Moscow-based I-Free and its app Girls Around Me crystallized the online privacy debate this week, and, I suspect, will begin the end of our long era of digital naivete.
It's as though the online community has been living in the Garden of Eden all these recent years, and we're all taking a bite of the apple all at once. There are consequences to our behaviors: companies that rely on our data to make their money are not going to suddenly start protecting that data. It's time for you and me to get serious about what we put online, and where.
Although the Girls Around Me app was completely disturbing, I-Free did nothing wrong in the way it collected and displayed data (i.e., "girls"). Its app simply aggregated publicly available information from Facebook and Foursquare, using APIs that were freely distributed by those sources, and presented it in a highly unsavory way.
You could argue, as many did, that the app crossed a moral or behavioral line, because the women it presented hadn't signed up to be displayed on Girls Around Me, and had no idea their movements were being tracked and their information aggregated in such a stark, and yes, scary fashion. We're past that point online, however. It's time to realize, internalize, and truly understand that publishing anything publicly online means you have, in fact, opted in. And you probably won't like where your data eventually ends up.
What I-Free just did was show us (again) what's possible in the world of publicly shared social data. It's kind of like last year, when we all realized how Spokeo and other data brokers harvest publicly available information to create unbelievably detailed dossiers about people. It was shocking, it felt like it should be illegal, but it's not.
Spokeo or I-Free can use this data because it's public. It's an invasive, disturbing, and potentially damaging use of public information, but it's not technically illegal. The difference, though, is that as a matter of law you can't choose to hide information that's public, which is primarily what identity services are scraping. You can choose what you publish on Facebook or Foursquare, and more importantly, you can choose what's public. So start choosing--actively, consciously, and responsibly.
We put our cards on the table, and I-Free picked them up. The company is complaining that it's being scapegoated, and that's somewhat true. I-Free isn't the target here, and it's not helpful to complain about "creepy" apps anymore.
What is helpful is to lock down your data, and tell your friends and family to do the same. Because these app developers--and that includes Facebook, Foursquare, and everyone else who's making money off peddling data--have close to zero incentive to protect the user.
I am not normally one to put all the burden on the consumer. I'd love it if companies were accountable for the way they use our information, and the dream of a "culture of privacy" in Silicon Valley is as appealing as it is unlikely. As I've written about before, data collection is lucrative and widespread, and it isn't going anywhere. Don't expect new apps to pay much more than lip service to user privacy, and don't expect Facebook privacy settings to get any less confusing.
On the positive side, these kinds of public-consciousness tipping points are pretty disruptive: one of Facebook's worst fears is that you and I freaking out about privacy will start to hurt its business. A collective end of Internet innocence will, in the long term, force change in the way companies interact with us and our data.
In the future, let's hope there's no way to build an app that harvests the publicly available data of young women and serves them up on a platter for horny, bar-going males. But we only get to that future if we take control of our information, once and for all. Let's just make it simple: if you want to have a public profile, don't put compromising or overly personal information on them. And if you want to overshare, fine: make it private. That isn't so hard, is it?