Science and Public Policy Advance Access published October 10, 2013

Science and Public Policy (2013) pp. 19 doi:10.1093/scipol/sct072

Social network sites, privacy and the blurring boundary between public and private spaces
Stefan Strau1,* and Michael Nentwich1
1

Institute of Technology Assessment, Austrian Academy of Sciences, Strohgasse 45/5, A-1030 Vienna, Austria. *Corresponding author. Email: sstrauss@oeaw.ac.at.

With social network sites (SNS) becoming a pervasive phenomenon, already existing conflicts with privacy are further intensified. As shown in this paper, online and (once) offline contexts increasingly conflate, thereby posing new challenges to the protection of the private sphere. SNS quickly evolve their features and challenge privacy preferences, often without user consent; social graphs make social relations highly transparent; social plugins interconnect user traces from within and outside the SNS. As the large amounts of personal information available in SNS are processed with context-rich information, the individuals informational self-determination is heavily strained. These data attract potential and real observers for behavioural advertising and also for profiling by security authorities. We argue that the emerging usage of SNS (social plugins, increasing role of biometrics and mobile computing) multiplies privacy challenges as all types of privacy become affected. This raises additional demand for public policy to foster privacy-by-design combined with awareness-raising mechanisms to improve informational self-determination. Keywords: SNS; privacy; socio-technical transformation; technology assessment.

1. Introduction
Social network sites (SNS) are now a widespread phenomenon on the internet. In line with the social need to communicate, SNS provide a wide range of opportunities for sharing, exchanging, creating content and collaborating with others. Despite their relative novelty, there are various studies on the usage and impact of SNS. They cover sociological aspects (Ellison et al. 2007; Steineld et al. 2008; Wanhoff 2011), psychological issues such as internet addiction (Livingstone 2008; Valkenburg et al. 2006) and commercial aspects relating to SNS business models, including data mining for marketing and other purposes (Elmer 2004; Fraser and Dutta 2008), as well as academic usage (Nentwich and Ko nig 2012). Several studies explore (non-)usage patterns with a particular focus on young users (Lenhart and Madden 2007; Hargittai 2007). Further hot issues include the potential misuse of SNS, including risks for child safety, emotional abuse, online bullying etc. (Boyd 2007a). In contrast to those negative aspects, other researchers focus on a

variety of positive effects such as: stimulating creativity, social learning, enabling new modes of participation, strengthening community building and empowerment (Pratchett et al. 2009; Wimmer 2009). Besides their wide scope for application, the sharing of personal data and information is essential to SNS, as every form of social interaction requires a certain amount of information about the parties involved. Thus, SNS are mainly designed to stimulate interactions and elicit or seduce users into revealing personal information. Accordingly, their novel modes of interactivity and networking mechanisms plus the new dynamics of information ows entailed, also challenge privacy in a variety of ways. The potential conicts between social media and the private sphere are among the heavily debated issues in the information society. A number of scholars also focus on user perception and particularly, on privacy and trust (Barnes 2006; Cain et al. 2009; Dwyer et al. 2007; Fuchs 2009; Gross and Acquisti 2005; Lack et al. 2009; Lehavot 2009; Lewis et al. 2008). However, only few studies have analysed privacy

The Author 2013. Published by Oxford University Press. All rights reserved. For Permissions, please email: journals.permissions@oup.com

2 of 9

S. Strauss and M. Nentwich Social interaction relies on sharing (personal) information, which is therefore a core aspect of the design of SNS. A major part of most SNS are the users personal proles with information about themselves, such as interests and activities, which are contained within a digital space that can usually only be accessed upon registration (Nentwich and Ko nig 2012: 20; Schmidt 2009: 23). The prole provides the entry point for further services and applications within the network environment. As the technical functionality and target groups vary, we may distinguish different types of SNS. They vary according to the intended usage forms. In some SNS, private purposes prevail, such as dating or seeking friends (e.g. Friendster), whereas others focus on professional elds with applications such as job seeking, education, business contacts (e.g. Xing, LinkedIn, ResearchGate and Yammer); yet others feature a combination of private and professional use (e.g. Facebook and Google+). Requirements for access also vary: some are open, i.e. they only require a simple registration (Richter and Koch 2008). This is the case with many popular SNS (e.g. Facebook and MySpace). Other platforms offer limited free access, but charge users fees for the full service (e.g. Xing). While many SNS are open for everyone, there are specialised networks that are only open to certain communities, such as a company or research group (e.g. the Ning platform for customisable SNS). The available communication forms vary according to the respective needs (e.g. nudging, chatting, private mailing vs. open communication, micro-blogging, additional functions such as bibliographic search, job exchange, rating etc.). In summary, it can be said that there is an enormous variety of SNS providing users with multiple, new and improved options for networking, participation, collaboration, marketing, doing business, gaming etc. This variety of interactions entails information owing widely across different usage contexts.

