The internet is designed for corporations, not people

Urban spaces are often designed to be subtly hostile to certain uses. Think about, for example, the seat partitions on bus terminal benches that make it harder for the homeless to sleep there or the decorative leaves on railings in front of office buildings and on university campuses that serve to make skateboarding dangerous.

Scholars call this “hostile urban architecture.”

When a few weeks ago, news broke that Facebook shared millions of users’ private information with Cambridge Analytica, which then used it for political purposes, I saw the parallels.

As a scholar of the social and political implications of technology, I would argue the internet is designed to be hostile to the people who use it. I call it a “hostile information architecture.”

The depth of the privacy problem

Let’s start with Facebook and privacy. Sites like Facebook supposedly protect user privacy with a practice called “notice and consent.” This practice is the business model of the internet. Sites fund their “free” services by collecting information about users and selling that information to others.

Of course, these sites present privacy policies to users to notify them how their information will be used. They ask users to “click here to accept” them. The problem is that these policies are nearly impossible to understand. As a result, no one knows what they have consented to.

Users are also unable to protect themselves, as opting out of sites like Facebook and Google isn’t viable for most. David M G/
But that’s not all. The problem runs deeper than that. Legal scholar Katherine Strandburg has pointed out that the entire metaphor of a market where consumers trade privacy for services is deeply flawed. It is advertisers, not users, who are Facebook’s real customers. Users have no idea what they are “paying” and have no possible way of knowing the value of their information. Users are also unable to protect themselves, as opting out of sites like Facebook and Google isn’t viable for most.

As I have argued in an academic journal, the main thing notice and consent does is subtly communicate to users the idea that their privacy is a commodity that they trade for services. It certainly does not protect their privacy. It also hurts innocent people.

It’s not just that most of those whose data made it to Cambridge Analytica did not consent to that transfer, but it’s also the case that Facebook has vast troves of data even on those who refuse to use its services.

Not unrelated, news broke recently that thousands of Google Play apps – probably illegally – track children. We can expect stories like this to surface again and again. The truth is there is too much money in personal information.

Facebook’s hostile information architecture

Facebook’s privacy problem is both a symptom of its hostile information architecture and an excellent example of it.

Several years ago, two of my colleagues, Celine Latulipe and Heather Lipford and I published an article in which we argued that many of Facebook’s privacy issues were problems of design.

Our argument was that these design elements violated ordinary people’s expectations of how information about them would travel. For example, Facebook allowed apps to collect information on users’ friends (this is why the Cambridge Analytica problem impacted so many people). But no one who signed up for, say, tennis lessons would think that the tennis club should have access to personal information about their friends.