Our project was to plan and implement an advocacy and awareness campaign concerning the Stop Online Piracy Act. This piece of legislation, currently being debated in Congress, would place severe restrictions on Internet activities and free speech. The act also restricts Americans’ ability to obtain affordable prescription drugs from abroad. SOPA is the culmination of entertainment and pharmaceutical industry pressure on Washington to place stringent protections on intellectual property, and the resulting draconian measures threaten to undermine the fundamental principles of Internet freedom. The Internet has grown at such an astonishing rate because it has largely rejected harsh restrictions on user activity. SOPA violates the theoretical pillars necessary to the Internet’s functionality, and breaking the Internet in such a fashion would bear negative consequences for individuals and businesses that rely on the Internet’s facilitation of free information exchange.

       In formulating our project, we decided that a campaign aimed at students and tailored to their concerns would maximize the effectiveness of our efforts. We thus chose to use Internet and social media based methods of communication, and we concentrated our substantive content on issues most relevant to college students. We did not limit our coverage to these issues though, as we aimed to provide a breadth of information about the bill’s negative consequences. By using social media platforms, traditional media outlets, and two different blogging platforms, we were able to spread our message to many Yale students and provide valuable information about SOPA’s Internet-breaking policies to the campus. We hope the lasting impact of this campaign will not only be to facilitate continuing interest in SOPA’s progress, but also to engender a general sense of vigilance in the form of participatory democracy concerning free speech and Internet regulation that resonates well into the future.

Part 1: Launching a Campaign

       Our primary goal of this project was to spread awareness of SOPA and hopefully rally others around opposing it. In order to do this, we tried to appeal to many different groups by using a variety of platforms (Facebook, Twitter, WordPress). We also attempted to broaden our appeal by using satire and humor in addition to more pointed intellectual critique of the legislation. We tried to tap into the very things that SOPA would likely cut into: user-generated content, memes and places where you can share links. While we created a lot of our own content, we also tried to post relevant and interesting articles and sites that others had made. One particularly enjoyable and interesting story involved “The Megaupload Song” that received a takedown request, presumably automated, from some RIAA-related entity (Universal Music Group) because it featured many RIAA artists even though Megaupload (a major file-sharing site) owned all the rights to the video. If you’re curious, the (quite catchy) song can be found on Youtube, and there’s more information here. Also, if you’re into remixes, check out this link.

       A major challenge for our group in promoting the anti-SOPA movement was fighting the general Yale apathy and our generation’s apathy that comes with having people constantly inviting you to do things (spamming you). This challenge was exacerbated by finals period, and consequently, we weren’t able to get an Op-ed published in the YDN (as they stop publishing early in December). However, we were able to raise a good amount of awareness as many Yalies hadn’t even heard of SOPA prior to our outreach. Through explaining SOPA’s specific relevance to college students as well as posting some of the amazing articles and content available around the web, we were able to educate (and hopefully inspire) a lot of people.

       As of this writing, our Facebook page has 130 likes which is equivalent to about 3 percent of the Yale Undergraduate population.  While this number is fewer than we would have liked, we speculate that many people for political reasons and/or page like accumulation effects were reluctant to like our page. However, our Facebook page insights seem to indicate that many people still benefited from and engaged with our content. As we see below, our weekly total reach (the number of unique viewers who saw our content from 12/8/11 to 12/14/11) was 3,303 and peaked at 5,191 for the weak ending 12/12/11. Thus, a large percentage of Yale undergraduates likely read something we posted and learned more about SOPA.

       To complement our Facebook and WordPress, we created a Twitter account, @StopSopaYale, to complete our social media approach. The Twitter was useful in that it let us keep a small but interested group completely up to date on every #sopa happening. Additionally, the Twitter account was useful because it let us retweet other people’s views and comments on the SOPA debate. This allowed us to combine other people’s opinions with our own and give a lot of different viewpoints on the topic. The Twitter page was also an interesting foray into trending topics and extremely concise posts, a nice contrast to the more drawn out and in depth arguments of our WordPress blog.  Currently, we have 20 Twitter followers and we are on the list of one anti-SOPA advocate.

       In our opposition to SOPA we took both the pragmatic path into what specifically the SOPA legislation said and would do immediately (and why their is concern about intellectual property protection) as well as the somewhat hyperbolic path, wherein we demonstrated the absurdity of how broadly SOPA is written and speculated on the potential consequences that SOPA could have. In this way, we provided our audience both with a quick draw in (the two line memes and absurd scenarios depicted in videos) as well as further information if they were interested in understanding the issue on a deeper level.

Part 2: A Creative Approach

       In raising awareness within the Yale community about the flaws of SOPA, we aimed to create original content which would specifically appeal to Yale students, both in addressing issues relevant to our audience and by presenting this material in an entertaining form.  Thus, we created internet memes, videos, an op-ed for the Yale Daily News, and a blog.  Additionally, we wrote an anti-SOPA form letter for Yale students to send to their members of Congress which was tailored to reflect a Yale student’s perspective.  Finally, to make all of this content easier to access, we either linked the material to the Stop SOPA at Yale Facebook page or we created static HTML pages for the material with corresponding tabs to our Facebook page.