aspects in connection with SNS design and usage contexts. This paper contributes to stimulating research in this regard. Based on a literature review as well as on practical tests of different SNS functions and applications, this paper explores the implications of SNS on the notions of privacy and informational self-determination. We focus on the diminishing boundaries between public and private spaces and argue that online and (previously) ofine contexts increasingly conate and hence pose new challenges to the protection of the private sphere.1

2. The SNS universe

SNS are rooted at the core of the so-called Web 2.0 (Knorr 2003; OReilly 2005) which enabled a wide range of novel forms of communication and interaction. The very rst SNS were established in the late 1990s, with a rst boost in 2003 (Heidemann 2010). The now ubiquitous Facebook only started in 2004, Twitter in 2006, Google+ as late as 2011. Nowadays, SNS are not a minority phenomenon, but shape the internet experience of a large percentage of its users. Major network sites like Facebook count hundreds of millions of users worldwide and there are many specialised networks in addition to the major operators. Without doubt, SNS had a considerable impact on internet usage and the wider formation of interactive space. Apart from the main purpose of these platforms to link up their members and map their ofine networks, there is a wide spectrum of other usage contexts, ranging from sharing and creating content to community building and collective action. There have been several more or less comprehensive attempts to dene SNS (or synonymous notions like social networks, social network[ing] sites or services or platforms, see Mack et al. (2007), Richter and Koch (2007) and Schmidt (2009)). A well-known denition of SNS is provided by Boyd and Ellison (2007):
. . . web-based services that allow individuals to (1) construct a public or semi-public prole within a bounded system, (2) articulate a list of other users with whom they share a connection, and (3) view and traverse their list of connections and those made by others within the system.

3. SNS: An expanding semi-public space?

The occurrence of SNS renewed questions about the complex relationship between the public and the private spheres and the spaces between. In Habermas (1989 (German original 1962)) classic work, the public sphere is an integral part of deliberative democracy that intermediates between citizens and their political decisionmakers. More generally, the public sphere is:
. . . an open eld of communicative exchange. It is made up of communication ows and discourses which allow for the diffusion of intersubjective meaning and understanding. (Trenz 2008: 2)

Depending on the applied denition and its interpretation, various services can be categorised under this label, evidently including Facebook, LinkedIn, MySpace, Google+ etc. As the scope and use of other platforms has expanded over time, it is reasonable to also include micro-blogging services (e.g. Twitter), video platforms (e.g. YouTube), social bookmarking services (e.g. Delicious) and even video-conferencing tools (e.g. Skype). As we are interested in the full breadth and variety of the impact SNS may have on the privacy of their users, for the purpose of this paper, we adhere to a broad denition.

It is not merely some form of public communication but involves a deliberative quality that transforms public communication into public opinion (Frazer 2007; Trenz 2008).The emergence of this deliberative quality is linked

Social network sites, privacy and the blurring boundary between public and private spaces to the private sphere, referring to spaces where individuals are able to be and act freely and without interference from others. Where privacy is given and people are enabled:
. . . to engage in worthwhile activities that they would otherwise nd difcult or impossible. (Solove 2006: 484)

3 of 9

The relationship between the private and the public spheres is thus complementary: individuals develop their opinions in their private sphere; by communicating and interacting with others they embody the public sphere (Habermas 1989 (German original 1962)). Both spheres need space to emerge and develop places where individuals can meet, share thoughts, discuss their opinions, exchange ideas etc. without impediment. Limitations on such space for open, communicative exchange might reduce the deliberative quality and transformative capacity which is vital for the formation of the democratic will. In the analogue world, different types of public spaces provide room for both spheres to converge. Where are SNS situated in this regard? At a rst glance, one might conceptualise SNS environments as public spaces, as:
. . . non-domestic physical sites that are distinguished by their relative accessibility [. . .]. (Humphreys 2010: 2)

For Boyd (2007b), SNS can be seen similar as mediated publics and yet another form of public space. However, there are signicant differences between SNS and traditional public spaces. Considering that access to SNS usually demands user authentication, it is a specic space on the internet, which is to some extent separated from others: a sort of semi-public space. A particularly distinguishing characteristic is the visibility of interactions: in a (real-world) public square the behaviour, movements and interactions of individuals are generally visible to others nearby, but there is usually no systematic monitoring of interactions and communication content, which makes this visibility rather ckle, with varying levels of privacy. In SNS, however, social relations and interactions including the content are explicitly observable (and observed) because references between personal (friends, contacts etc.) and non-personal entities (interests, content used, shared, linked, liked, produced etc.) are part of the information processed. With the rapid expansion of the SNS universe additional information is produced. The notion of Web 2.0 also referred to a new software model (web services and outsourcing) where testing of software before commercial release is reduced in favour of economic considerations. This results in a kind of permanent beta status with continuous adjustments incorporating users activities and their feedback (OReilly 2005). In this context, SNS can be understood as a test bed for new applications and technologiesa trend that is exemplied by the many quickly evolving features, functionalities and modalities, which often entail signicant changes in user requirements

