Yesterday, I received an unsolicited email asking for my activism around Facebook. The email stated that “Whether Facebook likes it or not, they are in the business of human rights and security, so they better start investing in it. And it’s not just repressive regimes that are exploiting Facebook’s security vulnerabilities, identity thieves and hackers steal people’s information off Facebook everyday too.” The message goes on to call on Facebook to better secure their platform to protect people revolting against dictators – this seems clearly in response to the MidEast situation – and suggest four direct courses of action.
Anonymize. Repressive regimes of the world love Facebook because if an activist wants to use Facebook they have a choice: reveal their identity to their oppressors or be deleted by Facebook (which is exactly what happened to the Egyptian Facebook page “We are all Khaled Said” when its administrators used a false identity).
Secure. Facebook should install HTTPS (as opposed to HTTP) – a simple, cheap, and highly effective security solution – as a default feature across the entire platform, not just as an opt-in for users buried deep in your account settings.
Protect. Facebook needs to recognize that human rights defenders who use their platform require special care. To protect their content, secure their accounts, and appeal wrong decisions, a “concierge service” needs to be set up that can respond quickly to the genuine risk these users face.
Resist. Every day, hundreds of millions of people entrust their private information to Facebook, but its policies detailing how private data will be shared are weak. Facebook should resist overboard requests from governments on either side of the firewall to reveal user information, disclose no more information about their users than is legally required, and inform the user so they can legally respond.
Now in principle, I support these calls to action, and want these protections for people who are speaking out for democracy or a better way of life in their home countries, and for ordinary people who just want their personal information protected – as a FB user, I’m one of them. But I also know that there are just some things you shouldn’t post online since they might come back at you some day – nothing is really secure.
What unsettled me over this message, enough that it was still with me this morning, was a simple question – is all of this Facebook’s job? Is Facebook in the ‘business of human rights and security?’ Should they be required to set up a ‘concierge service’? While anonymity is important for democracy seekers fearful of repressive regimes, what about child predators? Some of these suggestions look fairly straightforward, others do not. I’m a bit conflicted here – would welcome others’ thoughts.