Stasi / Facebook / Big Data DAAD Day 17 – Stasi networks and Facebook Social Graph

Similar to how Facebook uses a user’s connections to determine information about them, the Stasi considered all information they could gather about a person in their intelligence campaigns. They incorporated not only the contents of a target’s mail, but information about professional and personal relationships, love affairs, and organizations to which they belonged. (Reinicke, 106)

Source: ProPublica/BStU

This attention to not only the contents of a person’s postal communications, but their social connections can be evidenced in this hand-made graphic discovered at the BStU by Julia Angwin. The graphic shows forty-six connections, linking a targeted citizen to other potentially interesting persons (e.g. an aunt), places (e.g. “church”), and meetings (e.g. post, phone). Through whichever means necessary the Stasi made and utilized these connections in order to gain additional insights and institute methods of control.

Visual explanation of Facebook Social Graph. Source: Business Insider

This image reinforces the notion that the Stasi’s work was mostly a manual, often experimental, labor. It also tells us their work in surveillance and control, which is seen as a miserable, tyrannical sort, is now standard business practice among the software-automated surveillance capitalist models of the internet used by Facebook, Google, and others. Just as Department M workers like Gerd Reinicke mined the post for intelligence and PiD, the same basic processes the Stasi developed, now used as software by Facebook, are also at work in China, Iran, and other countries to filter and control what people can say and read through elaborate censorship software systems.

  1. Hanna Labrenz-Weiß. Abteilung M (MfS Handbuch). Hg. BStU. Berlin 2005.
  2. Reinicke, Gerd. “Mitlesen für den Klassenkampf: Postkontrolle der Stasi”. In: Heimliche Leser in der DDR: Kontrolle und Verbreitung unerlaubter Literatur (ed. Siegfried Lokatis). Berlin, 2008.
  3. Angwin, J. (2017). You Know Who Else Collected Metadata ? The Stasi. ProPublica, 6–8.

Stasi / Facebook / Big Data DAAD Day 13 – The Stasi’s Electronic Databases

The number of cards in the Stasi indexes grew to an incredible 39,000,000 by 1989. In order to provide constant access to this massive material data system they created various special storage units and containers as it expanded. The current mechanical powered card indexes in place at the BTsU were found after the end of the GDR and are still in use in order to meet requests of citizens who wish to view the data the Stasi kept on them.

Mechanical index card file organization system used by the Stasi.

Beginning in the 1960s, the MfS also used various electronic databases to track citizens.* These databases were never fully implemented as a primary source of storage because computing and software available in the GDR at the time, even machines stolen or purchased in the west, were unreliable. For six years the Stasi mirrored essential data from the F16 personal card into an electronic format. In 1975, Department XII, responsible for central data collection, information and storage, introduced the “System of automatic pre-selection” (SAVO) which allowed workers to verify that a person was “not yet recorded” in the system. This considerably reduced the time it took for verification, however it still required a substantial 12–21 days for a process to complete.

By 1986 SAVO 2.0 was introduced providing printing functionality, increased capacity—now containing all data from the F16 card—and reducing search times to 1–6 days. It also provided teletype connections eliminating the need for couriers and allowing multiple agencies (passport control, tourism, etc.) to use the same data source simultaneously. (The Key to Power, 6) While this greatly modernized the surveillance workflow of the Stasi, it continued to act only as a duplicate of the F16 card, which was still faster for priority inquiries, and less susceptible to errors.

A computer used by the Stasi. Source: BBC

The logic for these implementations is echoed in modern database planning and use. While redundancy is employed for backups and increasing access speed across global networks, there is still a “master” copy of all data, or in the case of distributed system, automated processes (software) that merge and maintain distributed data into a master. Like the Stasi’s decision to completely mirror portions of the F16 system, modern systems use whichever implementation is most reliable for the master, while summarizations of that data may be “pushed” to other indexes for faster retrieval.

The Stasi’s use of multiple systems, as well as the F16 and F22 card also preempt the concept of “joins”, which is a powerful feature in relational database management systems (RDBMS), to allow various pieces of data to be spread out across multiple indexes. Like the registration number on the F16/22 cards, records from multiple discrete RDBMS can be “joined” by matching a single identification field in order to supply additional, or limit access to other data, when performing queries.