and challenge privacy preferences without the users informed consent (e.g. Facebooks obligatory introduction of the timeline feature or the myriads of changes in its interface). Recently, SNS have started to include social graphs using this information to create a map of the social relations of users on a global level.2 This fosters personalised search and enables the search for an individuals specic interests. Together with the information gathered by social plugins from the web outside Facebook, the social graph can be used to map a persons interactions both within and outside the original network. While SNS users can change their privacy settings in their proles and determine which information is accessible to others, this is a rather weak mechanism with limited functionality: the information remains accessible, as interactions may comprise personal and non-personal entities (e.g. content). In addition, user awareness of privacy settings is often lownot least due to the frequent changes in features and settings (Debatin et al. 2009). Furthermore, some user groups seem more concerned about privacy than others. Some reports state that students are reluctant to use their private SNS accounts for e-learning purposes (Nentwich and Ko nig 2012: 39). At least part of the reluctance of researchers to join SNS may be explained by fear of losing control over their privacy (Nentwich and Ko nig 2012: 47). If researchers are very active on various SNS, they will indeed create signicant digital traces across platforms that can be analysed by data-mining tools (Nentwich and Ko nig 2012: 185). This is certainly also true of other user groups. These issues are affected to some extent by the interplay between privacy awareness, different usage patterns and features supported by the SNS. While SNS were a closed environment rather detached from the rest of the web in their early days, their wider diffusion also extended their outreach. A comparison of Facebooks privacy settings in 2005 with those in 2010 shows a signicant growth of information accessible by default, not restricted to SNS users, but also including outside entities.3 Such a trend reveals how privacyby-default turned into what we call disclosure-by-default. This transformation fostered de- and re-contextualisation of (personal) information ows. With an increasing trend towards integrated services and applications the SNS provides a space where users also collect content from the outside web (such as embedded audio, video etc.). This trend became systematised with social plugins, which play a crucial role in the expansion of SNS. Social plugins (most prominently the like button) enable the integration of SNS features into websites outside the SNS environment, and vice versa. These plugins process additional data and build bridges between sites that are otherwise not connected to the SNS. These developments make it not merely challenging for users to customise their

4 of 9

S. Strauss and M. Nentwich are explicitly made visible in SNS. The capability of SNS to map social relations on a global level provides deep insights into the identity and behavioural patterns of individuals. A conict arises between the users intentions to share information and the way this information is used by the SNS (e.g. behavioural targeting and processing of user data for commercial interests). Privacy settings do not provide protection:
. . . since leaking graph information enables transitive loss: insecure friends proles can be correlated to a user with a private prole. (Bonneau et al. 2009: 6)

proles, but they reinforce privacy infringements on a larger scale.

4. Major privacy implications

In the SNS context is everything, and context is a crucial concept in information disclosure (Leenes 2010). The effects of many-to-many relations also concern the understanding of public and private contexts. SNS provide many different application contexts for personal information ows. Starting from a users prole, all kinds of contacts, interactions, features used, links, context produced, linked, shared etc. represent a wide array of contextual layers. There are potential conicts between a users intentions to share personal information and further information processing. Users have rather limited options for controlling these contexts (many of them not even recognisable, such as behavioural advertisements, web bugs, hidden trackers etc.) and the manner in which information is used in the applications (e.g. behavioural targeting and processing of user data for commercial interests). The level of user control relates to the concept of informational selfdetermination (ISD). This term was introduced by the German Federal Constitutional Court in 19834 and denes a situation in which the individual is aware of what personal information is stored and is capable of controlling how it is processed. The main aspects of ISD are context and control over that context of personal information ows. This ties in with the concept of purpose limitation, which is among the core privacy requirements. As SNS process a great deal of personal information with context-rich information, this principle is already strained. Users have limited options for ISD. The problem is exacerbated by the growing number of contextual layers entailed by embedded applications, features and social plugins, because a users ow of personal information can also reach beyond the SNS environment without the user even knowing that it is happening. With the expansion of SNS, the boundaries between the public and private spheres become blurred. Not least due to the wide range of embedded applications in SNS, personal information and user content can hardly be distinguished in these new environments. In addition, the boundaries between personal and non-personal data become permeable, because the wide range of nonpersonal data created in SNS can be used to reveal an individuals identity, leading to the problem of the identity shadow (Strauss 2011). The amount of data traces that every step leaves in a digital (or semi-digital) environment is growing and a persons identity shadow thus provides further possibilities to identify and/or deanonymise an individual on the basis of her data traces. In the process, ones ISD and control over personal information are increasingly undermined. User information, preferences, behaviour, activities, social relationships etc.

