In the last twelve hours I’ve received several identical (and supposedly personal) Facebook messages from legitimate friends urging me to check out an application that will identify who has a crush on me by sending text messages to my phone (I can only imagine the flood of spam and advertisements that this service has in mind).

It was just a matter of time before hackers and spammers directed their efforts at Facebook. One can only hope that Facebook is taking good care of the personal data based on the settings we have selected within their ‘privacy settings’. Would there be any reason to doubt them?

I attended the Facing up to Facebook session at the University of Ottawa, yesterday. It was a panel discussion with Law and Technology Faculty Professors Jeremy de Beer, Ian Kerr, Jane Bailey, Val Steeves and Michael Geist and it was moderated by Andy Kaplan-Myrth.

The discussion was lively and informative and had a unique mix of social media participants (Profs de Beer, Kerr and Geist) and observers/researchers (Profs Bailey and Steeves). While there was a clear recognition of the role of social media tools such as Facebook, the discussion focussed largely on the impacts of these technological gathering places on culture and privacy, and their not-so-subtle use for corporate interests.

I found it particularly interesting when the panel explored the influence of culture on the need for social media tools and influence of social media tools on culture. Prof. de Beer introduced the room to John Fiske’s concept of Semiotic Democracy, “the delegation of the production of meanings and pleasures to viewers”.

The majority of the conversation focused on privacy concerns, the misrepresentation of information sharing controls as privacy controls and the use of aggregate information (not specific information) to generate consumer profiles. Prof. Bailey wondered if privacy is now passé. Indeed, social media tools are about publicity and micro-celebrity rather than privacy.

The session reinforced my realization that businesses that have stood up social media services (such as Facebook) are manufacturing a three-tiered privacy-crippled environment:

• crippling amounts of information that creates an environment in which privacy may be possible through obscurity
• crippling suite of options designed to perpetuate a false sense of privacy
• crippling terms of use agreements designed to protect the interests of companies through obscure language, excessive text and circular references beyond the patience and comprehension of most people

Excerpts of the Facing up to Facebook session are available in this week’s episode (#95) of the Canadian Podcast Buffet. The entire session will be released as a podcast through the University of Ottawa.

As of this morning, the Petition: Facebook, stop invading my privacy! group has 10,141 members. At some point the group should get the attention of the powers-that-be of Facebook and their advertisers.

I have joined the group and signed the associated petition because I can see how Facebook is bending a number of social rules and not championing a culture of security and privacy. This is not a concern for those who are cautious about the handling and sharing of their information but for those who haven’t been educated on how and when to trust the companies and people they deal with. And, for the record, Facebook has offered a boatload of reasons for people to not trust them.

Perhaps the biggest problem is the way in which companies (read: their lawyers) structure their Terms of Use, Usage Agreements and Privacy Policies. The agreements are often confusing even for well educated people and, more significantly, they’re unnecessarily long. By structuring their agreements in this manner, companies are purposefully taking advantage of their market. I would go so far as to say that they are ’setting up’ their market to take the fall.

Larry Lessig’s approach to contracts is a model that should be adopted by all legal departments - particularly those that are playing in the Web 2.0 playground. The Creative Commons license agreement takes a convoluted legal document and summarizes it in a simple and elegant deed that everyone can understand. Basically, Mr. Lessig has put the power of the law where it belongs — in the hands of the commons. By doing so, he has equipped them to self-regulate which is what people want in Web 2.0. [Hey Larry! Can you create the Privacy Commons???]

Facebook can argue that it offers a great deal of flexibility for its members to make changes to their privacy settings. This abundant flexibility is confusing and takes a fair bit of time to understand and tweak because there are many groupings of granular privacy settings — some settings may override others. Facebook needs to offer a simpler model with stronger default settings and have the additional flexibility available should people want the granular control.

Facebook is being presented with a beautiful opportunity to set the example for all Web 2.0 companies by establishing and managing a simplified and sustainable culture of trust for its community. The ball is in their court and whether they dribble, pass or go for the net will determine the future of Facebook and its peers.

BOOK RECOMMENDATION… The Privacy Payoff: How Successful Businesses Build Customer Trust written by Ann Cavoukian (Privacy Commissioner, Province of Ontario) and Tyler Hamilton.