To the Teacher
Social media companies are tracking a tremendous amount of information about our activity online, and they are selling this information for profit. These companies have become huge businesses by offering advertisers and other interested parties data about the items we click on, the things we might like or dislike, and the opinions we express. We don’t have to pay to use social media services because we are the product being sold.
Occasionally, the extent to which corporations are profiting from data about users erupts into public scandal. Uproar ensues when a company is hacked and personal information is stolen, or when political groups use detailed data to influence voters on social media platforms. But underneath such headline-grabbing incidents are broader issues about of privacy and what we can do to control our personal information online.
Thankfully, while debate continues in the public sphere about regulating social media companies, young people are actively thinking through questions about what information they want to put online and how they can control their digital presence in this age of over-exposure.
This lesson consists of two readings. The first reading looks at how corporations make a profit from our data, and it considers potential policy solutions to this problem. The second reading focuses on how young people are making their own decisions about online privacy. Questions for discussion follow each reading.
Note: This lesson is Part 3 of a series of lessons on social media.
- Part 1: Does Social Media Make Us More or Less Connected?
- Part 2: Social Media and the Future of Democracy
- Part 3: Can We Protect Our Privacy on Social Media?
Reading One: What Are They Doing with Your Data?
Although you can create an account on Facebook, Instagram, Snapchat, and other social media platforms without paying any money, there’s a hidden cost: the sacrifice of your privacy. Social media companies are tracking a tremendous amount of information about our activity online, and they are selling this information for profit. These companies have become huge businesses by offering advertisers and other interested parties data about the items we click on, the things we might like or dislike, and the opinions we express. In general, we don’t pay to use social media services because we are the product being sold.
What does it mean that we are the product? To get a better idea, we can look at the data-mining behaviors of a company like Facebook. In an April 2018 article for The New York Times, technology reporter Natasha Singer examined how Facebook uses our data. She reports that Facebook “meticulously scrutinizes” our online lives, and not just to show us targeted advertisements. The details that many of us regularly provide on Facebook, such as our age, employer, relationship status, likes and location, are just one part of the information that Facebook analyzes and uses. For example, she writes:
Facebook tracks both its users and nonusers on other sites and apps. It collects biometric facial data without users’ explicit “opt-in” consent.
And the sifting of users can get quite personal. Among many possible target audiences, Facebook offers advertisers 1.5 million people “whose activity on Facebook suggests that they’re more likely to engage with/distribute liberal political content” and nearly seven million Facebook users who “prefer high-value goods in Mexico.”
“Facebook can learn almost anything about you by using artificial intelligence to analyze your behavior,” said Peter Eckersley, the chief computer scientist for the Electronic Frontier Foundation, a digital rights nonprofit….
When internet users venture to other sites, Facebook can still monitor what they are doing with software like its ubiquitous “Like” and “Share” buttons, and something called Facebook Pixel — invisible code that’s dropped onto the other websites that allows that site and Facebook to track users’ activity….
“Facebook provides a network where the users, while getting free services most of them consider useful, are subject to a multitude of nontransparent analyses, profiling, and other mostly obscure algorithmical processing,” said Johannes Caspar, the data protection commissioner for Hamburg, Germany.
From time to time, this corporate data-mining erupts into scandal, like when a company is hacked and personal information is stolen. But sometimes scandal erupts from a legal use of social media data. This happened in 2018, when it was revealed that the firm Cambridge Analytica used Facebook data to construct detailed personality profiles of U.S. voters and target them with specific advertisements. In a March 2018 article for the Chicago Tribune, business reporter Ally Marotti described the uproar. She wrote:
Facebook CEO Mark Zuckerberg promised in a post Wednesday that the social media company would do more to protect its users’ data. “We have a responsibility to protect your data, and if we can't then we don't deserve to serve you,” he wrote.
Zuckerberg’s post came following public outcry in response to a report last weekend from The New York Times and The Observer of London that Cambridge Analytica, a political data firm hired by the Trump campaign, gained access to private information of more than 50 million Facebook users, including their profiles, locations and what they like. The firm claimed its tools could analyze voters’ personalities and influence their behavior with targeted messages.