Hence, these quickly evolving technologies increase, in combination with SNS, the possibility of identifying and tracking users in an unprecedented manner (see Section 5). These data have considerable value for the surveillant assemblage, that is:
. . . a heterogeneous, loosely coupled set of institutions that seek to harness the raw power of information by xing ows of information cognitively and spatially. (Cohen 2008)

These potential and effective observers of online activities in the public and the private sector benet from further growth of SNS data (e.g. Facebook already counts more than one billion users). The large amount of personal information available via SNS is valuable for business models based on behavioural advertising and for predicting new trends.5 Under the umbrella term predictive policing, security authorities reinforce their efforts to observe online activities and aim at real-time surveillance to identify suspicious behaviour and prevent crimes (Uchida 2010). Recent developments in Europe and the USA for standardised backdoors in cloud services and virtual applications carry these developments forward.6

5. Privacy types affected

In order to substantiate the extent to which privacy is effectively protected and can be affected, different types of privacy (Clarke 2006) can be distinguished. This distinction is important as the different technologies available today entail several types of (potential and real) privacy infringements. The rapid development of technologies and applied techniques makes it even more complicated to identify which types and dimensions of privacy are intruded upon by a particular technology. In addition, the boundaries between these different types are fading. In their taxonomy, Finn et al. (2013) propose additional dimensions to Clarkes approach and name seven types, namely the privacy of:
. the person: the protection of body functions and char-

acteristics, such as biometrics or genetic codes

Social network sites, privacy and the blurring boundary between public and private spaces
. behaviour and action: this type addresses the: . . . ability to behave in public, semi-public or ones private space without having actions monitored or controlled by others.

5 of 9

This involves:
. . . sensitive issues such as sexual preferences and habits, political activities and religious practices . communication: the ability to communicate freely via

different media and without interception including the avoidance of different forms of wiretapping and surveillance of communication . data and image: this type involves the individuals claim that data should not be automatically available to other individuals and organisations. Individuals should have a substantial degree of control over their data and its usage (Clarke 2006); image is a particular:
. . . form of personal data can be mined for biometric data and used to identify, monitor and/or track individuals as they move about public or semi-public space. (Finn et al. 2013) . thoughts and feelings: this privacy type addresses a

persons freedom to think and feel whatever he/she likes without restriction. This type differs from behaviour as thoughts do not necessarily translate into behaviour . location and space: ones right to move freely in private, public or semi-public space without being identied, tracked or monitored . association (including group privacy): addresses the right to associate with whoever they wish without being monitored; this also includes groupings or proles over which one has no control (e.g. involvement in discussion groups) Table 1 outlines those privacy types affected by currently common SNS usage compared to emerging SNS usage.

Table 1.

Privacy types and SNS usage Common SNS usage Emerging SNS usage X X X X X X X

Privacy of . . .

the person behaviour and action communication data and image thoughts and feelings location and space association (including group privacy)

(X) X X (X) X

This mapping can only be general, as the privacy impact depends on the application context: hence it provides an overview and not a strict assignment. Nonetheless, Table 1 indicates how privacy impacts might multiply due to current trends, further developments and the diffusion of SNS. Common usage refers to a standard prole without mobile access and location-based services. Emerging usage incorporates the developments identied in this paper that are capable of extending the array of privacy types affected. These are described below. Finn et al. (2013) developed this classication based on different emerging technologies such as body scanners, biometrics or un-manned aerial vehicles. It enables a differentiated view to examine the privacy impacts of a particular technology. In our context it provides a fruitful heuristic to point out the extending privacy impacts of emerging SNS usage. Contemporary SNS use already affects several privacy types, as Table 1 outlines. Privacy of communication, data and image as well as privacy of association are so far the main types that are most affected, as these are at the core of any SNS usage: communicating and interacting, sharing and creating different forms of content and interacting with other users and user groups. The modes of interaction in SNS include both personal and non-personal entities. The connections and linkages between the different entities produce large amounts of additional data that may also provide insights into behaviour and action (e.g. due to postings on others proles, their interests etc.), as well as users thoughts and feelings. Some SNS features aim at seducing users to reveal more information and directly ask users how are you feeling?, what are you doing? etc. New features such as the like button and other social plugins provide deeper insights into ones interests and preferences. Thus, these types of privacy are also affected, though not to the same extent as the other three types. With further usage and extension to other devices, impacts in this regard are expected to grow further and extend beyond the SNS environment. Considering the fast evolution and continued diffusion of SNS, a reinforcement of existing privacy impacts as well as an extension to additional privacy types can be expected. The list of bulleted points above outlines which privacy types are affected by common and by emerging SNS use, including three major developments that are strongly related to SNS and foster the conation between online and ofine spaces in different ways:
. Social plugins: With the increasing diffusion of social

Source: Own table based on privacy types suggested by Finn et al. (2013). X indicates that a privacy type is widely affected, (X) means that a privacy type is partially affected

media, SNS have become attractive environments to integrate other services and technologies. Social plugins are a major tool of this integration. They allow SNSto be embedded into other websites and enable the absorption of data from the outside web

