Summary by Pamela Wisniewski, Natalya Bazarova, Ben Marder, Antti Oulasvirta & Jayant Venkatanathan
Our Mission: Find solutions to grand challenges of Networked Privacy. At first, we attempted to tackle “Active Boundary Management over Time within Social Networks;” however, we soon realized that this topic was much too broad. Therefore, we narrowed down our focus to the temporal aspects of boundary management and the permanence of data in Social Network Sites (SNSs). We found that solutions to this problem were still elusive, but we attempted to remain optimistic in our approach.
Problem Scenarios: Photos uploaded during college years become visible to newly friended colleagues from the workplace. The needs of a user of a location sharing service change when she is feeling down or depressed and is not in a mood to be social or interact with others. The information sharing preferences of a couple that breaks up can be different before and after the breakup. There are among the many challenges that confront users when it comes to managing their disclosures in online social networks over time. Hence it is imperative to provide the right tools and mechanisms that support users’ needs in terms of temporal management of the information that they disclose in SNSs.
Deep versus Lasting: While users can certainly benefit from better temporal control over their information disclosure, it is not clear whether consequences of providing tools to help users accomplish this goal are in line with the goals of SNSs such as Facebook. One of the goals of these companies is to have access to information about users such as the books they read, the places they visit and the topics they discuss with their friends. This information, for example, can be used to provide targeted ads to users. A possible motivation for SNSs to implement temporal boundary options that emerged in our discussions is that increased temporal control can enable users to share privacy sensitive information that they might not have otherwise shared due to precisely the kind of temporal disclosure requirements illustrated in the examples above. While this would inevitably mean that these sites facilitate easy removal of information from the sites on a time basis, this can also lead to the companies being able to collect deeper and better personal information, as opposed to information that has more permanence on the website. While the extent of the validity of this argument requires probing and further validation, it is plausible that providing for such control can be a win-win proposition for both users and businesses.
Design Solutions: With this problem and motivation in place, we went on to discuss potential tools and solutions to help users manage their boundary regulation in SNSs over time.
Increasing Temporal Awareness – A first category of solutions to emerge in our discussions were tools that enhance user awareness regarding the content and visibility of the information users had disclosed in the past. These included presenting summary statistics of posts from the past to the user (for example a tag cloud highlighting key words in her posts from a particular year) and presenting snapshots of posts from the past (for example a random photo uploaded by the user 2 years ago). The idea for this was in fact sparked off by discussions from the design team, where they had referred to this as “making it creepy!” Other solutions towards enhancing user awareness of information shared in the past that cropped up in our discussions revolved around policy and nomenclature. For instance, SNSs providing clarity towards the storage and accessibility of the information that users post or using terminology such as “Photo Archive” or “News Stream” to cue a temporal expectations to users. This would include avoiding confusing and misleading terms to denote features of the SNS (this is commonly referred to as “calling a spade a spade” in HCI circles).
Communicating User Expectations – A particularly challenging aspect for users is the interaction of the online social network with the offline. Online social networks are often extensions of face to face physical networks and information disclosed online can propagate through offline channels and vice versa. Hence in a scenario where a user shares a certain piece of information in the online network and decides to delete it after a period of time, that information has been viewed by his contacts and can still be further spread via interactions offline. A solution for this problem would be to provide a feature that notifies all contacts that have viewed a post when that post is deleted. This feature, which we referred to as “social undo”, would enable these contacts to understand that the owner of that information does not want to share it any more and that they should hence not spread it any further. By integrating the ability for users to explicitly state their temporal boundaries to others within their network, SNSs could reduce the occurrence of privacy violations due to a lack of coordination. Another interesting idea was the “what happens in Facebook stays in Facebook” feature that would allow a user to flag posts that they don’t want to be discussed outside the online social network, hence implicitly conveying the same to her contacts.
Making It Fun – Next, we set out to incorporate SNS design features that could help users manage the temporal aspect of their disclosure in an enjoyable way. These included ‘time bombs’ (posts that get automatically destructed after a certain period of time), the ‘time machine’ (the ability to specify a period of time in the past and delete all posts falling within that period), the ‘time delay’ (new posts go into a ‘quarantine’ for a period of time before becoming publicly visible to contacts (this can help users retract data that they might have inadvertently shared or, for example, data that they shared when drunk that they would not have normally shared in a sober state), ‘time capsule’ (putting a post to a “capsule” that opens after some period of time, e.g. one year) and ‘time zombie’ (linking back / “resurrecting” posts from distant past). Picking up from an idea of the team that discussed the business aspects, we discussed how these tools could be made fun and engaging to the users, and the names that we gave to each of these features reflect that fun aspect that we attempted to bring in.
Summary: While these solutions may not be feasible given either the complexities of interface design or possibly a conflict of interest between the user and the SNS, our group decided that brainstorming any possible solutions is the best step to tackling the grand challenges of Networked Privacy. The grandest challenge of our research community may be to bridge the gap between SNSs and end user privacy goals instead of continuing to play a zero-sum game.