Cambridge Analytica improperly acquired the information, Facebook has said, but it wasn’t stolen. Users allowed the maker of a personality quiz app to take the data. About 270,000 people took the quiz several years ago, the Times reported, and the app-maker was able to scrape data from their Facebook friends. He then provided the data to Cambridge Analytica….
Since the report last weekend, several American and British lawmakers have called for greater privacy protection and asked Zuckerberg to explain what the company knew about the misuse of its data….
The debate over internet privacy legislation in the U.S. has shifted from the federal to state level in recent years, but proponents argue there aren’t enough laws at either level to adequately protect users.
If corporations are using our social media data to sell us products, influence our decisions, and affect our votes, all with limited legal oversight, what can be done?
In 2018, the European Union passed the General Data Protection Regulation (GDPR), one of the tougher online privacy laws in the world. In a May 2018 article for The New York Times, London-based technology correspondent Adam Satariano explained the measure:
The new law requires companies to be transparent about how your data is handled, and to get your permission before starting to use it. It raises the legal bar that businesses must clear to target ads based on personal information like your relationship status, job or education, or your use of websites and apps.
That means online advertising in Europe could become broader, returning to styles more akin to magazines and television, where marketers have a less detailed sense of the audience.
Some of the tools companies develop to comply with the GDPR might be made available to users whether they live in Europe or not. Facebook, for example, announced in April that it would offer the privacy controls required under the new law to all users, not just Europeans….
[Y]ou can ask companies what information they hold about you, and then request that it be deleted. This applies not just to tech companies, but also to banks, retailers, grocery stores or any other organization storing your information. You can even ask your employer. And if you suspect your information is being misused or collected unnecessarily, you can complain to your national data protection regulator, which must investigate.
So far in the U.S., companies can choose whether or not they want to abide by such European-style standards. Public interest advocates argue that this has left Americans exposed to abuses. As more people become aware of the negative effects of corporate data-mining, demands to change public policy domestically may well gain greater traction.
- How much of the material in this reading was new to you, and how much was already familiar? Do you have any questions about what you read?
- According to the reading, what kinds of information does a corporation like Facebook collect about its users? How does it make money from that data?
- Have you seen evidence in your own online experience that you are being tracked and that your data is being used, perhaps in ways you hadn’t anticipated?
- Do you think that the use of user data described in the reading is abusive, or simply something that people voluntarily opt into as a condition of using social media platforms? Explain your position.
- What is meant by the expression, “if you’re not paying, you are the product”? What do you think of this idea?
- According to the reading, what are some of the effects of the GDPR? What do you think of these requirements?
- What other changes would you like to see in privacy protections here in the United States?
Reading Two: How Are Young People Protecting Their Privacy?
Online privacy—or lack of it—can have real-world impacts. Using social media puts us at risk of data-mining and surveillance, and it also leaves a permanent record that can be examined by employers, university admissions departments, family members, bullies, and political opponents. Such a prospect might give many users pause, even if they otherwise enjoy their lives online.
Thankfully, while debate continues in the public sphere about regulating social media companies, many young people are actively thinking through questions about what information they want to put online and how they can control their digital presence.
In a 2016 article for Vox, Irina Raicu, Internet Ethics Program Director at the Markkula Center for Applied Ethics at Santa Clara University, examined several studies of the privacy behaviors of young people and young adults. She summarized her findings:
[P]eople between 13 and 35 do care about keeping some control over their information, and take measures to protect their privacy online, even as they sense that most such measures are imperfect solutions.
It may surprise you to find out that 60 percent of the teens surveyed … “say they have created accounts that their parents were unaware of, such as on a social media site or for an app.” That is a privacy-protective measure: When it comes to privacy violations, the people teens are most worried about are their parents. As the report notes, “teens greatly value having some level of privacy from their parents when using the internet.”