6 of 9

S. Strauss and M. Nentwich

into the SNS environment and vice versa. This creates additional information on usage patterns also beyond the original SNS environment. As the boundaries between SNS and detached spaces dwindle, different online spaces conate. . Increasing role of biometrics: Face recognition technologies become more sophisticated and are integrated in SNS contexts.7 In 2011, Facebook was the rst SNS to enable the tagging of people on photos and the creation of a link to their proles.8 Google brought in a patent for facial recognition with social network aiding.9 Law enforcement also strengthens efforts to use face recognition combined with photos available on the web.10 This enables a persons physical and virtual appearance to be linked. In addition to face recognition technologies there are already SNS-alike online services that even make use of DNA data.11 . Mobile computing and signicant growth in mobile SNS usage: Mobile social media represent a fast growing market. The amount of mobile data doubled from 2011 to 2012.12 Users increasingly access their SNS proles via mobile devices13 (smart phones, tablets etc.); mobile apps and location-based services (LBS) make SNS usage more attractive. This also affects locational privacy and enables an SNS environment to gather data on location and space (e.g. via location tracking) and to gain deeper insights into users movements and behaviour in the analogue world. Montjoye et al. (2013) highlight the deep privacy impacts of mobile data and demonstrate the unique identication of 95% of individuals by their location data. As mobile computing in general is among the fastest growing markets, protecting locational privacy is one of the main challenges. Together with SNS the array of privacy impacts further expands not least due to apps and LBS that widen personal information ows in addition to location data. To some extent, quickly evolving smart devices such as intelligent glasses (e.g. Google Glass)14 or other wearable computers in the eld of augmented reality (AR) represent the next generation of mobile social media and thus reinforce and trigger additional privacy challenges. With an integrated camera they may enable two-fold tracking: where people are and what they do, a persons movements and actions, and also what this person is looking at. ISD might become heavily stressed with sophisticated AR concepts as they might impose a view on reality enriched with (context) information that subsequently complicates her very own perception of reality and thus her ISD. These trends refer to the emerging role of as ubiquitous computing that successively manifests (C 2011).

6. Overcoming the disclosure-by-default paradigm with privacy-by-design?

As mentioned in Section 3, the privacy settings in SNS changed stepwise towards a disclosure-by-default mode where vast arrays of information are available. To address current and upcoming privacy problems requires a change of this prevailing paradigm. Privacy-by-design (PbD) is an essential concept in this regard to revitalising a privacy-by-default paradigm. One core aspect of PbD is the protection of personal identiable information (PII) (Cavoukian 2009). Embedded PbD features in SNS can at least contribute to avoiding and limiting unintended disclosure of PII. Though in their infancy, approaches towards privacy-friendly SNS such as Diaspora15 already exist. According to Islam and Iannella (2012) Diaspora includes some PbD principles although some of these are more related to security-by-design principles such as encryption features to secure user content. Nevertheless, such approaches are indispensable to cope with existing and emerging privacy challenges. As the SNS universe expands it might also embrace improvements in line with PbD. In this respect, the different privacy types (see Section 5) can be used to conceptualise the requirements of PbD features. Encryption of content is a crucial aspect to cover privacy types such as: communication, data and image, behaviour and action, thoughts and feelings (as these are usually directly related to a specic user). Integrating content encryption into the SNS prole can improve the privacy protection of the user and contributes to effectively securing the content from unintended disclosure. Related to this is un-linkability which is a major requirement for user control and ISD (Strauss 2011). Implementing mechanisms to reduce linkability can enhance the protection of PII (e.g. by surrogating identiers or parts of an ID with random values). With regard to images and photos, obfuscating or pixelating techniques can be used by default in order to delete the link to a specic person.16 This would also reduce privacy infringements due to face recognition. Above all, a privacyfriendly default setting is essential to foster PbD. Aided by technical features, several privacy challenges can be addressed to reduce a per se disclosure of PII. In addition, raising user awareness is also important to stimulate the demand for PbD. Features that allow SNS users to view their own prole from different angles could enable their awareness, for instance by differentiating between how a user prole is presented to contacts, other users or the outside web, together with options to change the modes of presentation. On a more general level, this refers to a distinction between private, semi-public and public spaces. Some features in this regard already exist but so far not in a systematic way and not as requirements of SNS environments. Data protection authorities are important stakeholders for claiming PbD and user awareness features,

Social network sites, privacy and the blurring boundary between public and private spaces also for testing the privacy modalities of SNS and PbD implementation. The more systematic PbD approaches are claimed by policy-makers, the more a systematic scrutiny of the according features in an SNS environment (and beyond) can be conducted. PbD can be understood as a means to bring forward the public value of privacy that has to be protected in a pro-active manner (Nissenbaum 2010). That is, to prevent and avoid privacy infringements instead of merely reacting ex-post to infringements which occur, as this setting is no longer applicable in our informational ecosystem.

7 of 9

2.

3.

4.

5.

