Give Me My Data: A Facebook Application Inspired by the Stasi Files Controversy, talk at DAAD Meeting in Dresden, Germany

Giving a talk today in Dresden, Germany titled, “Give Me My Data: A Facebook Application Inspired by the Stasi Files Controversy.” Here is the abstract.

During the final days of the German Democratic Republic (or GDR) it became evident that the Ministry for State Security (more popularly known as the “Stasi”) was destroying incriminating evidence from its 40-year history of domestic and international surveillance. These documents, which the Stasi was attempting to destroy using shredding machines, as well as by hand when the machines failed, included information gathered through various clandestine methods about lives of citizens of the GDR without their knowledge or consent.

On January 15, 1990, protestors stormed the Stasi headquarters in Berlin in attempt to prevent the destruction of personal records which they felt they should be able to access. The phrase, “Freiheit für meine Akte!” (in English: Freedom for my file!) spray painted on the Stasi guardhouse during this protest embodies a desire by citizens to open this closed world of state surveillance in order to understand the methods of control employed the Stasi

This moment in history inspires my ongoing project, Give Me My Data, a Facebook application that helps users export their data out of Facebook. While clearly utilitarian, this project intervenes into online user experiences, provoking users to take a critical look at their interactions within social networking websites. It suggests data is tangible and challenges users to think about ways in which their information is used for purposes outside of their control by government or corporate entities.

At the height of its operations, the Stasi is believed to have hired, between spies and full- and part-time informants, one in every 6.5 East German citizens to report suspicious activities, almost 2.5 million people.1 At this moment, the ratio of people entering data on Facebook to non-members is one in fourteen for the entire world,2 introducing possibly the most effective surveillance machine in history.

Germany and Google Street View

This week I have been enjoying the blurred images of German buildings whose owners have chosen to opt-out of Google Street View. Infamous moments in the country’s history have led Germans to take privacy very seriously; especially when it comes to information about their residences. Unlike the United States, where data privacy is an opt-out option, Germany law states that, “citizens must opt-in to have their data collected in any way.” (1). In fact, there is a document detailing the rights of the “data subject” in the German Federal Data Protection Act which serves “to protect the individual against his right to privacy being impaired through the handling of his personal data.”

An even more powerful gesture are the very public images that have resulted from this protection. While they serve a specific function—to obscure identifying aspects of buildings, faces, etc.—they also communicate very effectively the message that individuals should have the right to decide how their data is used. This gets to the heart of the Give Me My Data app—to prompt this sort of discussion. It is then ironic that Google, a company whose revenue is based almost completely on advertising opportunities made possible by aggregating and re-representing data, has inadvertently brought us this message.

I was excited to find my own apartment building in Berlin has been removed.

Another building down the street

Helge Denker, a reporter with the German daily, Das Bild, has found a clever way to opt-out.

Plutonian Striptease VIII: Owen Mundy

Originally published in Plutonian Striptease, a series of interviews with with experts, owners, users, fans and haters of social media, to map the different views on this topic, outside the existing discussions surrounding privacy.

PS: Social networks are often in the news, why do you think this is?

OM: Assuming “social networks” refers to the online software, application programming interfaces (APIs), and the data that constitutes sites like MySpace, Facebook, and Twitter, I feel its popular to discuss them in the news for many reasons.

Online applications that enable enhanced connectivity for individuals and other entities are relatively new and there is an apparent potential for wealth through their creation and the connections they enable. News organizations are businesses, so they naturally follow the money, “reporting” on topics which are considered worthwhile to advertisers who buy space in their pages, pop-ups, and commercial breaks.

Additionally, the public is still grappling with the ability for online software to collect and distribute data about them, both with their permission and through clandestine means at once. Most users of social networking software don’t understand the methods or potential for behavior manipulation in these user interfaces and therefore are wary of what they share. Other users seem to be more care-free, making many private details from their lives public.

Finally, online social networking software is still evolving, so it’s difficult for users to establish a consensus about best practices. I believe the accelerating functionality of web 2.0 software will continue to complicate how we feel about online social networks for much longer.

PS: In what way do they differ from older forms of communication on the Internet?

OM: If web1.0 consisted of static pages, web2.0 is made-up of dynamic information, generated by the millions of users accessing the web through personal computers and mobile devices. This rapid rise in user-generated content has been made possible by the development of online applications using a myriad of open source programming languages. Sites like youtube.com (launched 2005 and written primarily in Python) and Facebook.com (2004, PHP) which consist entirely of content contributed by users, store information in databases allowing for fast searching, sorting, and re-representation. Initially, the web consisted of information and we had to sift through it manually. Web2.0 allows for the growth of a semantic web and possibilities for machines to help us describe, understand, and share exponential amounts of data through tags, feeds, and social networks.