The older “young people” surveyed by Hargittai and Marwick report that they deploy a wide variety of privacy-protective measures: “Using different sites and apps for different purposes, configuring settings on social media sites, using pseudonyms in certain situations, switching between multiple accounts, turning on incognito options in their browsers, opting out of certain apps of sites, deleting cookies and even using Do-Not-Track browser plugins and password-management apps.”….
[A] Pew Research study notes that “young adults generally are more focused than their elders when it comes to online privacy.” That study asked about some privacy-protective strategies, as well: Among the 18-to-29-year-olds surveyed, 74 percent said they had cleared cookies and browser histories, 71 percent had deleted or edited something they had posted, 49 percent had configured their browsers to reject cookies, 42 percent had decided not to use certain sites that demanded their real names, and 41 percent had used temporary user names or email addresses. In each of those categories, the younger users surpassed their elders.
Some young people are taking even more drastic approaches, either aggressively self-censoring what they post or leaving social media behind entirely. Faced with bullying, mental health concerns, and the relentless pace of maintaining a social media presence, some are choosing to move relationships offline.
In a March 2019 article for Fast Company, Sonia Bokhari, an 8th grader who leads her middle school’s Gay-Straight Alliance and is a member of the school’s Environmental Club, gave an account of why she decided to dramatically curtail her social media use after feeling that her privacy had been violated. She wrote:
My parents had long ago made the rule that my siblings and I weren’t allowed to use social media until we turned 13, which was late, compared to many of my friends who started using Instagram, Wattpad, and Tumblr when we were 10 years old….
[S]everal months ago, when I turned 13, my mom gave me the green light and I joined Twitter and Facebook. The first place I went, of course, was my mom’s profiles. That’s when I realized that while this might have been the first time I was allowed on social media, it was far from the first time my photos and stories had appeared online. When I saw the pictures that she had been posting on Facebook for years, I felt utterly embarrassed, and deeply betrayed….
[My mom and my sister] were surprised when they heard how I felt, genuinely surprised. They didn’t know I would get so upset over it, because their intentions weren’t to embarrass me, but to keep a log and document what their little sister/youngest daughter was doing in her early childhood and young teenage years….
In the months since I discovered my unauthorized social media presence, I became more active on Facebook and Twitter. But it wasn’t until I’d been on social media for around nine months that I thought seriously about my digital footprint.
Every October my school gave a series of presentations about our digital footprints and online safety. The presenters from an organization called OK2SAY, which educates and helps teenagers about being safe online, emphasized that we shouldn’t ever post anything negative about anyone or post unapproved inappropriate pictures, because it could very deeply affect our school lives and our future job opportunities….
While I hadn’t posted anything negative on my accounts, these conversations, along with what I had discovered posted about me online, motivated me to think more seriously about how my behavior online now could affect my future… I realized that being 13 and using social media wasn’t a fantastic idea, even though I wasn’t obsessed with it and was using it appropriately. My accounts now remain dormant and deactivated….
My friends are active social media users, but I think they are more cautious than they were before. They don’t share their locations or post their full names online, and they keep their accounts private. I think in general my generation has to be more mature and more responsible than our parents, or even teens and young adults in high school and college….
Just as young people have set the trends for which social media platforms rise and fall, they can also change the conversation about how we engage with these corporations and maintain control of our digital lives.
- How much of the material in this reading was new to you, and how much was already familiar? Do you have any questions about what you read?
- According to the reading, what are some decisions that young people are making to protect their privacy online?
- Have you tried any of the strategies discussed in this reading? If so, how did they go for you?
- Sonia Bokhari reports that she felt betrayed when she went online and saw information that her mother had posted about her when she was a kid. Have you ever experienced something like this? What sort of conversations do you think families and friends should have with one another to make sure they are respecting each other’s privacy?
- Do you think more young people will choose to quit or substantially reduce their use of social media in the future? Or do you think social media usage will continue grow? What factors might affect the future role of social media in our lives?
Research assistance provided by John Bergen.