Our Essay

Our current society is highly dependent on the internet. We communicate with one another online, order food online, listen to music online, and even do schoolwork online. This widespread dependency on the internet means that what happens online can very easily have an impact on people’s real lives. This is most clearly apparent in the context of social media. Social media provides previously unheard-of opportunities for internet users to interact with content from around the world. At the same time, social media’s novelty means that it introduces a certain amount of chaos to society. One form this takes is the violation of privacy. The concept of privacy is difficult to define, but one possible definition that has relevance for social media is the right to control access to one’s personal information (Tunick, 2014). This is a relevant concern in the context of social media; social media’s global nature allows both users and social media companies themselves to access large amounts of personal data both with and without consent. Because of this, it is crucial for users to educate themselves about the harm that can be caused by privacy breaches on social media. The harm that social media can cause in terms of privacy is twofold: first, the structure of social media websites discourages users from considering how their data is being collected and used. However, there are steps that users can take to combat the privacy risks associated with this. Second, the widespread use of social media allows users to violate the privacy of others in ways that were previously impossible. There are steps users can take to deter these violations of privacy as well. Ultimately, social media users’ personal information must be protected from both social media companies themselves and from other users.

In order to understand the behaviors associated with privacy on social media, it is crucial to understand the structure of social media websites. According to Trepte (2015), social media websites have two types of affordances (or, in other words, ways of using social media): warm affordances, which are easy to understand and relate to the social functions of the website, and cold affordances, which are more difficult to understand and relate to the website’s privacy policy and the use of data. In other words, social media is perceived by users both as a simple and straightforward means of connecting with others and as a difficult-to-understand avenue for data collection by social media companies. Navigating privacy on social media means participating in warm affordances while also remaining aware of cold affordances (Trepte, 2015). Privacy on social media is therefore shaped by the structure of social media websites. Because these websites have two competing purposes (connecting users with their peers and collecting data), users’ experience of privacy is influenced by their efforts to balance those two purposes.

The concepts of warm and cold affordances are useful for understanding how social media is structured, but, from the information cited above, it is less clear how they impact users’ behaviour when it comes to social media and privacy. After all, Trepte’s article is purely theoretical and lacks real-world examples of how these affordances affect users’ experiences of privacy. Other literature, however, provides a clearer picture of how social media users’ experiences of privacy are shaped by both warm and cold affordances. For example, Fox and Royne (2015) found that, the more thoroughly users understood privacy policies, the more fear they experienced. This suggests that the intimidating nature of privacy policies may encourage users to ignore social media’s cold affordances, effectively preventing them from considering how social media companies’ use of data affects their privacy.

This conclusion is supported by Marwick and Boyd (2014), who interviewed teenagers about social media use and privacy. A notable omission in the article is any information about how the teenagers navigate cold affordances and social media companies’ collecting of their information: although the authors discuss the opaque and difficult-to-understand nature of social media privacy settings, the examples given of how teenagers navigate privacy in a digital world centre almost entirely on social strategies, such as wording posts in a way that would only be understandable by certain readers (Marwick & Boyd, 2014). This indicates that teenagers do not consider privacy policies or social media companies’ use of data when thinking about privacy on social media. In light of Trepte’s writing on warm and cold affordances, this means that the teenagers interviewed for this study were essentially missing one half of the balance that must be considered when navigating privacy on social media.

This lack of attention to cold affordances can be traced back to their difficult-to understand nature, which stems from social media companies’ presentation of policy. Fox and Royne (2015) note that social media privacy policies often are not presented in a way that can be easily understood by users. This is because privacy policies are written to protect social media companies from legal action rather than to be understandable to users (Fox & Royne, 2015). Despite this, they are often presented to users in a way that emphasizes how data collection will benefit users and their experience rather than how it benefits the company (Fox & Royne, 2015). In other words, social media privacy policies are opaque due to not being written with users in mind, and they are also intentionally presented in a way that brings to mind social media’s warm affordances. This maintains the difficult-to-understand nature of the cold affordances associated with data collection both by ensuring that privacy policies are difficult to understand and by motivating users to think about data collection through the “warmer,” easier-to-understand framework of how it will impact their experience using the website.

