The current ‘row’ about Facebook’s privacy settings, and the similar ‘affair’ about privacy on Google Buzz raise one significant question: why do companies like Facebook and Google make privacy so complicated? That, it seems, is one of the key problems, particularly in Facebook’s case. According to the New York Times, Facebook’s privacy policy has 50 different settings and 170 options, and the policy is longer than the US Constitution – closing in on 6,000 words.
Why? Is it complicated simply because privacy itself is complicated? Well, it’s certainly true that privacy isn’t as simple and clear cut as some might imagine, but does that really mean that privacy policies, and privacy options need to be so complex as to require a law degree to even begin to understand? It’s hard to justify – and for companies that demonstrate immense creativity when it comes to designing new products and services, and excellent ways to make those products and services simple to use and easy to understand, it does seem quite surprising that they can’t make their privacy policies easy to understand and their privacy options simple to use. They have the experience and the expertise to find a way – if they really want to.
So why don’t they? Two reasons immediately spring to mind, one simple and in some ways reasonable, the other much more pernicious. The first is that until recently they simply didn’t care enough about it – and didn’t think their users cared enough about it. A privacy policy was something that only concerned lawyers (to cover their potential liabilities) and geeks (who are those who bleat on about privacy), and lawyers and geeks don’t need things to be simple to understand and use – they need things to cover all the relevant issues in a logical and coherent fashion…. which leads to documents the size of the US constitution and 170 options and 50 different settings. What’s more, they want their creative minds and experienced programmers to be working on the ‘important stuff’, not wasting time and money on something like privacy policies that no-one really care about. So, from a business point of view, putting effort into making privacy simple and understandable would be wasteful. And boring, too, for the creative people.
The second possible reason is far more shady – maybe they want to make privacy complicated because they don’t want people to know what they do and what the implications are? If an ordinary user has to wade through a document the size of the US constitution, and spend their time choosing between 170 options and 50 settings, the chances are that they simply won’t bother. And if they don’t bother, and leave the settings on what Facebook choose as the defaults, then everything’s much happier, at least for Facebook.
I wouldn’t like to suggest that the second is true – the first is far more likely. However, if the second does have an element of truth to it, we might start to see that over the next year or two. Public interest in privacy appears to be growing – the question is how companies like Facebook respond to it. If things change, and change quickly, that would tell us a lot. If they don’t, and if there is more prevarication and less action, that would tell us something else entirely.