Internet Memes:

       The use of internet memes provided an effective and engaging way to point out the ridiculous elements of SOPA.  In generating our anti-SOPA memes, we drew from internet memes which were already popular and recognizable, such as the Lazy College Senior or Futurama Fry.  Thus, Yale students would be able to easily recognize the humor which we aimed to convey. Plus, internet memes can be easily shared and transformed.  Consequently, we hoped that our fans would not only share our anti-SOPA memes, but would also craft similar memes themselves.  Some topics which our memes addressed were the possible end to interactive websites such as Facebook and Wikipedia, the end to fair use online, and the halting of future innovative online start-ups.

Video Posts:

       Similar to the internet memes, the videos which we created aimed to point out insensible aspects of SOPA in a humorous way.  However, through videos we could portray these aspects in a more in-depth form to help our audience gain a better understanding of the problems created by SOPA.  For instance, the video entitled SOPA Courtroom Battle illustrates the extreme changes SOPA will make in criminalizing copyright infringement.

Form Letter:

       By creating an anti-SOPA form letter, we hoped to encourage students to be active participants in the Stop SOPA at Yale campaign, rather than just passive followers.  While creating awareness on campus about SOPA is important, it was equally important to us to inspire a response to the bill.  As mentioned above, we tailored the form letter to address the concerns of Yale students.  This form letter, with instructions on how to send it, was posted both on our Facebook page and our blog so that it could be easily accessed.

Op-Ed:

       As another form of outreach on campus, our group wrote an op-ed piece to be published in the Yale Daily News.  Unfortunately, it was too late in the semester for the op-ed to be published immediately, but it can currently be found on our blog and an updated version will be posted in the YDN early next semester.  Like our other creative content, the op-ed piece exemplifies many of the problems with SOPA and the article’s sarcastic, comical tone aims to keep our readers engaged and entertained.  Also, the op-ed piece directs our readers to visit our Facebook page, AmericanCensorship.org, and Wired for Change.

Blog:

       The Stop SOPA at Yale blog provides a forum for our group to express our opinions about SOPA extensively and provides a space for our followers to contribute their own viewpoints.  Similar to the op-ed, the blogs are written with the goal of being both informative and compelling.  Our blog posts touch on a variety of topics, ranging from the different camps of anti-SOPA supporters to the effect SOPA can have on healthcare.  In addition, three of our members held a live blog session to cover Congress’ markup debate of SOPA.  Through the blog, our group elevates our position in the anti-SOPA movement: not only do we provide a channel of information to Yale students, but we are also contributing to the online voices against SOPA.

Part 3: Becoming a Part of the Action

       One of the more interactive aspects that we integrated into Stop SOPA at Yale was our creation and operation of a live blog. After learning that there would be Congressional debate held to discuss the SOPA legislation on Thursday, December 15 (which just so happened to fall in the middle of our SOPA campaign), we realized it presented a great opportunity to add very direct and significant value to our campaign efforts. We would have been foolish not to somehow take advantage of the fortuitous timing of the most defining event to take place regarding SOPA to date. Sooo, we decided to conduct a continuous live blog during the House of Representatives’ Full Committee Markup. For the sake of clarification or if you are not really sure what a markup is, it is “The process by which congressional committees and subcommittees debate, amend, and rewrite proposed legislation.”

       Up to that point, the majority of our campaign’s content was based upon content published online, in the news, by political commentators, activists, etc. We had yet to really dig deep into the real diplomatic activity and reality of what was actually happening with SOPA on Capitol Hill, or among the politicians who will ultimately dictate the bill’s fate. We knew that by monitoring and providing commentary on the live debate IN CONGRESS, it would add a heightened level of authentic value to our campaign.

The very nature and benefits of maintaining a live blog carried unique advantages that fundamentally differed from the other aspects of our campaign (Facebook page, normal blog, memes, creative scenes, op-ed, etc)….

       Live blogging gave us a channel to portray not only our opinions about SOPA and why people should take a stand against it, but also the ability to present a discussion based on the statements made by representatives in Congress to support our previously published content. Furthermore, as proactive “Anti-SOPAs,” conducting this event forced us to seriously pay attention to what is ACTUALLY going on with SOPA in the political sphere. When participating in a public protest, it is very easy to get caught up in the overwhelming flood of public opinion online and in the media. Blogging live on the congressional hearing during which political figures delivered their positions helped us stay grounded.

       The main goal of our campaign was to engage Yale students in a compelling way. We believed that a live blog would be (relatively) more captivating (to the extent that a live blog really can be) than other forms of content. Our idea was that a live blog on the Congressional markup would attract more attention to the issues we were trying to convey to the student body. We also realized this would make the substance of the debate more accessible. Essentially, we sought to accomplish two campaign goals: 1) more exposure for our campaign, 2) heightened attention and knowledge to students about the bill itself.

       We believe we were able to bring the experience of the House debate in an appealing way to those who may not have followed it live, but wanted to have a taste of what went on. The live blog was an aspect of our campaign that probably linked closest with the “real-life” implications surrounding SOPA. The most fitting conclusion I could provide about this endeavor would be – POLITICAL PARTICIPATION AT ITS FINEST!