Multiple other computerized database systems were developed or used by the Stasi, including SOUD, a collection of information on the “enemy” shared between the GDR, Bulgaria, Cuba, Poland, the USSR, Czechoslovakia, Hungary, and Vietnam. The most expansive of all their electronic indexes, was the central database of personal data (ZPDB). Introduced in 1981, by the end it contained records on over 1,320,000 people, 417,000 situations, 558,000 objects, and numerous related information.

The desire to track not just people, but occurrences and objects is directly visible in the largest person tracking organization today. In Facebook’s “Social Graph”, introduced in 2007, any person, place, thing, event, anything that can be named, is recorded in a massive attempt to commodify everything and our connections to it. Like the Stasi ZPDB, everything in the Facebook Social Graph is indexed by a unique identification string as single record, which Facebook considers a “node,” with links or “edges” that connect them. These definitions are based on Facebook’s desire to do data science on the their information, applying statistics and other mathematical operations from graph theory in order to understand their data and predict (and manipulate) the behavior of users.

*Regrettably, all electronic databases and their magnetic storage was destroyed not long after the end of the GDR. Meaning, BStU staff now use the original paper F16 card system to provide services to the public.

  1. The key to power: Card indexes and other finding aids practices of State Security. Archivar 64. Jahrgang Heft 04 November 2011.

Thinking Through Digital Media: Transnational Environments and Locative Places

I’m enjoying reading this new book which discusses three of my works (Give Me My Data, Camp La Jolla Military Park, and Keyword Intervention): Thinking Through Digital Media:Transnational Environments and Locative Places by Dale Hudson and Patricia R. Zimmermann (Palgrave Macmillan, 2015)

Give Me My Data offers users a tool to see, if not claim, their data under Facebook’s (frequently amended) privacy rights, which often make seeing one’s data impossible. In 2010, the new Facebook interface threatened to “erase” user data, so the app offered a way to save one’s data and “refill” one’s Facebook profile, which is also useful in cases of identity theft. Users select the data they would like to see and then choose a format in which to see it. Data can be imported into a document or spreadsheet or visualized as a graph or cloud. Users can speculate on how corporations automate their data: sorting it through different filters, running it through different programs, interpreting it for different reasons. The app allows users an opportunity to investigate the types and meanings of information about themselves available outside their control. They are prompted to reflect critically about data they freely and willingly give away to corporations and governments.
—Dale Hudson and Patricia R. Zimmermann

Thinking Through Digital Media Thinking Through Digital Media

Project Presentation and Mini-Seminar: Live Project Launch, Workshop Outcomes and Talks on [Social] Media Hacking

Tonight Tim Schwartz, Walter Langelaar, Birgit Bachler, and I share our new project. The concept has taken a turn from the original plan, but will be exciting nonetheless.

Project Presentation and Mini-Seminar: Live Project Launch, Workshop Outcomes and Talks on [Social] Media Hacking
Friday, July 27, 2012

Tonight we launch the new version of “Give Me My Data!”, a project that together with Artists In Residence Tim C. Schwartz and Owen Mundy was revised and revived in WORM’s moddr_lab.

Give Me My Data offers functionality to its users with which they can retrieve and backup data and files from several key social networks; partly designed as a backup tool moreover targeted at networks that completely lack these functions.

Besides launching the project and am in-depth presentation by the artists, Walter Langelaar of WORM will give an introduction and overview of similar (art)works and earlier projects that came out of WORMs studios like the “Web2.0 Suicide Machine”.

Further more we’ll have presentations of current and ongoing projects from the lab, like Birgit Bachler’s ‘online social gardening’ platform “Talk To The Plant”, the Force of Freedom (Roel Roscam Abbing and Micha Prinsen) present “”, and Geert Lovink talks about the “Unlike Us” initiative. The last addition to tonights programme is a presentation by on their very excellent RePress project; a WordPress plugin that automagically converts your site to a proxy-server countering censorship on the internet!