7. Conclusions
SNS are a prominent example of a far-reaching transformation of the boundary between public and private as well as online and ofine spaces. Previously separated (online) application contexts merge and also increasingly reach out to previously analogue environments. Complex modes of information processing (partially in cloud infrastructures) also strain the distinction between personal information and user content. Integrative services and technologies foster this conation. Given the rapidly growing number of SNS users, these trends entail a wide range of societal impacts and shift privacy concerns to a higher level. This entails a further loss of ISD, exacerbated mainly by manifold and undetermined usage contexts. With these contexts still increasing, a key challenge for more effective privacy protection can be identied: how to explicitly decouple contexts and related spaces? If privacy is not to become lost in this conation, there is a need to reconsider its public value in a way that reduces commercial exploitation of personal information without shifting responsibility for data protection exclusively onto the users. Accordingly, policy-makers are challenged to foster the implementation of PbD features in combination with mechanisms which raise users awareness of privacy issues. This contributes to upholding ISD and improving controllability over those usage contexts that process personal information. Strengthening the role of Data Protection Agencies in their function of scrutinising privacy protection with regards to the effectiveness of PbD features implemented in SNS environments is also a core aspect of revitalise privacy as a public value. 6.

7.

8.

9.

10.

11.

Notes
1. This paper mainly focuses on the social dimension of privacy in relation to SNS. It does not address a legal perspective. As SNS are a global phenomenon, incorporating such a perspective would suggest analysing a wider array of different regulatory frameworks which is beyond the scope of this paper. However, our analysis addresses some of the major

12. 13.

14. 15.

problems of SNS that can be helpful for policymakers when adapting regulatory frameworks. Such as Facebooks open graph <https://developers. facebook.com/docs/opengraph> accessed 10 July 2013. See <http://www.yalelawtech.org/control-privacytechnology/evolution-of-facebook-privacy> accessed 10 July 2013. Judgment of the First Senate from 15 December 1983, 1 BvR 209/83 et al. Population Census, BVerfGE 65, 1. See, for instance <http://www.insidefacebook.com/ category/social-media-monitoring/> accessed 10 July 2013. See <http://www.edri.org/edrigram/number10.15/etsilawful-implementation-standard> accessed 10 July 2013. With the exposure of PRISM and the Tampora project, there is further strong evidence of large-scale surveillance of online activities by law enforcement agencies. See <http://www.zdnet.com/ prism-heres-how-the-nsa-wiretapped-the-internet7000016565/> and <http://www.guardian.co.uk/uk/ 2013/jun/21/gchq-cables-secret-world-communications-nsa> accessed 10 July 2013. See <http://www.csoonline.com/article/686959/facerecognition-and-social-media-meet-in-theshadows>accessed 10 July 2013. See <http://www.dailymail.co.uk/sciencetech/article2000744/Facebook-face-recognition-technology-Nowknows-look-like.html> accessed 10 July 2013. See <https://www.informationweek.com/internet/ google/google-seeks-social-networking-face-reco/ 229218484> accessed 10 July 2013. For instance, in the next generation identication program of the Federal Bureau of Investigation (FBI) that includes automatic comparing of photos on the web against a national repository of images held by the FBI <http://www.newscientist.com/ article/mg21528804.200-fbi-launches-1-billion-facerecognition-project.html> accessed 10 July 2013. For instance, genebase which promises to nd the perfect matching partner based on DNA samplings. <http://mashable.com/2008/03/07/genebase-dna/> accessed 10 July 2013. Another example is 23andme, which provides online health checks based on genetic testing. See <http://www.ericsson.com/ericsson-mobilityreport> accessed 10 July 2013. See <http://www.comscoredatamine.com/2012/02/ more-than-half-of-people-that-access-social-networkson-their-smartphone-do-so-on-a-near-daily-basis> accessed 10 July 2013. See <https://en.wikipedia.org/wiki/Google_Glass> accessed 10 July 2013. See <http://diasporial.com> accessed 10 July 2013.