Part 4: A Rewarding Experience

       Ultimately, we deemed our advocacy campaign a success. As is discussed above, our data shows that our Facebook page reached a large number of individuals, both those inside and out of the Yale community.  We believe that we helped further the anti-SOPA cause and exposed the weak points of the legislation. It was especially exciting to be involved with the anti-SOPA activity at this particular stage, when the bill is one of its most hotly debated points. This allowed us to piggyback off of other anti-SOPA campaigns’ publicity and allowed us to run a live-blog of the bill’s mark-up in Congress.

       It was an extremely rewarding experience for us all, both in terms of educating others about the dangers of SOPA and learning ourselves about the controversial bill, as well as about other related debates regarding the freedom of the Internet. The project also allowed us to gather (or hone) many different skills using technology that we might have never been exposed to, including creating and running a blog (and live blog), creating memes and other internet videos, writing simple HTML, and using and linking Twitter, Facebook, and blog pages. The project was therefore a perfect culmination of our semester in Introduction to Law and Technology, reinforcing and combining new technological skills with knowledge about current Internet debates that in the future will allow us to be better informed and more active citizens of the Internet world.

Mollie DiBrell
Charles Gyer
Sam Helfaer
Nicholas Makarov
Zachary Tobolowsky
Will Kirkland

Playing WhatsHerFace-book.com

After launching this weekend, we’ve seen over 700 users (Mostly college age students) tag 35,000 friends, and it turns out that the average player only knew 70% of their Facebook friends presented. Now, of course, the term “average user” is very skewed given our user base. Facebook reports that the average user has 130 friends, while our average player has boasted a whopping 880.

We argue that anything under 100% recognition of your “friends” should raise some privacy red flags. Every one of your friends can share your information with third-party apps (in fact it’s this that allows our app to function); we are able to pull all of your friends photos, without their permission–that is, unless they’re smart about their privacy settings.  Even if you can’t bring yourself to defriend a long-lost acquaintance, at the very least you should consider creating managed friends lists with restricted privacy settings.

Results from a round of WhatsHerFace

We also hope to remind people to consider their audience when sharing content. “Friends of Friends” is never a good idea. For the average Facebook user, that’s 17 thousand people you don’t know, and why would they need to see your information anyways? Entire networks are generally a bad idea as well. You have no idea how large those networks can be, and with companies asking alums to Facebook stalk you on their behalf, does all of Yale really need to see you with your solo cups?

You probably think you know all your friends. Maybe you even pruned the list recently. But you had names and faces, and it’s so much easier to identify someone with a name. Try out whatsherface-book.com and you’ll understand just what we mean when whatsherface from freshmen year comes up and you’re forced to think, “Who the hell is that?”

Charlie Croom
Bay Gross

According to the 4^th amendment, “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated,…but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” It is clear that the 4^th amendment exists to guarantee and protect the privacy of Americans to the fullest extent possible. BUT, this guaranteed protection is limited and bound by the continually changing interpretations of what constitutes an “unreasonable search.” This phrase was never well defined, and its definition has become even more distorted by the growing variables created by technological advances.

Essentially, the central factor in a court’s determination of a search’s “reasonable-ness” is whether an individual demonstrated a “reasonable expectation of privacy.” How might one demonstrate this expectation, you ask? Well there is a seemingly simple answer to that question, but it has been convoluted with what is/is not deemed private in today’s world of technology and communication. Unless you can prove that you had a legitimate expectation that the evidence obtained would not be available to the public and that you took measures to ensure its privacy, then you do not have protection under the 4^th Amendment. Any behavior or communication that could possibly (or knowingly) be exposed to public view is fair game to “search and seize”. This is where the overwhelming nature of technology spoils all the fun! (that is, if “fun” = a definite expectation of privacy).

There has been a discernable and, depending on your priorities, alarming trend defining the relationship between technology and privacy by the rights guaranteed by the 4^th amendment. The trend: as technology expands…privacy protection /4^th Amendment rights diminish. To prove this is not just a blanket statement, I will go through some examples that prove this assertion.

Wiretapping

This was one of the earliest examples of U.S. authorities exploiting newly developed technologies to obtain private information by means of intruding 4^th Amendment protection. Wiretapping was first operationalized in 1870, and it was not until Katz v. United States (90 years later) that the U.S. effectively restricted this new form of “searching” – a method made possible by the technology innovation of that time period.

Among other precedents set by the infamous and standard-setting Katz v. United States, this case established the unprecedented doctrine that the 4^th Amendment must exist to “protect people, not places.”

Publicly Private

With new technology and its inherent ubiquity, the scope of the 4^th Amendment could no longer be property-centric. Bare with me here, but the Katz ruling enabled citizens’ to be “publicly private.” Katz’z phone booth conversation was visible to the public, but the conversation itself was private. Up until this point, the government did not need to address this aspect of the “in public” model, and it is even more prevalent today with the ability to access computers, cell phones, etc. from essentially anywhere. By the very nature of establishing that physical intrusion is not required to constitute a search, this ruling has since applied to every 4^th Amendment matter involving the investigation of private sources of technology.

