‘Ello, social media newcomer! Goodbye, data security fears?

The social media world is a-twitter about Ello, a new social network that is positioning itself as an ad-free, queer-friendly alternative to Facebook. Some scholars, however, have raised concerns about Ello’s privacy policy.

The social media world is a-twitter about Ello, a new social network that is positioning itself as an ad-free, queer-friendly alternative to Facebook. Some scholars, however, have raised concerns about Ello’s privacy policy, which reads in part:

“We may share your personal information with third parties under several circumstances, including (1) if you tell us it is OK to do so (2) if we believe that we need to do so by law (3) if we contract with a third party service provider to offer services for you — for example, with a credit card processing company if you decide to buy something through Ello.

Ello does not have any affiliated companies right now. But if we do in the future, we may share information with them, too.”

“Isn’t this, like, a blank check?” asked Antonio A. Casilli, a sociologist and associate professor at Telecom ParisTech, on a list of Internet researchers.

Casilli is right — this is a blank check for Ello to do whatever it wants with its users’ data. It’s also standard practice in the software realm, where actually reading all of the software user agreements would take a few lifetimes. Most people — including digital media attorneys — don’t actually read the end user license agreements they agree to when installing a new piece of software or joining a new cloud service.

Yours is not the only key

So, what is actually happening to your personal data when you join Ello or any other social network? Think about a gym locker room. All social networks are based on databases, and a database is like a locker room. When you sign up for Ello, you are assigned your own “locker” that contains your personal data. So is everyone else.

You can open your locker and leave the door open to show the whole world what you put in it, or you can control which people see what in your locker. This is called permissioning.

There are two key differences between the real world and the virtual world, however. The first has to do with actual keys: Ello has a master key that opens all of its lockers. So does Facebook, so does Google, so does every database ever invented. This master key is called the root password, and it is the supreme power in any computer system. In a well-run company, the root password is a closely guarded secret available to only one or two key people. In a poorly run company, the root password is available to anyone.

To make the situation even more complicated, sometimes there are multiple keys, or multiple ways to have unfettered access to users’ data. Basically, each gym sets up its own rules for who can go into which lockers. At a company with lax security, there’s nothing to stop employees from going into every locker and copying what’s inside. If your data is copied, you’ll never know who copied it or when. You’d never know it happened until you suffered negative consequences.

What can these hypothetical employees do with your data? Mostly, if they are programmers, they will use it to make their software better. They are usually pretty casual with it. Need a data set to test a new feature? Just grab some live user data to play around with on your workstation. Email it to yourself to work with when you’re working in the coffee shop on the weekend. Nobody notices, nobody cares. But I’ll bet that you, as a user, would care what was being done with the contents of your locker.

When data gets set free

Ello is a great opportunity to talk about the issue of future data security because its business model is so dubious. Common sense says that they are going to run out of money pretty soon, unless they convince some gullible venture capitalists to invest in them. (Which is quite likely, btw.)

Let’s consider the likely future. What happens when the money runs out and another company buys Ello? That other company will have all of Ello’s data (and its users’ data). We have models for what happens to old data, especially well-defined data sets with identifiable information. They become useful in the software community.

For example: the Enron email corpus, half a million messages harvested from Enron executives, is used to fine-tune machine learning algorithms. Unsurprisingly, the corpus includes a vast amount of porn and inappropriate jokes. Of the 150 Enron executives whose email boxes are in that corpus, it’s fair to say that none of them expected their emails to be in the public sphere and used by researchers.

That’s how it goes with data. We put data into what seems like a locked box, and we expect it to stay locked and private. But data in a database isn’t really private. It is in that imaginary locker room. And because people are in charge of the database (or the locker room, if you prefer), we need to hold the people who keep our data accountable for how they use it.

At Ello, there is a manifesto, but there aren’t rules about data privacy. What’s to stop someone at Ello from downloading user information and passing it along in the name of research for allegedly altruistic purposes? What happens when Ello is purchased, or when its founders splinter under the pressure of running a company that has no income? If Ello collects geolocation data from its users, it would be a simple matter to put those geolocation records together with voter registration records in order to assign real names and addresses to each user profile. Even though Ello’s founders claim they are not trying to be billionaires, it’s possible that they are not the only ones with the master keys to the Ello database. Will all the guardians of Ello’s data be able to resist the lure of easy money from marketers?

These are not new questions — they are old ones, faced by every Internet company over the past 20 years. A mature company makes decisions about the future; an immature company doesn’t. As consumers and content creators, we should ask the hard questions about the future of our data before we choose to put it into unknown hands.

—

Meredith Broussard is an assistant professor at Temple University, where she teaches courses in data journalism, journalism research, and entrepreneurial journalism. Her work focuses on data-driven journalism, with a particular interest in using data analysis tools to understand risk perception in everyday life. Her professional experience includes serving as features editor at the Philadelphia Inquirer, a member of technical staff at AT&T Bell Labs, and a multimedia software developer at the MIT Media Lab. Her work has appeared in Harper’s, Slate, The Washington Post, Philadelphia Magazine, the Inquirer, the Huffington Post, and other outlets.