In conclusion there will be an open Q&A and panel discussion moderated by Florian Cramer of Creating010.

Projects & Speakers

Florian Cramer – Creating010
Florian Cramer, is a reader and programme director at the applied research center Creating 010 at Hogeschool Rotterdam, The Netherlands. he is a critical writer on arts, culture and information technology. Recent publications include: Exe.cut(up)able statements: Poetische Kalküle und Phantasmen des selbstausführenden Texts, Wilhelm Fink, 201.

Unlike Us / Geert Lovink
The aim of Unlike Us is to establish a research network of artists, designers, scholars, activists and programmers who work on ‘alternatives in social media’. Through workshops, conferences, online dialogues and publications, Unlike Us intends to both analyze the economic and cultural aspects of dominant social media platforms and to propagate the further development and proliferation of alternative, decentralized social media software.

Tim C. Schwartz – moddr_/WORM Artist in Residence
Tim Schwartz grew up in St. Louis, MO. He received a BA in Physics from Wesleyan University and an MFA in Visual Arts from the University of California, San Diego. In January 2010, he developed a technology to help reunited missing people affected by the earthquake in Haiti and now co-runs an organization dealing with family reunification. Last year Schwartz spent four months traveling the country in a mobile research laboratory investigating what is lost as archives become digital.

Birgit Bachler – moddr_/WORM
Birgit is an Austrian artist living and working in Rotterdam/NL.
She graduated as BA in Information Design / Media & Interactiondesign at the Universityof Applied Sciences in Graz/AT and is a recent graduate of the MA Networked Media at Piet Zwart Institute Rotterdam. She has a background in interactive, audiovisual media and programming. 
Her interests focus on the influence of new media on our everyday lives and the similarities and differences between human and computational behavior.

RePress /
“This plugin was made in response to the ongoing limitation of the Open Web. In the dawn of 2012 we found ourselves confronted with a court-ruling blocking the in the Netherlands. On the other side of the ocean new laws are being discussed to curtail web-freedom even further.”

We zijn pioneer in groene hosting. We ontwikkelden een innovatief energiebesparend hostingplatform waardoor we 70% minder energie gebruiken dan andere hosters. Onze servers staat bij Evoswitch, het meest duurzame datacenter van Nederland.

Owen Mundy – moddr_/WORM Artist in Residence
Owen Mundy is an artist, designer, and programmer who investigates public space and its relationship to data. His artwork highlights inconspicuous trends and offers tools to make hackers out of everyday users. He has an MFA in Visual Art from the University of California, San Diego and is an Assistant Professor of Art at Florida State University. / Force Of Freedom
At you can upload, share and download digital designs for real physical products. allows you to share designs of any nature, whether these designs are copyrighted or dangerous. Unlike other websites does not claim any rights of your designs once you upload them.In the near future will run on a fully secure and anonymous server.

We believe that users should be free to reverse engineer any everyday objects that surround them. Either to improve these objects, customize them, repair them or just to understand them.

The Force Of Freedom is a Rotterdam based collective founded by Micha Prinsen and Roel Roscam Abbing in 2009. Researching ways in which we can relate to things that happen on-line.

De volgende kaarten zijn beschikbaar:
Voorverkoop: € 5.00
Deurverkoop: € 5.00

Boomgaardsstraat 71
3012 XA Rotterdam

Give Me My Data API Hacking Masterclass

Give Me My Data API Hacking Masterclass
Thursday, July 27, 2012

A ‘hands-on’ workshop with technical and theoretical overview of contemporary ‘Application Programming Interfaces’ (API’s) of large social networks, en how to use these for your own project or application.

We will cover the ins and outs of creating Facebook apps, web applications, and how to play with the Twitter, Foursquare, Flickr and Instagram APIs.

With WORM’s current ‘Artists In Residence’ Tim C. Schwartz and Owen Mundy you’ll learn from a programmers perspective how to approach your target network, to subsequently make it do what you need it to…

As an example you can think of Owen’s project “Give Me My Data” or WORM’s previous release of the “Web2.0 Suicide Machine”

No specific technical skills required, but a curious mind towards the ins&outs of social networking is a must!