It may be argued that cold affordances do not require as much consideration as warm affordances when thinking about privacy. After all, the privacy violations created when information is nonconsensually shared with other users are recognizably severe in a way that the consequences of data collection by companies are not. When discussing privacy settings on social media, for example, Marwick and Boyd (2014) give the example of a queer university student who was accidentally outed to his parents after a Facebook group’s privacy settings caused his membership in the group to be announced to his entire online social network. This incident, which is essentially social in nature, immediately registers to readers as a violation of privacy with potentially harmful consequences. It is difficult to visualize a consequence of data collection by social media companies that would have as much of a tangible impact on the affected user’s life.

However, the less dramatic nature of data collection does not mean it is a less pressing privacy concern than the sharing of personal information to other users. In 2014, for instance, Alex Kogan used a personality quiz to collect likes, dislikes, and other public data from the Facebook accounts of 270,000 participants and connect it to their personality traits (Van der Linden, 2023). He also collected data from the Facebook friends of everyone who participated in the quiz, a practice that was permitted under Facebook’s terms of service at the time (Van der Linden, 2023). Kogan then sold the resulting tens of millions of sets of data to Cambridge Analytica, who used it to micro-target political ads to American voters, potentially impacting the outcome of the 2016 American presidential election (Van der Linden, 2023). This series of events demonstrates the severity of the privacy violations that can emerge from data collection. Although Kogan’s initial collection of data was within Facebook’s terms of service and therefore arguably consensual, his subsequent sale of the data was done without the consent of the users, depriving them of control over the use of their data. As was discussed above, this is the very definition of a privacy violation. In addition, this breach of users’ privacy had real-world consequences in the form of micro-targeted political advertising, which may have influenced the behaviour of American voters and consequently led to the election of Donald Trump. Data collection by social media companies and other entities is therefore a significant privacy concern: even if data is provided consensually, there is a certain loss of control involved in data collection, and users have no real way of preventing their data from being used in ways that they would consider unethical.

Collection of data is often discreet, which can make it difficult for users to understand how their data is being used. When creating a social media account, users leave behind a digital footprint consisting of the data they provided to the social media platform (Hetler, 2023). This digital footprint can be used by companies to track users and collect personal information (Hetler, 2023). Through privacy policies, users agree to the use of their data when they create a social media account (Hetler, 2023). However, as mentioned above, these privacy policies are often difficult to understand, meaning that users may not be aware of how much of their data is being collected or how it is being used. In addition, social media companies use the data they collect both for their own use and to sell to other companies (Fox & Royne, 2018). This means that a user who thinks their information is only visible to their social media followers may be unknowingly providing personal data to large numbers of companies. A user who is not aware of how social media companies may be using their data is therefore putting their privacy at risk; it is easy for a person who is not taking into account cold affordances to inadvertently provide more information to social media companies than they would otherwise. Consequently, it is crucial for users to be aware of how their data is used and what steps they can take to protect their privacy.

Because of the risks involved in sharing data with social media platforms, some would argue that there is no safe way to engage with social media. In light of the risks to privacy that are involved in social media use, it is reasonable to be cautious about opening social media accounts. Hetler (2023), for example, suggests that users think carefully before opening a new social media account and ensure that social media sites are safe before joining them. However, this does not have to mean cutting out social media entirely: the strategies available to mitigate security risks from data harvesting are numerous and easy to implement. For example, Hetler (2023) recommends that users disable location-sharing through both their device’s security settings and the privacy settings of individual apps, limit the information they provide to social media websites, and, as was previously mentioned, minimize the number of social media accounts they open. These measures are straightforward and can ensure that users minimize the amount of their personal data that is being collected and sold by social media platforms. Therefore, it is possible to use social media safely despite companies’ collection of data; users simply need to be informed and proactive.

The awareness of social media privacy issues that is required for users to navigate social media safely is already becoming prevalent. For example, in a 2018 survey, 80% of social media users said they were concerned about advertisers and businesses accessing the data they share on social media platforms. (Rainie, 2018). Many users are therefore already aware of the privacy risks associated with cold affordances, despite social media companies’ efforts to make their privacy policies obscure and misleading. This means that many users are likely willing to take steps to protect their privacy online. However, data collection is not the only privacy concern that social media users have to worry about.

