Conversations about privacy are an increasingly vital part of any planning process for a membership-driven website. Having been engaged in such a conversation for a new project and fielding support emails for an existing one, it’s been on my mind quite a bit lately.
We’re all managing a lot of personal data, whether we’re running sites that might be described as “social networks” or simply a blog that provides a way to connect up a commenters contributions. On any new project questions inevitably come up about whether or not users should be able to hide their profiles or specific pieces of information, often influenced by the way facebook’s closed walls give a sense of privacy by not letting google index profile data. I’m given to thinking that facebook’s approach has actually hurt such discussions, by implying a level of privacy they don’t really offer.
The problem is that approaches like facebook’s are far more about an illusion of privacy than any actual protection. The artifacts of our online presence, our comments, our photos, etc. and perhaps more importantly our friends’ comments and photos, are never going to be entirely shielded just because we can hide our profiles, but hiding profiles can make us think that protection is there. Similarly attempts by some sites to hide profiles from users who aren’t logged in offers an illusion. Because there’s a hurdle to see your profile it’s tempting to think that it’s protected, but that’s simply not the case.
Our designs need to guide people to be careful about what they’re putting in their profiles rather than having those profiles hidden, and to remember that their online artifacts will last even if the attention given to them dips from its initial high. Unless we’re providing something much more secure than a “hidden” profile, we should avoid the implication that our tools (rather than their behaviour) are what will offer privacy.
[Obviously there are some cases where our architecture needs to work harder to offer privacy, but that’s far from the general case]