GPS Tracking

As evidenced in a recent Wall Street Journal article, “Courts have consistently ruled that the use of a GPS device to track people outside their home is not a “search” under the Fourth Amendment.” This goes back to the notion that if an individual takes part in something “in public” then they cannot claim to have had a reasonable expectation of privacy, and are thus unprotected from an unwarranted search. GPS, like the telephonic innovation that preempted wiretapping, is another technological breakthrough that has proven to impair the strength of the 4^th Amendment in privatizing individual activities.

Aerial Observation

Just some innocent observation...

In 1986, the Supreme Court ruled in California v. Ciraolo that a warrantless aerial observation of a person’s backyard did not violate the 4^th amendment. Again, more innovation, less privacy.

Concealed Radio Transmitters

In 1971, the Supreme Court ruled in United States v. White that using concealed radio transmitters worn by undercover informants does not violate the 4^th Amendment protection against unreasonable searches and seizures, and therefore does NOT require a search warrant. The Supreme Court held that a defendant’s expectation that another individual with whom he is talking will not reveal incriminating information to the police is by no means protected under the constitution. Realistically, what would stop another individual from going to the police even if he is not an undercover agent?

Border Search Exception

It is not the exception itself that you should think about in the context of this article, but rather the justification behind institutionalizing this legal doctrine – it is a perfect example of technology’s growing facilitation of increased leniency for privacy invasion and less privacy protection. The doctrine exempts searches of travelers and their property from the warrant requirement expressed in the 4^th Amendment (which includes laptops and electronic storage devices). The source of recognition here in addressing the technological connotation at stake is the Ninth Circuit’s reversal of the ruling in U.S v. Arnold. The panel “rejected the argument that the privacy invasion resulting from searching computers is qualitatively different from, and requires higher suspicion than, searching luggage or other physical items.” Originally, the court ruled that, due to the private nature of the information contained in a laptop, border agents MUST HAVE reasonable suspicions before an unwarranted search of someone’s digital data device. This begs the question; with the vast amount of space available to store (personal) information, should digital devices be treated the same as personal property wherein agents need a warrant to seize such devices?

**Accordingly, take Ohio’s State v. Smith as an example. The Ohio Supreme Court decided that since cell phones have the “ability to store large amounts of private data,” the very nature of the device creates a higher level of privacy expectation, thus officers must obtain a warrant to search a cell phone.

BUT WAIT…..

Just this month, California experienced a perfect example of how convoluted the standards are across the country, and across time, as to how/whether an individual’s privacy/technology is protected under 4^th Amendment.

The Headline: ” California Veto Enables Police for Warrantless Cellphone Searches.” But what about State v. Smith?? Apparently Governor Jerry Brown would not fit in in Ohio. Gov. Brown vetoed the legislation that would require police to obtain a court warrant to search suspects’ mobile phones. I.e. any police officer can, without restriction, access anyone’s e-mail, call records, text messages, photos, banking activity, etc. How’s that for civil liberties?

The Reality

The truth is, yes, the immense growth of technology for the last century has been integral in the gradual weakening of the 4^th Amendment. It has dictated how much protection we can expect – an expectation that is now significantly less substantial as a result of both the sophisticated surveillance methods authorities have at their disposal, as well as the access every individual now has to advanced technologies. By this I am indicating that the government feels the need to regulate more heavily due to how much one can accomplish and maneuver with digital mechanisms today. With new innovations in technology creating such a worrisome threshold for criminal actors to communicate and execute harmful agenda, the central issue stretches far beyond the mere relationship between technology and the 4^th Amendment. More important than expecting an unconditional right to privacy, we as Americans should be thinking about what we are willing to sacrifice to ensure national safety andthe regulation of potentially criminal activity.

Where Should Priorities Lie?

I expect a strong right to privacy just as much as the next American. However, in recognizing the incredible abilities technology has given the world, I am more than willing to give up whatever degree of privacy necessary to make sure that those who are hiding something from the government/public are given as little room possible to act and communicate freely and privately. The indisputable fact is, unless you are hiding something that you probably know you should not be doing, then as an American citizen, you should really have no reason to resist searches and seizures. The people who fight the issues at stake with the 4^th Amendment should only be those who are hiding something illegal. If you do not fall under this category, then I really do not think you should take issue with the U.S. MAYBE crossing a few lines to ensure the safety of our country. So what is more important: getting your 100% protection of personal privacy or letting authorities slightly infringe upon the 4^th Amendment as they see fit to identify criminal activity.   This applies both domestically and internationally.

I am not implying you should not feel entitled to your constitutional rights, but I am implying that there is a certain balance wherein both sides need to make mature sacrifices.

First, the emphasis on “circles” makes you think about who is going to read what you post.  Circles are similar to the optional “list” function on Facebook.  But the operative word here is optional.  You need to go out of your way to customize who sees your statuses on Facebook, clicking the lock icon next to the “share” button, then going to a “Customize” menu.