PS: Who is ultimately responsible for what happens to the data you upload to social networks?

OM: Obviously users are responsible for deciding what information they publish online. Still, Facebook’s “Recommended Privacy Settings” should emphasize more not less. While their privacy settings always seem to be a work in progress. One thing they do consistently is default to less privacy overall, thus more sharing of your information on their site. For a website that depends on user-generated content the motivation to encourage sharing is clear enough. Still, why do they use the word “privacy” if they’re not actually embracing the idea?

I honestly feel that all software that accepts user input, credit cards and phone companies, should be bound by strict written rules preventing them from sharing my information with advertising companies or the government. It seems like a basic human right to me. If there are laws preventing me from downloading and sharing copywritten music then there should be laws protecting my intellectual property as well.

PS: Do you read Terms of Use or EULA’s and keep up to date about changes applied to them?

OM: Only when curious or suspicious. They’re usually intentionally full of so much legalese that I don’t bother torturing myself. But as an artist and programmer, I have an interest in sharing my information in public space because I benefit from its appreciation. Perhaps a more accurate answer to this question would come from someone who doesn’t have this interest.

PS: Do you think you’ve got a realistic idea about the quantity of information that is out there about you?

OM: Yes I do. I am definitely conscious of the information I share. In addition I also research methods of surveillance and incorporate that knowledge into my art practice. So while I haven’t seen the visualization that determines the likelihood that my grandmother is a terrorist threat, it’s guaranteed that one is possible with a few clicks and some multi-million dollar defense contractor dataveillance tool. This is true for any human being through aggregation of credit card records, travel information, political contributions, and what we publish online.

PS: How do you value your private information now? Do you think anything can happen that will make you value it differently in the future?

OM: It’s important to me to situate my art practice in public space where it can provoke discussion for all audiences. But yes, I do intentionally avoid distributing dorky pictures of my mountain bike adventures. Seriously though, I’ve been watching the news. I can say that I’m definitely alarmed by the post-911 surveillance on U.S. citizens.

PS: How do you feel about trading your personal information for online services?

OM: It depends on the service. We all have to give up something in order to use these tools. For example, without telling Google Maps that I’m interested in Mexican restaurants in Williamsburg, I might never find Taco Chulo. This continual paradox in making private information public is somewhat rendered void if the sites we use actually protect our information, but it is more likely that everything we say and do online is used to some degree to enhance and advertisements. Here’s another example, 97% of Google’s revenue comes from advertising, which should suggest that while they produce software, their ultimate goal is to appeal to advertisers.[1]

PS: What do you think the information gathered is used for?

OM: I have a background in interface design and development so I know how great it is to use web stats to see where users are clicking. If traffic is not moving in the direction that you want then you can make specific buttons more prevalent.

I can only imagine what a company like Google does with the data they gather through their analytics tools. The fact that a government could access this information is scary when you think of the actions of past fascist states. The amount of control a government could levy through a combination of deep packet searching and outrightly ignoring human rights is staggering.

PS: Have you ever been in a situation where sharing information online made you uncomfortable? If so, can you describe the situation?

OM: Definitely. Sharing financial information online always causes a little anxiety. One of my credit cards has been re-issued three times now due to “merchant databases being hacked.”

PS: What is the worst case scenario, and what impact would that have on an individual?

OM: I just moved to Berlin so I’m looking at the history of this place quite a bit. This is relevant because, during the Cold War, before Germany was reunited, the German Democratic Republic (GDR) Ministry for State Security (MfS) or ‘Stasi’ is believed to have hired, between spies and full- and part-time informants, one in every 6.5 East German citizens to report suspicious activities.[2] That’s millions of people. At this moment, the ratio of people entering data on Facebook to non-members is one in fourteen for the entire world.[3] We have probably the most effective surveillance machine in the history of mankind.

PS: Nowadays, most of the “reading” of what is written online is done by machines. Does this impact your idea of what is anonymity and privacy?

OM: Well, it’s not surprising the interview has come to this point, since I keep referrencing the multitude of methods of computer-controlled digital surveillance. It’s true that machines have replaced humans for remedial work. For example: searching text strings for suspicious statements. But the ultimate danger to my privacy is only enhanced by machines. The real problem is when companies that I trust with my data decide to share it with corporations or governments that engage in behavior control.

PS: Can a game raise issues such as online privacy? And if so, what would you like to see in such a game?

