It is my opinion that the popular expectation that Facebook will eventually take privacy seriously is unfounded. Facebook is a profitable entity and their business roadmap clearly illustrates that they feel they are at a stage where user privacy must be compromised for their business to grow.
In other words, it is the users who must battle with the decision to either stop using Facebook, or to accept to collaborate and communicate using a platform that mines their private information to compute business intelligence for eventual profit.
Perhaps this is a fair set of options, given that the concept of 'social privacy' is an oxymoron: if we want to be social and benefit from it, we must share information about ourselves. However, this sort of reasoning is not grounded in reality, for the same reason that disconnecting your computer from the Internet to gain the utmost level of security isn't a reasonable option (for most people).
It is also my opinion, that the online social space has created a condition where the end users must ultimately collaborate to initiate an ongoing privacy arms race. To promote this sentiment, and to further the cause of research in this field, I'd like to announce the AntiSocial project.
The AntiSocial project is a subset of my research under the NeuroSploits umbrella (more on NeuroSploits later). I have developed a Firefox extension to promote this effort. If you are in a hurry, you can download it from https://addons.mozilla.org/en-US/firefox/addon/162098/ (beware that is is an initial release, but you are most welcome to try it out and provide feedback).
At the moment, the following is what AntiSocial aims to do and how it works.
A. Provide additional privacy controls and features to the user by:
- Preventing external sites from including Facebook content. This prevents Facebook from being able to track the user's browsing habits external to Facebook (via the Referrer header).
- Banning all access to 3rd party Facebook applications, including applications that choose to use Facebook's Automatic Authentication in which users are not given the opportunity to authorize the execution of the 3rd party application. This will prevent arbitrary 3rd parties from being able to capture user data.
- Preventing external sites that are landed on from Facebook from capturing this fact (by modifying the Referrer header).
- [more to come]
B. Increase the noise to signal ratio of business intelligence collected by social media platforms (currently Facebook) by [research in progress]:
- Changing the Referrer header while the user browses the Facebook platform (this will not stop Facebook from collecting intelligence about the user's browsing habits within the platform, but it may make their data mining slightly more expensive).
- Changing the referrer information tracked within the Facebook cookie (this will not stop Facebook from collecting intelligence about the user's browsing habits within the platform, but it may make their data mining slightly more expensive).
- Initiating arbitrary requests to the Facebook platform to make it harder for Facebook and 3rd parties from computing business intelligence (work in progress) for given sets of computations that the user may not agree to.
- [more to come]
Please feel free to contact me with any bug reports, questions, or ideas.
[As a caveat, I'm a fan of the NoScript Firefox plugin and I do realize that some (if not all) of these feature sets can and may be incorporated by NoScript - however, the AntiSocial Firefox extension aims to target users that may not be technically savy enough to maneuver a tool such as NoScript, and also to further my own understanding and research of privacy issues in social platforms].