In addition to the risks posed by social media companies themselves, individuals’ privacy is also at risk from other users. Although the issue of people’s personal information being published without their consent has long been a subject of legal and ethical discussion, the rise of the internet and smartphones has greatly expanded who can publish this information (Tunick, 2015). Tunick (2015, p. 3) refers to this expansion as the “democratization of the media”: with the rise of the internet, the wide sharing of information is no longer limited to traditional media outlets, but can instead be accomplished by anyone with a smartphone and internet access.

The democratization of the media has several implications for privacy. In particular, social media and other online platforms are sometimes used to share the faces or other personal details of people who a user feels has done something wrong (Tunick, 2015). A relatively recent example is the use of Twitter to expose the identities of Neo-Nazis in the aftermath of the 2017 white supremacist rally in Charlottesville (Pringle, 2017). In an effort to make sure participants of the rally faced consequences for their actions, a Twitter account posted photos of the people involved and encouraged other users to submit the names and user profiles of anyone they recognized (Pringle, 2017). This form of activism was made possible by the democratization of the media: because Twitter allows users to easily share information with the public, the activist running the account was able to rapidly determine and publish the identities of the protestors in the immediate aftermath of the event. A more traditional medium, such as a TV news station, would not have been able to accomplish this so quickly.

It may be argued that “naming and shaming” the perpetrators of immoral acts cannot be considered a privacy violation, as revealing these people’s personal information is done in the name of protecting public safety. Tunick (2015) notes that a person’s desire for privacy is not always justified: some information is of legitimate interest to the public regardless of whether the people involved want it to remain private. However, the democratization of the media complicates this argument. When anyone with a smartphone and internet access is able to publish another person’s personal information, anyone’s definition of “legitimate interest to the public” can be used to justify that publication.

The ability to find and share other people’s information on social media is not limited to users who are acting in the best interests of society. For example, the pornographic website IsAnyoneUp operated using user-submitted nude photos, which, as the site’s owner noted in an interview, were often submitted without consent by stalkers or angry ex-partners (Garfield, 2011). A key feature of the website was that it included links to the social media profiles of the people in the photos, which worsened the impact of nonconsensually shared photos by clearly linking them to victims’ identities (Garfield, 2011). Through this and other websites, social media has been used as a tool to publicly humiliate users for breaking up with or refusing the advances of others. Social media can be used to quickly expose the identity of a neo-nazi who was photographed at a rally, but it can just as easily be used to expose the identity of a woman whose ex-boyfriend decided to share her nude photos with the internet to humiliate her.

In addition, these risks are not limited to adults. For example, social media places children at risk of sexual exploitation by making it easier for underage users to share sexually explicit photos of themselves (United Nations Children's Fund [UNICEF], 2022). These photos may originally be intended to share with same-age romantic partners but, just like sexually explicit photos of adults, they are sometimes nonconsensually shared with a wider audience (UNICEF, 2022). Nonconsensual sharing of sexual images is therefore an issue that affects children as well as adults. This means that the privacy threat posed by other users online is a key consideration for protecting the safety of children online. Having sexual photos shared without consent is a humiliating and traumatic experience even for adults, but it poses an even more tangible threat to safety when the victim is a child.

Even when the underlying motive for exposing personal information is benevolent, it can still pose a significant privacy risk to innocent people. For example, in 2013, Reddit users banded together to try to identify the person behind the Boston Marathon Bombings, but ultimately identified an innocent person as the culprit (Pringle, 2017). Such missteps can have devastating effects for the people whose information is shared on the internet along with accusations of crime or misconduct. The democratization of the media means that any social media user can potentially become a threat to someone else’s privacy, even if they believe they are acting in the name of the public good. Therefore, it is crucial for users of social media to take steps to protect their information not only from social media companies themselves but also from abuse by other users.

The democratization of the media means that, in addition to being able to share other people’s information with a wide audience, users also have the ability to share their own information. This carries potential risks to privacy. For example, Hetler (2023) notes that social media posts contain a wide variety of personal data that can then be used by companies or scammers, including religious beliefs, employment history, and contact information. Although this data is freely shared by the users who post it, its subsequent use by third parties can compromise users’ privacy in ways they had not anticipated.