Sharing options for Facebook posts

Clearly, Facebook doesn’t want you to think about who sees your posts.   For Google+, on the other hand, at the bottom of each post, you see who the post will be sent to (see below).  It’s similar to an email mailing list, except the ensuing discussion looks more like Facebook.  Now let’s think about this in the context of a useless post: “I just had some awesome pancakes for breakfast.”  It’s on my mind, so on Facebook, I’ll just type it in, hit enter, and it’s there.  On Google+, I’ll type it in, then go to select which Circles to share it with.  Because of this, I’m forced to ask, “who would care about this?”  Acquaintances are immediately unchecked.  Family? Nah, they wouldn’t care either.  Classmates? No dice.  How about “Close Friends”?  Come to think of it, why would they care about an above-average breakfast?  No one wants to know this, so I’m not going to end up posting it.  This is a perfect example of the power of defaults – two networks have the same options, but they feel fundamentally different since one integrates choice into the interface, while the other hides a default.

Sharing a post on Google+

Select who you share with.

Second, there is no wall.  This is a big move for Google, considering some form of public personal messaging has been a staple of both MySpace and Facebook, its precursors. There’s a complex psychology and sociology to the Facebook wall, but it just starts feeling weird after a while.  It’s akin to people holding a loud conversation in public – you don’t necessarily want to eavesdrop, but you can’t quite avoid doing it.  On Google+, if you want to direct a message at someone, you have two options.  First, you can make a post that you share only with the intended recipient; the person will get a notification about your post.  This is a bit odd, though, since it only appears in your “stream” along with posts not specifically directed at anyone.  Second, just email the person.  Depending on various privacy settings and whether you are Gmail contacts, Google+ profiles have an email link featured prominently under the profile picture. (Edit: You can control whether this link appears by going to your profile, then clicking “Edit Profile,” then the “Send an Email” icon.  When people click this link, they send you an email without actually seeing your email address.)   Either way, you’re encouraged to keep two-person conversations private.

It might seem surprising that the folks who brought us the Buzz disaster would discourage us from sharing too much, but they’ve clearly focused their network around what people don’t like about Facebook (and perhaps they’re trying to avoid the backlash they got from Buzz). Facebook has become inundated with information you never wanted to know from people you met once and became friends with out of politeness.  Even to many people who are “hooked,” Facebook has become more of a social burden than a welcome way to keep in touch with friends.    It’s hard to predict how Google+ will evolve as it scales up and is modified over time – after all, Facebook was once somewhat similar to the current Google+, but it incrementally eroded privacy to draw users in.  However, Google has an advantage that Facebook didn’t have.  It is already an established web resource with enough useful services independent of its social network to keep itself relevant for a good while. Google can continue to attract users by making Google a one-stop digital resource, leaving an unobtrusive social network intact.

Addendum: I should probably note that the “resharing” function leaves a privacy hole, but resharing itself requires that you think about who would want so see someone else’s post.  Though it amounts to no more than automated copy and paste, this is another example of the power of defaults; hopefully Google will allow users to turn off resharing by default before Google+ becomes open.  In general, the Google+ design allows you to limit the people you give information to, not what they do with it, which is really all you can hope for, anyway (see Hoffa v United States).

Today’s judges do not entirely understand the ubiquity of new technologies in modern America, or the staggering amount of data these technologies (such as smartphones or laptops) contain. Scalia’s public embarrassment at the hands of a Fordham Law class indicates that he does not quite grasp the nature of privacy in today’s Internet age, and judicial opinions in a variety of cases (People v. Diaz, US v. Moreno) reveal that judges do not comprehend the scope with which new technologies affect personal privacy or control. Our Legal Background section describes these matters in more depth, and the Memorandum to the Judiciary enumerates specific proposals to improve judges’ understanding of these issues.

To gauge the public’s opinion, we surveyed Yale students. The survey enforced the notion of a gap in understanding modern privacy: it showed that information or data students hold “somewhat” to “very” private is often data they do not have control over. Students held the content of emails and text messages more private than almost every other piece of data, yet these data are archived by corporations in full. Internet searches and web browsing were considered rather confidential, but Google has no qualms about gathering and using these data. The survey also highlighted areas where law lags behind contemporary expectations. Every piece of data considered substantially private on the survey is collected by web-based corporations, but most Internet users do not realize. Income / Financial Aid Status was considered as private as Medical History, yet nothing like HIPPA exists to protect financial information. What students deem most private is not necessarily well-protected; these students should be aware of that fact, and the judiciary ought to take into account these new societal expectations in determining privacy law.

The privacy hyoptheticals deserve attention from both the judiciary and the broader public. We aim to educate both parties about the countless new ways an individual can lose their right to privacy in today’s world.

To see the project in its entirety please visit our website

Frances Douglas TC ’11 / Bobby Dresser PC ’14 / Stephanie Rivkin PC ’13 / Emily Rosenberg PC ’11 / Joel Sircus TC ’14

This question is precisely what our project aimed to answer. An increasing number of websites are advertising themselves as “people search engines” (Spokeo), which aggregate personal information on the Internet “for personal security and to inform the decision-making process” (Intelius). Many concerns have been voiced about these sites threatening personal privacy and their potential to harm reputations with false information. We set out to determine exactly how much information we could gather about an average college student, as well as the accuracy and damage potential of the data.

We examined three data aggregation sites–Intelius, Spokeo, and PeopleSmart–which required a fee . The costs ranged from $1.95 for an Intelius People Search Report to a $29.95 PeopleSmart Background Report.