[EN] buy your ticket online or send your resrvation,

Participation is limited so act fast!
– reduced/discount tickets available for WORM volunteers & students (with ID)

Voorverkoop: € 15.00
Deurverkoop: € 15.00
Normaal reductie
Voorverkoop: € 10.00
Deurverkoop: € 10.00

Location: WORM, Boomgaardsstraat 71, 3012 XA Rotterdam

Facebook’s God complex: No data for the “wicked”

I was quoted recently in a TechCrunch article about the ongoing battle between Google and Facebook to draw users to their respective social networking services. In the article, The Only Backdoor Left To Sneak Your Facebook Friends Into Google+ Is Yahoo, Erick Schonfeld writes:

‘Over the weekend, Facebook blocked a Google Chrome extension called the Facebook Friend Exporter. And in fact, Facebook changed its OAuth 2.0 API in such a way that it “suddenly removed email addresses from the queries without warning,” says Owen Mundy, creator of Give Me My Data. Other data can still be exported, just not your friends’ email addresses.’ [1]

I wanted to clarify something about the above because my contribution is slightly vague. I also wanted to elaborate for other developers and people interested in how to get their data, specifically the email addresses *out* of Facebook.

Getting your data our of Facebook is a hot issue right now with the emergence of Google+. It’s important to be able to preserve your data, especially in the event you want to exit Facebook, or prepare for its possible demise. I think most people don’t care which social networking software they use, as long as they can stay in touch with their friends. Many depend on Facebook to keep their friends’ contact information up to date. Their friends’ phone numbers, emails, and physical addresses may have changed, but they can still be found on Facebook.

This is one great benefit of Facebook, but I think they’ve come to take a higher-than-thou approach to user data. For example, if I use a single software on my computer to manage contact data for my friends, send them messages with pictures, etc., I am not locked-into a contract with the machine nor the software. I physically have the device that stores this data in my possession, and therefore can do whatever I like with it—assuming I can wrangle my data out of it.

One of the great benefits of the cloud is access, right? Wrong. Facebook has a god’s eye view regarding the matter of our data. The view from on high is that they can do whatever benefits Facebook, not necessarily the user. So they continue profiting from our activity while protecting it’s evidence from any company/person/software which could compromise their lead in social networking. Unfortunately this includes us, so we are ultimately at their mercy.

But Facebook is not a merciless God. They don’t charge to use their service or store my data. This is the tradeoff. We sacrifice privacy—our right to not be tracked, advertised to, or sniffed by governments—in order to play games, have stupid political debates, and post pictures of our kids. So, they have the right to allow or prevent access to this information, regardless of whether it is right.

Regarding getting email addresses of your contacts, as far as I know, there are three ways to mass export your friends’ contact data, only one of which is currently allowed by Facebook.


The Facebook Friend Exporter, created by Mohamed Mansour, is a browser extension that works independent of the Facebook API. It scrapes your friends’ contact data from the Facebook pages you visit and exports them as CSV. First, Facebook’s rules here for reusing this type of data are not exactly clear. While they don’t explicitly ban saving the contact info of your friends, the have a catch-all statement that tries to set guidelines for doing so. One could argue by accepting your friend request a user has already consented to sharing with you.

“If you collect information from users, you will: obtain their consent, make it clear you (and not Facebook) are the one collecting their information, and post a privacy policy explaining what information you collect and how you will use it.” [2]

One thing that is clear is the method the Facebook Friend Exporter extension uses is banned according to Facebook’s Statement of Rights and Responsibilities:

“You will not collect users’ content or information, or otherwise access Facebook, using automated means (such as harvesting bots, robots, spiders, or scrapers) without our permission.” [2]

And as expected, Facebook has taken measures to prevent Mansour’s app from working.

