People have learned a lot about one another in the last seven years. Online social networks like Friendster, MySpace and Facebook have helped us farm out information in vast quantities at unprecedented rates. We harvest an astoundingly diverse crop of data by the minute: our favorite music, recent photos, sundry commentary, even activity on the network itself. And we're not the only ones tilling. So are employers, law-enforcement agents, advertisers, unclassified strangers. To the individual user, a network like Facebook is a valuable social space that now poses an increasingly urgent question of privacy, or how best to keep your public plot walled in.
To behavioral economists, this dilemma is part of what makes the phenomenon of online networks an extraordinary social experiment. The economics of privacy is, like anything else, a matter of trade-offs: What is gained and lost by revealing, say, the films you like? How about the real identities of 50 of your Facebook friends? The problem isn't that one trade-off is a more significant compromise of privacy than another. (Facebook's ultracustomized privacy controls take care of that.) The problem is that people can't make informed decisions if they don't know exactly what the trade-offs are. And they've proven that they don't.
The first step to having a true sense of the privacy trade-off you're making on a social network is knowing who gets access to the information you post. In a 2006 study, economists at Carnegie Mellon University tested Facebook users on their familiarity with the network's privacy features. Among users who kept Facebook's default privacy settings, more than half underestimated the number of people who could see at least some portion of their profile, citing a figure in the tens of thousands or less. The correct figure was in the millions.
What online networking gaffes do willfully ignorant people make? The most infamous is crossing social spheres—for instance, allowing a compromising weekend photo to be seen by your boss, or even your future boss. Data we make available about ourselves are forms of "economic signaling," says Acquisti. The signal depends on the context in which information is perceived—by friends, colleagues or an unknown future party. On an online network, the signal itself is beyond our control because we don't know and can't predict who will receive it. "We human beings have an innate difficulty in predicting the value of our information," says Acquisti, "[and] how this information can be used in different contexts."
Moli, the new social-networking site from Christos Cotsakos, former head of E*Trade, tries to eliminate this problem by letting people keep separate profiles for different spheres. And Facebook now has an exhaustive set of privacy controls that lets you screen your profile, element by element, for various subsets of people in your network. But these methods, Acquisti points out, quickly raise the question of cognitive cost. Moli is only effective if large numbers of people are willing to put in the time and effort to maintain multiple profiles (they haven't) and if, in doing so, they don't make mistakes. To take advantage of Facebook's meticulous controls you have to know the function and implications of each setting: you have to understand every single trade-off. Three quarters of Facebook users kept privacy settings on default, according to a London study by Sophos, a British information-security firm, in October.
Facebook's fine-tuned privacy controls have evolved over several episodes of user outcry since the network's 2004 launch. Founder and CEO Mark Zuckerberg responded swiftly to protest in 2006 over the News Feed and Mini-Feed features, which broadcast user activity. He reports "coding nonstop for two days" to create even more nuanced privacy settings.
More choice, though, is not always a good thing. CMU's George Loewenstein has studied the adverse effects of choices that "require expertise that people lack [and] introduce new risks when people want security." He thinks it's possible to strike a balance between too little choice and too much. Car manufacturers, he points out, let consumers pick engine sizes, color and the fabric on the seats, but not the design of the seat belt. "Consumers lack expertise about seat-belt design and don't want to invest time learning about it," he writes. Rather than let people figure out the optimal seat belt for themselves, experts pick a standard.
When consumers lack the expertise and clairvoyance to make optimal decisions, responsibility lies with the provider. Networks need to implement stringent default privacy settings, letting users opt into greater exposure from a highly contained circle of contacts, rather than tossing them into the teeming field and letting them build walls for themselves. We'll be grateful for the built-in constraints.