8 of 9

S. Strauss and M. Nentwich

edu/viewdoc/download?doi=10.1.1.148.9388&rep=rep1 &type=pdf> accessed 10 July 2013. Ellison, N. B., Steineld, C. and Lampe, C. (2007) The benets of Facebook Friends: Social capital and college students use of online social network sites, Journal of ComputerMediated Communication, 12: 114368. Elmer, G. (2004) Proling Machines. Cambridge, MA: MIT Press. Finn, R. L., Wright, D. and Friedewald, M. (2013) Seven types of privacy. In: Gutwirth, S., Leenes, R., de Hert, P. and Poullet, Y. (eds) European Data Protection: Coming of Age, pp. 332. Dordrecht: Springer. Fraser, M. and Dutta, S. (2008) Throwing Sheep in the Boardroom: How Online Social Networking Will Transform Your Life, Work and World. Hoboken, NJ: Wiley. Frazer, N. (2007) Transnationalising the public sphere: On the legitimacy and efcacy of public opinion in a postWestphalian world, Theory, Culture and Society, 24: 730. Fuchs, C. (2009) Social networking sites and the surveillance society. A critical case study of the usage of studiVZ, Facebook, and MySpace by students in Salzburg in the context of electronic surveillance. ICT&S Center (University of Salzburg), Forschungsgruppe Unied Theory of Information Research Group: Salzburg/Wien <http:// twinic.com/duploads/0000/0509/ICT_Use_-_MySpace_ Facebook_2008.pdf> accessed 10 July 2013. Gross, R. and Acquisti, A. (2005) Information revelation and privacy in online social networks (The Facebook case), In: Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, WPES 2005, held 7 November 2007, Alexandria, VA, V. Atluri, S. De Capitani di Vimercati and R. Dingledine (eds), pp. 7180. New York: ACM Press. Habermas, J. (1989) In: Burger, T. and Lawrence, F. (eds), The Structural Transformation of the Public Sphere: An Inquiry into a Category of Bourgeois Society. Cambridge, MA: MIT ffentlichkeit (1962). Press, (original Strukturwandel der O Berlin: Hermann Luchterhand Verlag). Hargittai, E. (2007) Whose space? Differences among users and non-users of social network sites, Journal of ComputerMediated Communication, 13: 27697. Heidemann, J. (2010) Online Social Networks Ein sozialer berblick, Informatik-Spektrum, 33: 26271. und technischer U Humphreys, L. (2010) Mobile social networks and urban public space, New Media Society, Online First: 116 <http://www. asc.upenn.edu/news/2010/Humphreys_journal.pdf> accessed 10 July 2013. Islam, M. B. and Iannella, R. (2012) Privacy by design: Does it matter for social networks? In: Canemish, J., Crispo, B., Fischer-Hu bner, S., Leenes, R. and Russello, G. (eds) Privacy and Identity Management for Life, AICT, vol. 375, pp. 20720. Berlin: Springer. Knorr, E. (2003) The year of web services, <http://www.cio. com> accessed 10 July 2013. Lack, C., Beck, L. and Hoover, D. (2009) Use of social networking by undergraduate psychology majors, First Monday, 14/12. Leenes, R. (2010) Context is Everthing: Sociality and Privacy in Online Social Network Sites. In: Bezzi, M., Duquenoy, P., Fischer-Hu bner, S. et al. (eds) Privacy and Identity Management for Life IFIP Advances in Information and Communication Technology - AICT, Vol. 320, pp. 4865. Berlin: Springer. Lehavot, K. (2009) MySpace or yours? The ethical dilemma of graduate students personal lives on the internet, Ethics and Behavior, 19: 12941. Lenhart, A. and Madden, M. (2007) Social networking websites and teens: An overview in Pew Internet and American Life

16. For instance, Facebook is censoring images they nd offensive according to their usage policy <http://www. dailymail.co.uk/sciencetech/article-2104424/Face books-bizarre-secretive-graphic-content-policyrevealed-leaked-document.html> accessed 10 July 2013. This is a highly controversial and complex issue affecting other fundamental rights such as freedom of expression, which cannot be discussed here. However, if SNS providers are technically able to interfere with user content, then it might be more appropriate to foster anonymisation of personal photos and images, for instance on the basis of legal regulation to protect users privacy instead of censoring their content.

References
Barnes, S. B. (2006) A privacy paradox: Social networking in the United States, First Monday, 11/6 <http://rstmonday. org/ojs/index.php/fm/article/view/1394/1312> accessed 10 July 2013. Bonneau, J., Anderson, J., Anderson, R. and Stajano, F. (2009) Eight friends are enough: Social graphs approximation via public listings, SNS 2009, 138 <http://www.cl.cam.ac.uk/ rja14/Papers/8_friends_paper.pdf> accessed 10 July 2013. Boyd, D. M. (2007a) Why youth (heart) social network sites: The role of networked publics in teenage social life. In: Buckingham, D. (ed.) MacArthur Foundation Series on Digital Learning Youth, Identity, and Digital Media Volume, pp. 11942. Cambridge, MA: MIT Press. (2007b) Social network sites: Public, private, or what?. Knowledge Tree, 13, May <http://www.danah.org/papers/ KnowledgeTree.pdf> accessed 10 July 2013. and Ellison, N. B. (2007) Social network sites: Denition, history, and scholarship, Journal of Computer-Mediated Communication, 13: 21030. Cain, J., Scott, D. R. and Akers, P. (2009) Pharmacy students Facebook activity and opinions regarding accountability and e-professionalism, American Journal of Pharmaceutical Education, 73/6: Article 104 <http://www.ajpe.org/aj7306/ aj7306104/aj7306104.pdf> accessed 10 July 2013. as, J. (2011) Ubiquitous computing, privacy and data protecC tion: Options and limitations to reconcile the unprecedented contradictions. In: Gutwirth, S., Poullet, Y., Hert, P. D. and Leenes, R. (eds) Computers, Privacy and Data Protection: An Element of Choice, pp. 13969. Berlin: Springer. Cavoukian, A. (2009) Privacy by design . . . take the challenge. Information and Privacy Commissioner of Ontario, Canada <http://www.privacybydesign.ca/content/uploads/2010/03/ PrivacybyDesignBook.pdf> accessed 10 July 2013. Clarke, R. C. (2006) Whats privacy? <http://www.roger clarke.com/DV/Privacy.html> accessed 10 July 2013. Cohen, J. E. (2008) Privacy, visibility, transparency, and exposure, University of Chicago Law Review, 75: 181201. Debatin, B., Lovejoy, J. P., Horn, A. K. and Hughes, B. N. (2009) Facebook and online privacy: Attitudes, behaviors, and unintended consequences, Journal of ComputerMediated Communication, 15: 83108. Dwyer, C., Hiltz, S. and Passerini, K. (2007) Trust and privacy concern within social networking sites: A comparison of Facebook and MySpace, In: Proceedings of the Thirteenth Americas Conference on Information Systems, held 912 August 2007, Keystone, CO <http://citeseerx.ist.psu.