“Mansour says that Facebook removed emails from their mobile site, which were critical to the original design of his extension. He told me that the company had implemented a throttling mechanism: if you visit any friend page five times in a short period of time, the email field is removed.” [3]

This is not the first time Facebook has referenced their Statement of Rights and Responsibilities to take measures to keep user data from hackers, artists, or competitors. In 2010 they served moddr and other makers of the Web 2.0 Suicide Machine with a cease and desist letter to prevent them from providing a service for Facebook users to delete their accounts. The letter, which claimed the project was guilty of “Soliciting users’ Facebook login information; Accessing a Facebook account belonging to someone else; Collecting Facebook users’ content or information using automated means such as scripts or scrapers without Facebook’s permission” was possibly effective. Currently only users of MySpace, LinkedIn and Twitter can commit “virtual suicide.”

The Face to Facebook (see image on left) project by Paolo Cirio and Alessandro Ludovico stole one-million Facebook profiles, filtered them with face-recognition software, and then posted them on a fake dating website sorted by facial characteristics. From a statement by the makers:

“Everybody can steal personal data and re-contextualize it in a completely unexpected context. And that shows, once more, how fragile and potentially manipulable the online environment actually is.”

I agree, and I like the project. But in a public work such as this it’s hard to argue, in my opinion, that this project will help the average web user. While many may reconsider the type of information they post, more than likely they will think this project is another example of the “bad guys” (a.k.a. hackers) doing bad things. While it critiques, in a very amusing and relevant way, the issue of online privacy, it leaves the user feeling violated, not necessarily thoughtful. As a work of protest it encounters the same problem that holding a giant sign in someone’s face that says “go to hell”—It makes it hard for the other person to see your perspective when you do that.

While I appreciated the fun jab and reference to FaceMash, Facebook did not see the humor in the project. The creators received cease and desist letters and were threatened with multiple lawsuits from Facebook’s lawyers. And in a final spiteful measure, Facebook deleted their profiles [4]. Apparently the rule is, what happens on Facebook, stays on Facebook.

Using the API

While I was sure that in the past my app, Give Me My Data, was able to retrieve a user’s friend’s email address, when I tested it after the Facebook Friend Exporter news broke I found no emails. Looking around the web I can’t find any evidence that Facebook ever allowed this data to be accessed. While you can still export all other data from your Facebook profile using Give Me My Data, this tiny and important string of characters with an ‘@’ is one essential component Facebook won’t allow. Likely, the policy was spurred by spam prevention, but given the above, it has the added bonus of blocking an exodus of users from Facebook.

In any case when you run the following FQL (Facebook Query Language) against their API it doesn’t error. This means the field exists, but they have written a custom script to remove it from the results.

SELECT first_name, middle_name, last_name, email
FROM user
WHERE uid IN (SELECT uid2 FROM friend WHERE uid1 = me())

Becoming a Preferred Developer

In the article above, Schonfeld also explains how users can access their Facebook friend’s contact info by first importing it into a Yahoo! account and then exporting a CSV which can be imported into Google+ (or anything for that matter). I believe that Yahoo! belongs to the Facebook Preferred Developer Consultant Program which gives them access above and beyond regular developers:

“Facebook provides PDCs with increased access to its employees and training. PDCs are expected to abide by program expectations around policy compliance, integration quality, and high-level cooperation with Facebook.” [6]

Whatever kind of cooperation it is that Facebook is giving these preferred developers, one can be sure it includes access to data Facebook considers sensitive, like email addresses. While Yahoo! is not listed as a preferred developer on the Facebook page above, they have access to the emails so they clearly have some kind of arrangement.

Google, on the other hand, most definitely does not. This is not the first time Google and Facebook have gotten into a scuffle over sharing (or lack of) data. Late in 2010 Google stated they would no longer allow Facebook and other services access to their users’ data unless Facebook or the other service allowed data to be accessed by Google. [7]

In closing, we already know everyone wants our data. All the clicks, likes, comments, photos, and video we incur or upload are tracked, analyzed, and ultimately compiled and sold to advertisers or others in the business of molding consumer (or political) behavior. We’ve come a long way since Gutenberg, but just like when he was alive, it seems there will always be powerful groups in control of the media of the day. And, even with the utopian promise of a democratic internet, information continues to be manipulated or hidden in order to keep them powerful.