Even for only $1.95, the Intelius People Search Report was a rip-off. The only information on the report was address and possible relatives, and even then, the relatives’ names were wrong. Intelius also had the most difficult information removal policy, requiring faxed state-issued ID, which would take 4 to 6 weeks for removal. The shadiest portion of Intelius, though, occurred when purchasing the People Search Report. Mid-transaction, a page resembling a normal verification page popped up containing this section:

Would you really take the time, mid-transaction, to read this?

But it isn’t a verification page. Entering your e-mail in the box acts as your electronic signature, authorizing Intelius to sign you up for a third-party subscription service (about $24.95/month). The fine print is easy to gloss over, and the link to decline the offer is even easier to miss.

Spokeo, advertised as “not your grandma’s white pages,” sells “in-depth” reports on people using information compiled from the Internet. However, once you use the site, you quickly realize that the information is often inaccurate. It listed our test subject, Cece, as 37 years old! (She’s actually 20.) Most of the information that Spokeo provides can be found within five minutes using a search engine such as Google (with Google Street View)–certainly not worth the price of membership. Simple information such as age, address, and home value are all things that a stalker would know about you before conducting an online search, anyway.

Furthermore, Spokeo has a very interesting privacy policy. On their site, they list the instructions on how to remove your information from the site. These instructions, however, work for removing anyone’s information! We took down the listings of complete strangers without their knowledge and without having to provide any proof of identity whatsoever (Sorry, Robert Matakevich!).

Lies.

Our most expensive purchase, the PeopleSmart Background Report for $29.95, was at least the most accurate report. There were no glaring errors in names, address, or age.  However, it still did not tell us any information which we had not already found via Intelius or Spokeo. The process for editing or removing information was also extremely simplistic, requiring no verification of identity before filling out an online form. All in all, it was extremely disappointing given the hefty price tag.

In addition to purchasing personal reports, we also examined our “online preferences” on eXelate and BlueKai, two data aggregation companies which sell user information (based on tracking cookies) to corporations. Although many of the results we obtained for ourselves were decently accurate, a number of topics listed under our interest profiles seemed entirely irrelevant (i.e. parenting). The good news, though, is that editing information or opting out is extremely straightforward and can be done instantly with a click of the mouse.

Overall, the information from personal data reports was woefully uninteresting–elementary at best, and laughably inaccurate at worst. Data report sites don’t live up to their promises of delivering really personal (or even accurate) information, seeking instead to benefit from naiveté and ignorance. They’re scams. So rest assured: Stalkers and employers gullible enough to buy into these sites will only hurt their wallets, not your reputation.

View the full project Powerpoint here.

– Cece Xie ’13, Emily Yin ’13, Daniel Frascella ’12

Facebook’s a monopoly that abuses its users: you and me. But we’re left without a way to retaliate. I propose a way to contaminate their database with false information, limiting the usefulness and resale value of our own information, while maintaining as much Facebook usefulness for the rest of us. It’s called Unsell Yourself, and I’d be honored if you’d give it a read.

[Edit: Reposted from my own blog in full, but formatting/CSS is better on my blog]

This is the story of how Facebook uses the information you put into it against you, and how you can unsell yourself. I believe Facebook is an exciting product and I hope that the company succeeds. But I also think Facebook’s monopoly has permitted them a business model which is bad for its users.

Not all stories of businesses harming their consumers begin with a man in a top hat, but it sure makes it easier to. Is Facebook a monopoly? Here’s a graph of Facebook’s web market share compared to hi5, friendster, orkut, linkedin, plaxo, & ning as assembled by Bill Tancer in 2007.

Since 2007, network effects have pushed Facebook into an even more dominant position. Facebook now claims that they have

More than 500 million active users
50% of our active users log on to Facebook in any given day
Average user has 130 friends
People spend over 700 billion minutes per month on Facebook

Alexa.com names Facebook the #2 top site in the world, with 42% of the world’s entire Internet population having visited Facebook. The next social network doesn’t come up until #17: LinkedIn, with a meager 4% of the world’s Internet population.

Here at Yale, in a recent poll of people connected with the class Control, Privacy and Technology (tech savvy 18–22 yr olds, generally), 98.9% of the respondents had a Facebook.

Obvious truth number one: Facebook is the most dominant social network. Facebook alone is in exclusive possession of 500 million people’s communications, demographic data, location, and social habits. Since I’m not even close to being familiar with the nuance of antitrust law, I’ll leave that speculation to other people, noting only that Wikipedia says that the Sherman Antitrust Act doesn’t forbid innocent monopolies, but only those who achieve their monopoly through misconduct.

How Facebook’s Monopoly Harms Users

You might be asking (reasonably), “So what, who cares?” that Facebook is a monopoly. But Facebook’s definitely not been perfect, and their monopoly has permitted them some egregious abuses of their users that a competitive environment would not have permitted. As many Internet-based businesses know, it’s very very dangerous to abuse your users: they’re fickle, and can change services easily by merely navigating to their browser bar. Just look at Digg versus Reddit. So why hasn’t Facebook suffered user base drops when they rolled-out despised changes, like a redesign (the irony of linking Gawker isn’t missed), less default privacy, or ever more tailored behavioral ads. (Full disclosure: I recently got a Facebook behavioral ad for “bedwetting”. Not really sure what I’m doing to signal that one.)