OM: I find this question to be intentionally leading. Perhaps its because I’m generally optimistic and come from farmers, so I assume anything is possible? Not being a gamer though, I can tell you honestly that yes, it is possible, but you will have some challenges if you intend to reach an audience that doesn’t already agree with you. Reaching non-gamers who don’t already feel the same will be even tougher.

Games are generally immersive; you are either playing or your not. The biggest challenge you may have is reaching non-gamers, because they don’t generally invest large amounts of time in games for enjoyment. Try to find ways to highlight complexity and prompt discussion regardless of how long users play, and make this clear from the outset.

Finally, in politically-motivated cultural production it’s important to appeal to an audience first, and let them come to the issues on their own. Who would sit through a film knowing the twist at the end? Especially a conclusion intended to spur critical thinking and action, which is of course the goal.

[1] “Google Financial Tables for Quarter ending June 30, 2009” Retrieved October 13, 2010
[2] Koehler, John O. (2000). Stasi: the untold story of the East German secret police. Westview Press. ISBN 0813337445.
[3] “Facebook Statistics” Retrieved October 14, 2010

Facebook’s recommended privacy settings should emphasize more not less

Facebook’s “Privacy Settings” always seem to be a work in progress. One thing they do consistently is default to less privacy overall, thus more sharing of your information on their site. For a website that depends on user-generated content the motivation to encourage sharing is clear enough. Still, why do they use the word “privacy” if they’re not actually embracing the idea?

For example, a recent update introduces a table with degrees of privacy from less to more (left to right). Types of data are listed in rows, while access is shown in the columns, with Everyone to Friends Only, again left to right.

fb_more

Curious about what Facebook “Recommended” settings were, I clicked and am sharing the screenshot below. I am not surprised to see that they wish me to open-up all content I generate; status messages, posts, images, etc. and discourage allowing anyone I don’t know to comment on posts (probably as spam prevention).

fb_less

I have been thinking about privacy quite a bit this week, developing ideas for what next to do with Give Me My Data, and providing an interview about social media for Naked on Pluto (along with the likes of Marc Garrett and Geert Lovink). Plus I went to see the “geek hero story” The Social Network at the Babylon Cinema last night.

Anyway, after all this thinking about Facebook’s past, I’m curious about its future, and how it will continue to try to hold on to the #1 social networking website position that Friendster and MySpace lost so quickly. The API, games, etc could be expected, but the Facebook Connect tools that are so prevalent now, even on Yelp, a site I figured could make it without schlepping, were a surprise.

Facebook Connect, a jquery “widget” that allows you to login to other websites using your Facebook ID, is clever and eerie at once. It allows Facebook to track you when you are not even on their site, and make sure you stay loyal. If that sounds sinister, well it is. What other purpose could there be for making available a service with the single purpose of mediating every interaction or bit of content you add to the web? It seems at first like OpenID, and it is, except that its run by a multi-billion dollar social media corporation.

Die peinlichsten Einträge bei Facebook, StudiVZ und Twitter

565px-Bild_logo.svg

Give Me My Data mentioned in a Bild article:

Die peinlichsten Einträge bei Facebook, StudiVZ und Twitter The most embarrassing messages on Facebook, StudiVZ, and Twitter (English), May 22, 2010

Read the full translation

(translated from German) “Many users are unaware that their comments will be permanently stored in networks. For example Facebook can retrieve all stored Stautusmeldungen. The U.S. Professor Owen Mundy has a developed application, Facebook members ever entered all the data and displays the posts. Under “Select Data”, you select which data you want to see (for example, personal data, status messages). Here also dive old, long deleted on posts, which are provided with a time code. Facebook apparently never forgets.”

“Facebook’s Disconnect: Open Doors, Closed Exits” – TechCrunch

Picture 1

More press for Give Me My Data, this time by Rohit Khare from TechCrunch (thanks for the note Evan.).

Give Me My Data has a more open-ended design that supports exploration and experimentation, in part because it sports an impressive array of formats to download your friend lists and other information for use in other projects such as visualization and charting. Owen Mundy at Florida State originally developed it for his own use, but “this week it kind of exploded because of the interface changes.” That could either be a sign of broader awareness of how much data users share with Facebook; or it could be the acute interest users have in putting profile data that Facebook “lost” right back onto Facebook (a feature that may be coming soon).”

“Facebook App Brings Back Data by Riva Richmond” – The New York Times

logo_nyt

Facebook App Brings Back Data by Riva Richmond, New York Times, May 1, 2010

“The app is “making hackers out of regular users,” says the developer, Owen Mundy, an assistant professor in Florida State University’s art department. And it’s giving them a way to exercise ownership rights over their data. (After all, Facebook’s Statement of Rights and Responsibilities says users “own all of the content and information” they have posted on Facebook.)”

-->