  1. Schonfeld, Erick, “The Only Backdoor Left To Sneak Your Facebook Friends Into Google+ Is Yahoo,” Jul 5, 2011,
  2. “Statement of Rights and Responsibilities,” Facebook, last revised April 26, 2011,
  3. Protalinski, Emil, “Facebook blocks Google Chrome extension for exporting friends,” July 5, 2011
  4. “Angry Victims and Eager Business Partners React to the “Face to Facebook” Art Stunt,” ARTINFO, February 11, 2011
  5. Gayathri, Amrutha, “Why Facebook’s Acts of Desperation Are Not Enough to Stop Google+,” International Business Times, July 6, 2011,
  6. “Facebook Preferred Developer Consultant Program FAQ,”
  7. Oreskovic, Alexei, “Google bars data from Facebook as rivalry heats up,” Reuters, Nov 5, 2010,

Give Me My Data upgrade: New API, authorization, and data formats

No one would be surprised to learn that almost all of the user-generated content websites use our personal data to sell advertisements. In fact 97% of Google’s revenue comes from advertising.[1] That’s why it’s important these sites provide as much access as possible to the real owners of our data‐us. After all, we put it there and allow them to use it in exchange for the use of their software. Seems like a fair trade if you ask me.

A year and a half ago Facebook didn’t provide any access. That’s why I created Give Me My Data, to help users reclaim and reuse their personal data they put on Facebook.

By giving more agency to users of online systems, Give Me My Data may have already impacted the nature of online application development. In November 2010, almost a year after I launched Give Me My Data, Facebook created their own service for users to export their profile from Facebook as a series of HTML pages. Unlike Give Me My Data, the Facebook service doesn’t allow you to select which data you want or to choose custom formats to export. It also doesn’t give you options for visualization like the custom network graphs that Give Me My Data offers.

I believe their motivation originates in part with my application, likely due to the popularity of Give Me My Data, and points to the potential usefulness of similar apps. While years down the road may reveal many other online systems giving users control over their data, I see this as a positive effect where the content we create, as well as the means to share and manage it, are democratized.

Meanwhile, the above also keeps me hard at work developing the Give Me My Data project. This week I rewrote the program to use Facebook’s new OAuth authorization, which also required rewriting all of the code that fetches the data. Previously it used the REST API which is being deprecated (sometime?) in the future. I also added new data types, fixed the CSV format (which had the rows and columns mixed-up), and added the possibility to export in the JSON data format.

Finally, in the data selector, I distinguished standard data and customized data types. When I say customized, I mean that I’ve written code that mashes together more than one data table and/or addresses a specific question. For example, right now users can select from two types of network graphs and corresponding formats. One describes the user’s relationship to their friends, and the other describes the user’s relationship to their friends, as well as all their friends’ relationships to each other in various graph description languages. This is how I made the network graph image below. I’m also interested in hearing other suggestions for custom queries I might add. The project will be open source on Github soon, so even code contributions will be welcome.

Anyway, please try out the new version. You may have to delete the app from your allowed applications and then re-authorize it if you’ve used it before. As usual, you can provide feedback on the application page, and you can also contact me on Twitter via @givememydata.

[1] “Google Financial Tables for Quarter ending June 30, 2009” Retrieved October 13, 2010

Plutonian Striptease VIII: Owen Mundy

Originally published in Plutonian Striptease, a series of interviews with with experts, owners, users, fans and haters of social media, to map the different views on this topic, outside the existing discussions surrounding privacy.

PS: Social networks are often in the news, why do you think this is?

OM: Assuming “social networks” refers to the online software, application programming interfaces (APIs), and the data that constitutes sites like MySpace, Facebook, and Twitter, I feel its popular to discuss them in the news for many reasons.

Online applications that enable enhanced connectivity for individuals and other entities are relatively new and there is an apparent potential for wealth through their creation and the connections they enable. News organizations are businesses, so they naturally follow the money, “reporting” on topics which are considered worthwhile to advertisers who buy space in their pages, pop-ups, and commercial breaks.

Additionally, the public is still grappling with the ability for online software to collect and distribute data about them, both with their permission and through clandestine means at once. Most users of social networking software don’t understand the methods or potential for behavior manipulation in these user interfaces and therefore are wary of what they share. Other users seem to be more care-free, making many private details from their lives public.