Recently, even spookier things have surfaced. Julian Assange noted that Facebook is an FBI agent’s wet dream:

Facebook in particular is the most appalling spying machine that has ever been invented. Here we have the worlds most comprehensive database about people, their relationships, their names, their addresses, their locations, their communications with each other, their relatives… all accessible to US Intelligence… [Yahoo, Google and Facebook] have built in interfaces for US Intelligence. It’s not a matter of serving a subpoena.

Facebook users should get a Miranda warning:

And Mark Zuckerberg likes looking at more than merely the data you post. By reading between the lines, he’s worked out an algorithm with 33% success rate for predicting who you’ll date next.

Why Users Don’t Quit

I don’t quit Facebook because Facebook is a valuable network, one that can’t be easily replaced. That’s the natural strength of a monopoly combined with Metcalfe’s network benefits, the nature of walled garden web platforms, and their inability to control and remove their own data from Facebook. Walled garden web platforms like Facebook with embedded APIs and developers, along with Facebook-specific applications mean that users can’t easily replace or extract what could be valuable data to them. In other words, quitting Facebook means quitting Farmville and all the other applications you use. As more and more websites use Facebook as the only login system (for the best example, see Canv.as), the web platform expands its power. These kinds of platforms also lead to a new, special kind of hurt of users: the AOL effect. Users’ lack of control over their Facebook data also makes it impossible to quit the platform. Not only is it truly impossible to delete messages (the delete button merely obscures them from user view, but enables them to be re-discovered via Facebook’s “Download Profile” tool and of course they remain on Facebook’s servers for subpoena or hackers and Facebook themselves, but it’s also impossible to pull Facebook contact information out of the roach motel. Even Google has lashed out against Facebook, criticizing Facebook’s design choice that makes users’ unable to export their data back out.

How Users Can Strike Back

Not a single user pays to use Facebook, and yet the company is valued at $50 billion dollars. Not bad: that means that of their users is worth $100, by my math! Which is to say that investors believe that your information, your time on the site, and your clicking is worth $100 to Facebook. To encourage a more competitive marketplace and discourage Facebook from abusing its users, there’s an easy way to reduce your value to Facebook while simultaneously reducing your legal vulnerability and privacy problems, without quitting Facebook, or even losing a valuable component of Facebook’s services!.

You keep all of your Facebook contacts, the ability to message or chat or use your wall and apps— but behavioral advertising, Facebook’s bread and butter dollar revenues and the short term thing that keeps them Wall Street’s darling— you can kill all of that just by adding a “Teen Vogue” to your interests. Or Teletubbies. Or Tiffany’s.

Here’s my current profile:

The trick is to populate your Facebook with just enough lies as to destroy the value and compromise Facebook’s ability to sell you. Collectively, users could use misinformation with “features” that they don’t like being used against them in order to guide Facebook’s future. (This is already done by FB’s user base with new some new features: Facebook places seems to effectively have been a flop. Among my 1000+ Facebook friends, only one person uses it.)

How Google is Different from Facebook

I’m wary of Google, but for now will say it’s not worth populating their data with false information yet, and not just because it’s harder. This stems from three major differences between Facebook and Google:
1. Long term monetization strategy
2. Competitors
3. Data Freedom

I don’t see Google’s long term monetization strategy being pimping your data out to the highest advertising bidder. That might be how you build a $50 billion dollar company, but it’s not a way to build a lasting $200 billion dollar company. Instead, I think they’re collecting data to get into a product development business via big data and simple algorithms.

Nor is Google’s monopoly even close to as complete as Facebook’s dominance. Bing apparently now has 29% of the search market, and Baidu won’t let up the Chinese market easily. There are innumerable competitors to Gmail, and they all have heavy user bases. Online documents is an area Microsoft won’t cede easily, since it’s one of their core products and one of their two sources of profit (Office). Mobile phones are obviously an extremely competitive arena, with RIM, Apple, Microsoft, and HP all fighting for OS market share in smartphones. And even in Google’s stronghold of display ads, Apple’s attacking (though the success of iAds remains to be seen).

Perhaps most important is that Google’s exportability of your data remains high. You aren’t locked in or integrated in the same way that Facebook joins all of your data to a persistent single identity, users can download calendars and quit Google Calendar or extract contacts onto a new framework. The integration also doesn’t lock users into Google: you can continue to use Google Docs even if you discontinue Gmail use.

Conclusion

Ultimately, I see inputting false data into Facebook’s “likes” pages a form of sit-in, a kind of CAPTCHA to prevent a Facebook data mining bot to freely pillage and extrapolate results from the data you put in to Facebook. It’s a good response in a scenario like today, where Facebook has a monopoly that almost everyone has to jump in on anyway, no matter how much they might be reluctant to. Hopefully though, the longer term solution is for a real competitor to emerge, offering users the things that they want, and the ability to migrate effortlessly from Facebook without paying Metcalfe’s prices. In the meantime, protect yourself and express a bit of discontent: unsell yourself from Facebook.

The proceeding chart is meant to present all of the bills’ key features, providing a sense of each bill’s thoroughness and effectiveness. Rather than coming up with our own ideas about what the ideal privacy bill should and should not include, we relied on the FTC’s principles as a guide.

