Facebook currently has nearly 200 different privacy options and 50 privacy settings. It’s no wonder that the average person gets hopelessly lost when trying to figure out where they need to opt-out.
He goes on to say:
Why the hell do they have to opt-out, anyway? Shouldn’t it be more of an opt-IN scenario?
This is absolutely right. In my opinion, it is always better to err on the side of caution and assume that the average person, if asked, would prefer the default position to be privacy rather than non-privacy.
That is why I use a double opt-in system for subscribing to the newsletter, Computers in Classrooms. (That's where, after signing up, you receive an email asking you to confirm that it really was you who completed the form and you really do wish to subscribe.) As far as I'm aware, that is not a legal requirement, but is regarded as good practice. In any case, it seems to me to be safer on legal grounds, given that the advice from the UK's Information Commissioner states:
If challenged, you would need to demonstrate that the subscriber has positively opted in to receiving further information from you.
I do wonder, sometimes, whether privacy means as much to young people as it does to us oldies. But whatever their natural inclinations, they should be aware of their rights, and what their data may be used for.
Privacy rights vary according from country to country, so people really need to be encouraged -- urged, even -- to read the Terms and Conditions and/or Privacy Statement on websites before signing up to something.
Astonishingly, many people don't, as one company happily discovered when, as an April Fool wheeze, it told customers that it legally owned their souls! The news article from the Daily Telegraph states:
Almost 90 per cent of customers agreed to the terms and conditions without reading – either that or they were happy to surrender their souls. The 12 per cent of customers who refused the terms were given a £5 gift voucher.
I was intending to review some software once, when I read on the company's website that the copyright in any article which mentioned the product belonged to the company. That's a ludicrous proposition, of course, and almost certain to be kicked out of court, assuming it ever got that far. However, I took the view that (a) I don't have the time or inclination to engage in a legal tussle, and that (b) I have no desire to publice a company that would make such claims anyway. The result was that the company gained nothing from my use of its software. If you think about it, its legal staff or advisers are working at odds with its marketing staff.
As for what the data might be used for, young people need to realise that, from a marketer's point of view, it is better for people to have to opt out of receiving marketing messages than to have to opt in. That's because most people most of the time take the course of least action: it takes more thought and effort to tick a box than to not tick it.
Issues to discuss with students
- Are you aware of your legal rights? (Whether you're in a position to enforce or defend them is another matter entirely.)
- Where would you find out what your legal rights are?
- Is there a case for requiring all websites to have a Terms and Conditions and/or Privacy page?
- Should such a page be written in user-friendly language rather than legalese?
- Does privacy matter?
- What should the default position be for something like Facebook, given that one could argue that the whole point of it is to enable people to find you easily?