officers can use social network website profiles in making admissions decisions. The article illustrates that we need to make much greater progress in educating what I call “Generation Google” — the generation currently in high school and college who are chronicling their own lives and those of their classmates online — about the risks, consequences, and ethics of what they post on the Internet.

Moreover, many companies and college and graduate school admissions officers lack a policy or guidelines about the appropriate and inappropriate use of what they find online about a candidate. Policies are sorely needed, as there are many issues that need to be thought about:

* Should such information be used? When?

* How heavily should it be relied upon?

* What kinds of things should negatively impact an applicant? Information about sex life? Drug use? Drinking? Bad behavior?

* What steps should be taken to make sure that the information was accurate?

* Should a distinction be made between information that people post about themselves and information that others have posted about them, perhaps invading their privacy without their consent?

* What steps should be taken to make sure that the information used in fact relates to the applicant and not to somebody else with the same name?

* Should people be notified that information online was used against them and be given an opportunity to be heard to explain it?


I have to write this, or else Nate will get to define me

A fascinating article in the NYT discusses some of the social aspects of online communities (particularly Facebook). One quote captures the unique sort of self-imposed captivity that online communities can create:

Yet Ahan knows that she cannot simply walk away from her online life, because the people she knows online won’t stop talking about her, or posting unflattering photos. She needs to stay on Facebook just to monitor what’s being said about her. This is a common complaint I heard, particularly from people in their 20s who were in college when Facebook appeared and have never lived as adults without online awareness. For them, participation isn’t optional. If you don’t dive in, other people will define who you are. So you constantly stream your pictures, your thoughts, your relationship status and what you’re doing — right now! — if only to ensure the virtual version of you is accurate, or at least the one you want to present to the world.

It’s a great description of one of the addictive aspects of online discussion.

The article also gives a good explanation of who exactly your Facebook friends are — and why they (might) matter:

Read More


Politics in the Age of MySpace and Facebook

myspace.jpgRecently, I was interviewed for an article in the Globe and Mail about the young teenage father-to-be involved in the media circus surrounding vice presidential candidate Sarah Palin’s pregnant teenage daughter. I believe that the media should restrain itself from prying further into Palin’s daughter’s private life, as well as that of the father-to-be. He was referred to only as “Levi” by the media until recently, when a few media entities and bloggers started identifying him by his full name. I don’t believe he should be identified by his last name unless he consents to it. His identity is of little relevance to the issues in the campaign.

Apparently, he had a MySpace page. According to the Globe and Mail:

According to his MySpace page, he loved camping, fishing and riding dirt bikes. He wasn’t much for babies (“I don’t want kids”) or political optics: “Ya fuck with me I’ll kick ass,” the page says. . . .

The Alaskan teen’s MySpace page was taken down yesterday, but the damage had been done.

“I’m a little bit surprised the campaign didn’t ask him to take these pages down,” said Daniel Solove, author of The Future of Reputation: Gossip, Rumor, and Privacy on the Internet. “It’s become a very distracting sideshow.”

Information about his identity and MySpace page are all over the Internet and media now. More and more, we’ll be seeing the media and bloggers mining the social network profiles of the kids of politicians. I think that this is unfortunate, but it is hard to stop people from gawking at a public website, especially when a politician’s child falls into the vortex of a media storm. The fact that Levi’s MySpace page remained publicly available for so long indicates that there is far too little thought and attention to social network websites and the Internet by parents and others outside of what I call “Generation Google” — the teenagers today who are posting more and more personal information online, which will be available to anybody doing a Google search.

If Sarah Palin and the McCain campaign knew about the pregnancy, they certainly must have expected that with today’s media, it would sooner or later find its way into the news. With that risk in mind, why not try to make sure that public MySpace or Facebook pages of those involved are removed before the media frenzy begins? This strikes me as a fairly substantial oversight. The teenagers involved in this incident are far from ready to confront the media frenzy they are now subjected to. Somebody should have told Levi to remove his profile (or make it accessible only to his friends) long before the story broke. Perhaps the McCain campaign. Perhaps Sarah Palin. Perhaps his parents. This illustrates part of the problem facing members of Generation Google — their parents, teachers, and others who advise them are not well-versed enough in what’s going on.


Do We Need an Internet Ed. Class?