Finally, online social networking software is still evolving, so it’s difficult for users to establish a consensus about best practices. I believe the accelerating functionality of web 2.0 software will continue to complicate how we feel about online social networks for much longer.

PS: In what way do they differ from older forms of communication on the Internet?

OM: If web1.0 consisted of static pages, web2.0 is made-up of dynamic information, generated by the millions of users accessing the web through personal computers and mobile devices. This rapid rise in user-generated content has been made possible by the development of online applications using a myriad of open source programming languages. Sites like (launched 2005 and written primarily in Python) and (2004, PHP) which consist entirely of content contributed by users, store information in databases allowing for fast searching, sorting, and re-representation. Initially, the web consisted of information and we had to sift through it manually. Web2.0 allows for the growth of a semantic web and possibilities for machines to help us describe, understand, and share exponential amounts of data through tags, feeds, and social networks.

PS: Who is ultimately responsible for what happens to the data you upload to social networks?

OM: Obviously users are responsible for deciding what information they publish online. Still, Facebook’s “Recommended Privacy Settings” should emphasize more not less. While their privacy settings always seem to be a work in progress. One thing they do consistently is default to less privacy overall, thus more sharing of your information on their site. For a website that depends on user-generated content the motivation to encourage sharing is clear enough. Still, why do they use the word “privacy” if they’re not actually embracing the idea?

I honestly feel that all software that accepts user input, credit cards and phone companies, should be bound by strict written rules preventing them from sharing my information with advertising companies or the government. It seems like a basic human right to me. If there are laws preventing me from downloading and sharing copywritten music then there should be laws protecting my intellectual property as well.

PS: Do you read Terms of Use or EULA’s and keep up to date about changes applied to them?

OM: Only when curious or suspicious. They’re usually intentionally full of so much legalese that I don’t bother torturing myself. But as an artist and programmer, I have an interest in sharing my information in public space because I benefit from its appreciation. Perhaps a more accurate answer to this question would come from someone who doesn’t have this interest.

PS: Do you think you’ve got a realistic idea about the quantity of information that is out there about you?

OM: Yes I do. I am definitely conscious of the information I share. In addition I also research methods of surveillance and incorporate that knowledge into my art practice. So while I haven’t seen the visualization that determines the likelihood that my grandmother is a terrorist threat, it’s guaranteed that one is possible with a few clicks and some multi-million dollar defense contractor dataveillance tool. This is true for any human being through aggregation of credit card records, travel information, political contributions, and what we publish online.

PS: How do you value your private information now? Do you think anything can happen that will make you value it differently in the future?

OM: It’s important to me to situate my art practice in public space where it can provoke discussion for all audiences. But yes, I do intentionally avoid distributing dorky pictures of my mountain bike adventures. Seriously though, I’ve been watching the news. I can say that I’m definitely alarmed by the post-911 surveillance on U.S. citizens.

PS: How do you feel about trading your personal information for online services?

OM: It depends on the service. We all have to give up something in order to use these tools. For example, without telling Google Maps that I’m interested in Mexican restaurants in Williamsburg, I might never find Taco Chulo. This continual paradox in making private information public is somewhat rendered void if the sites we use actually protect our information, but it is more likely that everything we say and do online is used to some degree to enhance and advertisements. Here’s another example, 97% of Google’s revenue comes from advertising, which should suggest that while they produce software, their ultimate goal is to appeal to advertisers.[1]

PS: What do you think the information gathered is used for?

OM: I have a background in interface design and development so I know how great it is to use web stats to see where users are clicking. If traffic is not moving in the direction that you want then you can make specific buttons more prevalent.

I can only imagine what a company like Google does with the data they gather through their analytics tools. The fact that a government could access this information is scary when you think of the actions of past fascist states. The amount of control a government could levy through a combination of deep packet searching and outrightly ignoring human rights is staggering.

PS: Have you ever been in a situation where sharing information online made you uncomfortable? If so, can you describe the situation?

OM: Definitely. Sharing financial information online always causes a little anxiety. One of my credit cards has been re-issued three times now due to “merchant databases being hacked.”

