Week 4 Case Study Do people who use Facebook have a legitimate claim to privacy when they themselves are posting information about themselves? Yes, because the information they are posting about themselves is willingly shared. If there is a privacy dispute about something they chose to make public, then there is no claim. If the privacy dispute is about something else though, as seen in many of the class-action cases, then the claims are legitimate. For example, the information about browsing when outside of Facebook is an invasion of privacy because Facebook did not ask the people if it was okay for them to do so. On the other hand, linking apps to use in conjunction with Facebook is giving them explicit permission to see the apps you are using. The facial recognition feature can identify someone who may not want to be identified in a picture or may reveal their identity to someone who they didn’t want their identity revealed to. Like in the other situations, if Facebook has explicitly asked if its okay to automatically tag you in pictures, then it is your decision to share that information. Changes to the privacy settings that the users are not aware of can be argued as an invasion of privacy because the users are unaware of the new settings and are blindly falling into the hands of Facebook’s advertising tactics and such. If the user accepts the change and then later removes the acceptance, no new information should be collected about them and the old information collected about them should be deleted. How can using the sharing privacy controls help preserve your privacy on Facebook? In what ways is the sharing control ineffective? a. By using the sharing privacy controls, users can specify the types of information on their Facebook that they want shared to their friends, friends of friends, or to the public. These privacy controls are more granular-based, as users can be more or less restrictive with each piece of content they share, even if they previously had all of their status updates and photos set to be shared with everyone. This privacy control feature includes a new option which allows users to “customize” a specific friend list or network to share a post with. This ability to specify the privacy settings can help preserve your privacy since it places a settings button right next to the “share” button on every post. These new controls also automatically restrict shared information to friends and friends of friends for users under 18. b. Although the sharing control allows users to specify the audience for each post, it is still relatively easy to overlook the button. This results in the selection of the default option, which shares the information to the public, even if a user’s previous settings were more restrictive. This aspect renders the privacy control ineffective. With this new feature, Facebook made the general privacy settings more difficult to access and more complicated to navigate. Most users will unknowingly default to sharing their information to the public, instead of going through the hassle of editing the privacy settings of over 170 categories of information. These actions, along with the placement of a “like” button on many outside Web sites, make it easier for Facebook to share users’ personal information with these sites, even when the user is not really aware of all the destinations of his or her interests. The process a user would have to complete in order to terminate this external information flow is very difficult and requires directions from a source outside Facebook. Although this new privacy feature is seemingly easier than before, in reality, it grants Facebook another way it can share personal information without most users’ knowledge or permission. Why would Google combine information from separate accounts across its services and sites have privacy implications for its users? This is mainly due to the fact if one service gets compromised all the rest will follow. Look up your address on Google Street View. Do you believe Google Street View constitutes a breach of privacy? Why or why not? Should Google seek your permission before putting pictures of your house online? Street View potentially invokes two sets of rights: the UK's Human Rights Act, based on the European Convention of Human Rights, which gives everyone a right to respect for their privacy, and the Data Protection Act. The Data Protection Act requires companies to notify people when collecting their personal data. In most cases, consent is not required, just notification. Taking one person's portrait for a commercial use would require notification of who is taking the photo and why. But taking a photograph of a street, in which people happen to appear, is less clear-cut: there is an argument that this is processing of their personal data under the UK Data Protection Act; but there is another argument that it is not. As for our Human Rights, case law acknowledges our expectations of privacy when our photographs are taken. On the street, the courts say that these expectations generally are low, unless we're the focus of the picture. Author JK Rowling successfully argued that a paparazzo's photograph of her family breached her infant son's right to privacy (as opposed to her own), where the family was the focus of the camera. The Court of Appeal said: "If the photographs had been taken ... to show the scene in a street by a passer-by and later published as street scenes, that would be one thing, but they were not taken as street scenes but were taken deliberately, in secret and with a view to their subsequent publication." By the reasoning of that case, Google's focus on street scenes, not individuals, makes a breach of human rights unlikely. There are valid emotional arguments against Street View. I don't think there's a strong legal one. One last factor that the ICO might have considered: many people are likely to find the service useful. Many people and businesses will be grateful that our ICO can take a pragmatic view of new technology. Regulators should not stand in its way without good reason.