Classroom2.JPGWhile I was attending the excellent privacy conference Dan Solove and Chris Hoofnagle organized in D.C. a few days ago, it occurred to me that just as one takes driver’s ed. before being able to drive a car, it might make sense to have a required Internet Education class in middle school. Driving is a key way people engage in the economy, and the Internet, especially email and social networking use, is becoming as essential if not more so. Given all the benefits and problems of the Internet from meeting new people and peer production to unfortunate gossiping and dog poop events, it dawned on me that Internet Ed. might fill a gap that appeared as I listened to various people at the conference.

Read More


Facebook in Real Life

Here’s a hilarious video imagining what a social network website encounter would be like in real life.

One of the difficulties with social network websites is that they present a very simplified picture of human relationships. A person’s social world cannot readily be divided up into friends and not-friends. Human relationships are much more complicated and diverse. The simplified matrix of relationships available on social network websites can result in some awkwardness, and it can also result in too much information disclosure. We might want to disclose a lot of information to certain close friends, but much less information to acquaintances or to friends in a more professional context. There is no easy solution for this problem, because a social network website with hundreds of categories for relationships might be rather complicated and oppressive to use. And people might not be pleased to know precisely where on one’s relationship matrix they stand. Jack might think he’s good friends with Jill, but Jill might classify him as merely a distant acquaintance whom she merely wants to associate with for the purpose of climbing hills.

Hat tip: Sivacracy


Does the Case Affect CDA § 230 Immunity for JuicyCampus?

Roommates2.jpgThe U.S. Court of Appeals for the Ninth Circuit (en banc) has just issued a very interesting opinion interpreting a federal law providing immunity from liability for online speech — the Communications Decency Act (CDA), 47 U.S.C. § 230. The case is Fair Housing Council v., LLC, 2008 WL 879293 (9th Cir. April 3, 2008) (en banc).

The CDA § 230 states: “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” Most courts have interpreted § 230 to immunize the operators of websites or blogs against distributor liability for comments posted by others.

I have been critical about the way that this statute has been interpreted:

Unfortunately, courts are interpreting Section 230 so broadly as to provide too much immunity, eliminating the incentive to foster a balance between speech and privacy. The way courts are using Section 230 exalts free speech to the detriment of privacy and reputation. As a result, a host of websites have arisen that encourage others to post gossip and rumors as well as to engage in online shaming. These websites thrive under Section 230’s broad immunity.

juicycampus3.jpgWebsites such as JuicyCampus, which encourage and facilitate gossip and rumors about college students, exploit § 230 immunity.

The case suggests a limit to § 230 immunity that some might believe creates a way to hold sites like responsible for the gossip and rumors they solicit. In the end, I don’t believe that will save the day and penetrate § 230’s armor for sites like JuicyCampus. allows users to post listings for roommates. When a user creates a listing, requests particular information from users, requesting preferences for gender, sexual orientation, and kids. Much of this information is solicited via drop down menus which list the various choices. Users can also put additional comments in a section that allows for an open-ended narrative. Two Fair Housing Councils in California sued Roommates contending that the site violated the Fair Housing Act (FHA), 42 U.S.C. § 3601 and state housing discrimination statutes. The FHA prohibits any “statement . . . with respect to the sale or rental of a dwelling that indicates . . . an intention to make [a] preferenc,e limitation, or discrimination” based on certain categories (such as gender or sexual orientation). California law has a related restriction. contended that it was immune under the CDA § 230. It claimed that it just provided options for its users and is not the “information content provider.” But the Ninth Circuit concluded that § 230 immunity didn’t apply. According to the statute, an “information content provider” is one who is “responsible, in whole or in part, for the creation or development of” the content. Writing for the court, Chief Judge Kozinski noted:

The FHA makes it unlawful to ask certain discriminatory questions for a very good reason: Unlawful questions solicit (a.k.a. “develop”) unlawful answers. Not only does Roommate ask these questions, Roommate makes answering the discriminatory questions a condition of doing business. This is no different from a real estate broker in real life saying, “Tell me whether you’re Jewish or you can find yourself another broker.” When a business enterprise extracts such information from potential customers as a condition of accepting them as clients, it is no stretch to say that the enterprise is responsible, at least in part, for developing that information.