PS: What is the worst case scenario, and what impact would that have on an individual?

OM: I just moved to Berlin so I’m looking at the history of this place quite a bit. This is relevant because, during the Cold War, before Germany was reunited, the German Democratic Republic (GDR) Ministry for State Security (MfS) or ‘Stasi’ is believed to have hired, between spies and full- and part-time informants, one in every 6.5 East German citizens to report suspicious activities.[2] That’s millions of people. At this moment, the ratio of people entering data on Facebook to non-members is one in fourteen for the entire world.[3] We have probably the most effective surveillance machine in the history of mankind.

PS: Nowadays, most of the “reading” of what is written online is done by machines. Does this impact your idea of what is anonymity and privacy?

OM: Well, it’s not surprising the interview has come to this point, since I keep referrencing the multitude of methods of computer-controlled digital surveillance. It’s true that machines have replaced humans for remedial work. For example: searching text strings for suspicious statements. But the ultimate danger to my privacy is only enhanced by machines. The real problem is when companies that I trust with my data decide to share it with corporations or governments that engage in behavior control.

PS: Can a game raise issues such as online privacy? And if so, what would you like to see in such a game?

OM: I find this question to be intentionally leading. Perhaps its because I’m generally optimistic and come from farmers, so I assume anything is possible? Not being a gamer though, I can tell you honestly that yes, it is possible, but you will have some challenges if you intend to reach an audience that doesn’t already agree with you. Reaching non-gamers who don’t already feel the same will be even tougher.

Games are generally immersive; you are either playing or your not. The biggest challenge you may have is reaching non-gamers, because they don’t generally invest large amounts of time in games for enjoyment. Try to find ways to highlight complexity and prompt discussion regardless of how long users play, and make this clear from the outset.

Finally, in politically-motivated cultural production it’s important to appeal to an audience first, and let them come to the issues on their own. Who would sit through a film knowing the twist at the end? Especially a conclusion intended to spur critical thinking and action, which is of course the goal.

[1] “Google Financial Tables for Quarter ending June 30, 2009” Retrieved October 13, 2010
[2] Koehler, John O. (2000). Stasi: the untold story of the East German secret police. Westview Press. ISBN 0813337445.
[3] “Facebook Statistics” Retrieved October 14, 2010

Facebook’s recommended privacy settings should emphasize more not less

Facebook’s “Privacy Settings” always seem to be a work in progress. One thing they do consistently is default to less privacy overall, thus more sharing of your information on their site. For a website that depends on user-generated content the motivation to encourage sharing is clear enough. Still, why do they use the word “privacy” if they’re not actually embracing the idea?

For example, a recent update introduces a table with degrees of privacy from less to more (left to right). Types of data are listed in rows, while access is shown in the columns, with Everyone to Friends Only, again left to right.


Curious about what Facebook “Recommended” settings were, I clicked and am sharing the screenshot below. I am not surprised to see that they wish me to open-up all content I generate; status messages, posts, images, etc. and discourage allowing anyone I don’t know to comment on posts (probably as spam prevention).


I have been thinking about privacy quite a bit this week, developing ideas for what next to do with Give Me My Data, and providing an interview about social media for Naked on Pluto (along with the likes of Marc Garrett and Geert Lovink). Plus I went to see the “geek hero story” The Social Network at the Babylon Cinema last night.

Anyway, after all this thinking about Facebook’s past, I’m curious about its future, and how it will continue to try to hold on to the #1 social networking website position that Friendster and MySpace lost so quickly. The API, games, etc could be expected, but the Facebook Connect tools that are so prevalent now, even on Yelp, a site I figured could make it without schlepping, were a surprise.

Facebook Connect, a jquery “widget” that allows you to login to other websites using your Facebook ID, is clever and eerie at once. It allows Facebook to track you when you are not even on their site, and make sure you stay loyal. If that sounds sinister, well it is. What other purpose could there be for making available a service with the single purpose of mediating every interaction or bit of content you add to the web? It seems at first like OpenID, and it is, except that its run by a multi-billion dollar social media corporation.