Graphing privacy

6 February, 2013

Graph SearchLast month, Facebook announced its latest innovation: Graph Search, widely regarded as an attack on Google’s dominance in the online search market.

Graph Search is being rolled out gradually across Facebook’s billion-strong user base, and will enable people to conduct “real language” searches of Facebook users. So you can search for “people in Tunbridge Wells who like Pizza Express”, and you’ll get a list of Facebook users who live in Tunbridge Wells and who have clicked the “Like” button on Pizza Express’s website at some point.

Like almost everything that Facebook does, this has given rise to some serious privacy concerns. Web developer Tom Scott started an Actual Facebook Graph Searches on Tumblr, giving some of the more embarrassing, amusing or even alarming examples of Graph Search results.

Facebook’s response to these concerns is that Graph Search will only show information that users have agreed to be made publicly available in their privacy settings. However, Graph Search undoubtedly makes that information far more accessible and usable to the world at large. It’ll be interesting to see if any European data protection commissioners challenge Facebook’s actions here – perhaps arguing that people cannot have given properly informed consent, since Graph Search is so innovative that people could not have had it in mind when they agreed to Facebook’s privacy terms.

As I’ve written before, people tend to focus too much on what information companies hold about them. However, the real impact on privacy comes from what companies are able to do with the data they hold about you: making connections, drawing inference, building up a surprisingly accurate picture about you from what may appear only a small amount of information. You could say that Graph Search puts something of this same power of “Big Data” in the hands of ordinary Facebook users – for good or ill.