The court also held that was not immune for its search system, which allowed users to search according to discriminatory criteria:

Read More


Facebook Banishment and Due Process

facebook3.jpgRecently, I was talking with David Lat, author of the blog Above the Law, and he was complaining about being banished from Facebook. David was an active user of Facebook, and he suddenly and inexplicably found himself banned from the site. Facebook didn’t supply him with any reason.

I found the issue quite intriguing, and David said I could blog about it. In particular, what makes this issue of interest to me is how it applies more generally to Web 2.0 applications. With Web 2.0, people invest a lot of time creating profiles, uploading information, and so on. And they start to depend upon these applications in their lives.

lat-david-2.jpgDavid also said he has a lot of important information on his Facebook profile. He uses it as a way to communicate with people, and he uses it to help him gather information for use in his blogging. So being kicked off Facebook is a big deal to David. It can impact his job. It can also impact his friendships and professional relationships. For example, David told me he received emails from several friends who wondered where he had gone. They thought David might be ignoring them or might no longer be their “friend” on Facebook.

As more of our lives become dependent on Web 2.0 technologies, should we have some sort of rights or consumer protection? Is Facebook the digital equivalent to the company town?

David checked Facebook’s website, which has a FAQ about disabled accounts. Facebook states:

Your account was disabled because you violated Facebook’s Terms of Use, to which you agreed when you first registered for an account on the site. Accounts can either be disabled for repeat offenses or for one, particularly egregious violation.

Facebook does not allow users to register with fake names, to impersonate any person or entity, or to falsely state or otherwise misrepresent themselves or their affiliations.

Read More


The Future of Reputation — Now Online for Free!

future-of-reputation-free2.jpgI’m very happy to announce that my publisher is allowing me to post a copy of The Future of Reputation: Gossip, Rumor, and Privacy on the Internet free online. Of course, I’d love it if you bought a copy, but if I can’t convince you to buy it, then I hope you’ll at least read it for free online. There really is a free lunch after all! And if you read the book and don’t like it, well . . . you get what you pay for.

I think that it is great that Yale University Press is allowing me to do this. I hope more publishers decide to let their authors do this in the future — especially academic presses, whose mission is not just to make a profit but to help spread ideas.

The book is licensed under a Creative Commons license — it can be used for non-commercial uses.

To download the full-text of the book, click here.


Facebook Applications: Another Privacy Concern

facebook3.jpgRecently, I’ve been complaining about Facebook’s mishaps regarding privacy. Back in 2006, Facebook sparked the ire of over 700,000 members when it launched News Feeds. In 2007, Facebook launched Beacon and Social Ads, sparking new privacy outcries. An uprising of Facebook users prompted Facebook to change its policies regarding Beacon. For more about Facebook’s recent privacy issues, see my post here.

But that’s not all. Over at CNET, Chris Soghoian reports about some severe privacy concerns with Facebook applications. An application (or “app” for short) is a program that is created by a third party that adds interesting features to one’s profile. These apps have become quite popular with Facebook users. But they come with some very serious potential dangers. Soghoian writes:

[A] new study suggests there may be a bigger problem with the applications. Many are given access to far more personal data than they need to in order to run, including data on users who never even signed up for the application. Not only does Facebook enable this, but it does little to warn users that it is even happening, and of the risk that a rogue application developer can pose. . . .

In order to install an application, a Facebook user must first agree to “allow this application to…know who I am and access my information.” Users not willing to permit the application access to all kinds of data from their profile cannot install it onto their Facebook page.

What kind of information does Facebook give the application developer access to? Practically everything. . . .

The applications don’t actually run on Facebook’s servers, but on servers owned and operated by the application developers. Whenever a Facebook user’s profile is displayed, the application servers contact Facebook, request the user’s private data, process it, and send back whatever content will be displayed to the user. As part of its terms of service, Facebook makes the developers promise to throw away any data they received from Facebook after the application content has been sent back for display to the user.

So when you use a third party application, you basically must put your trust in that third party to follow Facebook’s rules in good faith. In other words, Facebook users use applications at their own risk.

But what if an application is created by some hacker in Russia? Or is designed by a creepy child molester to harvest people’s personal information? Should Facebook be doing more to protect users against the bad-apple application developers?

Soghoian notes that in many cases, applications are being given access to much more personal data than they actually need to function:

Read More