After parsing all of the information presented in the bills into categories, we gave each section a score out of 10, based on how many of the FTC’s guidelines the bill adhered to. We gave each section an individual weight, based on how much emphasis the FTC puts on its relative importance. After coming up with this percentage score (points out of 10 multiplied by section weight), we gave each bill a traditional letter grade. We actually ended up curving the scores by adding 10 percentage points, because the highest grade turned out to be a B. While this does speak of the need for even better privacy legislation, we did feel that at least one of the bills received an A grade because it generally conformed with all FTC guidelines.

While the chart should speak for itself, we did want to point out a few interesting points that became apparent after combing through all of the data:

1) Notice how the bills became less strict over time. While H.R. 611 seems to be the bill which would be enacted in the FTC’s ideal world, one can infer (from the fact that there were no contributions reported) that it never got off the ground, perhaps because it was indeed overly idealistic.

2) At least a couple of the bills include exemptions which make them a lot less effective. For example, the Kerry-McCain bill includes an exemption for the use of information within the context of “established business relationships.” Many bloggers have written that this creates a special loophole for social networks, calling it the “Facebook Loophole.”

3) Notice the way that “sensitive data” gets redefined over and over again, becoming less strict. While the most stringent bill includes the protection of data such as biometric data or precise geo-location data, other bills make no mention of this, offering a lot less protection.

—Nadia Danford ’12 and Cynthia Weaver ’12

In Ontario v. Quon, Justice Scalia encouraged legislature to consider the difference in privacy expectations between laptops and cellphones and to do so quickly, considering law’s seemingly futile rat race against technology.  That brought us to the question that spurred The Gavin Project: what’s more private – our cellphones, email accounts or Facebook messages, and what particular tidbits and facets of our personality and will seep through each of the media we so depend on?

Who is Gavin? It depends where you look.

According to Google’s search engine, Gavin was born and raised in his hometown Townville where he lived his entire life. His mother is Margaret Project and his father is Richard Project. He has a terrier named Jake. At 18 years old, Gavin was publicly honored in his Townsville newspaper as having graduated first in his class.  In high school, Gavin participated in music, fine arts and political organizations. He hung out with friends at parks or local restaurants and enjoyed nerding out.

But a simple Google search won’t reveal the extent of Gavin’s romantic encounters, his music tastes, grades and questionably legal activity.  Each of Gavin’s technological media that most of society would regard as private – his cell phone, Facebook account, and Gmail account – exposed different aspects of Gavin’s private life. His Gmail said he liked the Decembrists.  His cellphone said he liked Avril Lavigne.

If in order to have privacy protection under our legal system we need to demonstrate a subjective expectation of privacy society is willing to recognize, our polled public showed that society was willing to protect each of these different media, and as such The Gavin Project consensually violated one man’s privacy.  We created dossiers of each of our different Gavins, examining what we could learn about him through each of the media.  Ultimately, each of the media revealed information many would consider personal and private.

Perhaps the more philosophical question should be where is the real Gavin? Is he most himself on Facebook, Gmail, or on his cellphone?  We encourage you to decide for yourself as you read and partake in the gross privacy violation that is The Gavin Project.  We can judge for ourselves which privacy violation is most revealing and disturbing for Gavin and in that way help answer Scalia’s normative question of which technological venues should require the most protection by deciding which venues we, society, are most willing to protect.

Check out www.thegavinproject.com and follow @theGavinProject on Twitter for updates.

Jeonghyun Kim – Class of 2011
Julie Shain – Class of 2013
Matthew Everts – Class of 2013
Michael Clemente – Class of 2011
Sebastian Park – Class of 2013
Zachary Maher – Class of 2013

Was the iPhone location tracking file an egregious error, especially since they didn’t notify users? Probably. Will it be patched, never to be seen again in the next version of iOS? Probably. But that’s a bummer for people that like owning their own data.

Writes Richard Thaler in today’s NY Times:

If a business collects data on consumers electronically, it should provide them with a version of that data that is easy to download and export to another Web site. Think of it this way: you have lent the company your data, and you’d like a copy for your own use.

That sounds a lot like what you iPhone location file is. One of the stink bombs thrown up over this iPhone debacle is, “this information isn’t behind a firewall.” True— which means that YOU own it, instead of your phone company. Besides, lots of private information up behind a firewall just creates another juicy target for a hacker (a la Epsilon’s data breach). Are we really getting to the point where we don’t want users owning their own data because they’re so incompetent they might get hacked? Even Thaler’s semi-paternalistic book Nudge doesn’t go that far! Besides, as David Pogue points out,

The one legitimate concern, therefore, is that someone else with access to your computer could retrieve the information about your travels and see where you’ve been. Your spouse, for example. The researchers also mention “a private investigator,” but that’s a little silly. A PI is going to break into your house to inspect your iTunes backup? If your computer is that accessible, you’ve got much bigger problems.

Most likely, the only person that is really that fascinated about you is… well, you. Pogue again:

Meanwhile, accept it: Yes, Big Brother is watching you. But he’s been watching you for years, well before the iPhone log came to light, and in many more ways than you suspect.

And you know what? I’ll bet he’s bored to tears.