Social network sites, privacy and the blurring boundary between public and private spaces
Project <http://apo.org.au/?q=node/16749> accessed 10 July 2013. Lewis, K., Kaufman, J. and Christakis, N. (2008) The taste for privacy: An analysis of college student privacy settings in an online social network, Journal of Computer-Mediated Communication, 14: 79100. Livingstone, S. (2008) Taking risky opportunities in youthful content creation: Teenagers use of social networking sites for intimacy, privacy and self-expression, New Media and Society, 10: 393411. Mack, D., Behler, A., Roberts, B. and Rimland, E. (2007) Reaching students with Facebook: Data and best practices, Electronic Journal of Academic and Special Librarianship, 8/2 <http://southernlibrarianship.icaap.org/content/v08n02/ mack_d01.html> accessed 10 July 2013. Montjoye, Y.-A. D., Hidalgo, C. A., Verleysen, M. and Blondel, V. D. (2013) Unique in the crowd: The privacy bounds of human mobility, Nature Scientic Reports, 3/1376 <http://www.nature.com/srep/2013/130325/srep01376/ pdf/srep01376.pdf> accessed 10 July 2013. Nentwich, M. and Ko nig, R. (2012) Cyberscience 2.0. Research in the Age of Digital Social Networks. New York: Campus. Nissenbaum, H. (2010) Privacy in Context: Technology, Policy, and the Integrity of Social Life. Stanford, CA: Stanford University Press. OReilly, T. (2005) What is Web 2.0? Design patterns and business models for the next generation of software <http://www.oreilly.de/artikel/web20.html> accessed 30 August 2011. Pratchett, L., Durose, C., Lowndes, V., Smith, G. et al. (2009) Empowering communities to inuence local decision making. Evidence-based lessons for policy makers and practioners. London: Communities and Local Government Publications. Richter, A. and Koch, M. (2007) Social Software Status quo und Zukunft. Mu t fu nchen, Germany: Fakulta r Informatik, Universita t der Bundeswehr Mu nchen, <http://www.unibw. de/wow5_3/forschung/social_software> accessed 10 July 2013. and (2008) Funktionen von Social-NetworkingDiensten. In: Bichler, M., Hess, T., Kramar, H.,

9 of 9

Lechner, U. et al. (eds) Multikonferenz Wirtschaftsinformatik 2008, pp. 123950. Berlin: GITO Verlag. Schmidt, J. (2009) Das neue Netz. Merkmale, Praktiken und Folgen des Web 2.0. Konstanz, Germany: UVK. Solove, D. (2006) A taxonomy of privacy, University of Pennsylvania Law Review, 154: 477560. Steineld, C., Ellison, N. B. and Lampe, C. (2008) Social capital, self-esteem, and use of online social network sites: A longitudinal analysis, Journal of Applied Developmental Psychology, 29: 43445. Strau, S. (2011) The limits of control (Governmental) identity management from a privacy perspective. In: Fischer-Hu bner, S., Duquenoy, P., Hansen, M., Leenes, R. and Zhang, G. (eds) Privacy and Identity Management for Life - IFIP Advances in Information and Communication Technology - AICT vol. 352, pp. 20618. Berlin: Springer. Trenz, H. J. (2008) In search of the European public sphere. Between normative overstretch and empirical disenchantment, RECON Online Working Paper 2008/07 <http://www. reconproject.eu/main.php/RECON_wp_0807.pdf?leitem= 16662548> accessed 10 July 2013. Uchida, C. (2010) A national discussion on predictive policing: Dening our terms and mapping successful implementation strategies. Washington, DC: US Department of Justice, <https://www.ncjrs.gov/pdfles1/nij/grants/230404.pdf> accessed 10 July 2013. Valkenburg, P. M., Peter, J. and Schouten, A. P. (2006) Friend networking sites and their relationship to adolescents wellbeing and social self-esteem, CyberPsychology and Behavior, 9: 58490. Wanhoff, T. (2011) Wa(h)re Freunde - Wie sich unsere Beziehungen in sozialen Online-Netzwerken verandern. Heidelberg, Germany: Spektrum Akademischer Verlag. Wimmer, J. (2009) The publics behind political web campaigning. The digital transformation of classic counter-public spheres. In: Baringhorst, S., Kneip, V. and Niesyto, J. (eds) Political Campaigning on the Web, pp. 3151. Bielefeld, Germany: Transcript Verlag.