In order to avoid these breaches of privacy, it is important for users to be conscious of what they share online. Hetler (2023) recommends that social media users avoid sharing too many details about themselves online in order to avoid negative outcomes such as harassment or identity theft. Taking these measures can help to promote online privacy by preventing companies or other users from gaining information that could violate a user’s privacy. In cases of doxxing or harassment such as the ones described earlier, withholding personal information on social media can make it more difficult for other users to identify or learn about potential targets.

It may be argued that these safety measures constitute victim-blaming. After all, Hunter Moore, the owner of IsAnyoneUp, justified his website’s existence by arguing that women should not send nude photos to men if they do not want the photos to be posted on the internet (Garfield, 2011). On the surface, the recommendation that people be selective about what information they share online sounds like a different phrasing of Moore’s argument. However, Hetler’s recommendation to limit information-sharing online centres around educating users about the potential risks involved in social media and what steps they can take to minimize those risks. Moore, on the other hand, argues that social media users who were not aware of or did not consider the risks inherent in sharing information online are personally responsible for what other users choose to do with their information. These are two very different points, and only the latter involves blaming users for violations of their privacy. Recommending that users take measures against privacy breaches, such as limiting the information they share, does not necessarily involve blaming them for the actions of other users. Far from constituting victim blaming, these recommendations are necessary to protect and empower users in light of the many risks to privacy on social media.

In conclusion, social media involves numerous threats to privacy from both companies and other users. However, there are numerous steps users can take to protect themselves from these threats. However, as is discussed above, there are steps that users can take to combat these threats. Threats to privacy have become a fact of life in the digital age, and it is becoming increasingly obvious that social media use can be a hazard as well as a force for good. As technology continues to improve and develop, it is essential that society also develops in its understanding of the destructive capabilities that social media holds.

The Democratization of Media

by Cheryl

When I was in grade 11, my team won a regional academic competition and was invited to attend the global round in Barcelona. Unfortunately, our school couldn’t pay for us to go and neither could our parents, so the responsibility of raising money for the trip fell to us. After a few discussions about our fundraising options, I woke up one morning to this Instagram message from one of my teammates:

Figure 1

Screenshot of message

Note. Personal screenshot.

I hadn’t been involved in the decision to use the photo, but having it up didn’t bother me at all; I saw no reason to ask her to take it down until I casually mentioned it to my mom at breakfast and she spent the next ten minutes yelling at me for letting someone post a photo of me online. I was shocked. I never posted photos of myself online, but plenty of my classmates did, so I didn’t understand why my mom was so upset that someone had shared a photo with me in it.

As an adult, I can better understand how changes in the way information is shared shaped my mom’s response. When she was a teenager, she and her peers had no way to publicize photos to a wide audience other than perhaps stapling them to a telephone pole. By 2018, when the GoFundMe was posted, my teammate was able to share a photo with the entire world using only her smartphone. She didn’t even  need to run it past anyone first, not even the other people in the photo. This is what Tunick (2015) refers to as the “democratization of media” (p. 3): in the age of social media and the internet, the ability to share information is no longer limited to traditional media outlets such as newspapers and TV stations, but is instead in the hands of the general public.

So, what does all this have to do with social media and privacy? To put it simply, social media is a major force behind the democratization of media. Social media websites can be used to share a wide range of information, from the identities of white supremacists to the addresses of people who are being targeted for harassment (Pringle, 2017). This kind of free sharing of personal information is something that wasn’t possible before the internet, and it brings with it a lot of potential risks to privacy.

What if, instead of a group photo for a GoFundMe, my teammate had shared an embarrassing or potentially compromising photo on Instagram? It would have been just as easy, and she would have just as little obligation to tell me about it before posting. The democratization of media means that anyone can easily share information about someone else, regardless of the impact it might have. If she had chosen to post something more personal than a photo that happened to have me in it, what could I have done? What impact would that have on my life? When I reflect on these questions, my mom’s angry reaction to the photo begins to make more sense.