Warning: this post discusses intimate partner violence and rape. Please place a trigger warning on links to this post.
If you are currently at risk of violence, here are some links for viewing when you’re on a safer computer: National Network to End Domestic Violence: Internet and Computer Safety [USA], Washington State Coalition Against Domestic Violence: Internet Safety [USA] and Domestic Violence Resource Centre Victoria: Tip Sheet: Technology Safety Planning [Australia].
Cross-posted to Hoyden About Town.
Abusive relationship and spousal rape survivor and blogger “Harriet Jacobs” at Fugitivus is angry and scared today:
I use my private Gmail account to email my boyfriend and my mother.
There’s a BIG drop-off between them and my other “most frequent†contacts.
You know who my third most frequent contact is?
My abusive ex-husband.
Which is why it’s SO EXCITING, Google, that you AUTOMATICALLY allowed all my most frequent contacts access to my Reader, including all the comments I’ve made on Reader items, usually shared with my boyfriend, who I had NO REASON to hide my current location or workplace from, and never did.
My other most frequent contacts? Other friends of [my ex-husband]’s.
Oh, also, people who email my ANONYMOUS blog account, which gets forwarded to my personal account. They are frequent contacts as well. Most of them, they are nice people. Some of them are probably nice but a little unbalanced and scary. A minority of them — but the minority that emails me the most, thus becoming FREQUENT — are psychotic men who think I deserve to be raped because I keep a blog about how I do not deserve to be raped, and this apparently causes the Hulk rage.
There’s lots of other comment today on Google’s Buzz automatically assuming that your frequent email contacts should be your Buzz contacts, and making the connection with them public:
- Lifehacker: Stop Google Buzz From Showing the World Your Contacts
- Business Insider: WARNING: Google Buzz Has A Huge Privacy Flaw
- Lifehacker: Google Updates, Explains Buzz Privacy Setup
There will quite possibly be more by the time I’ve finished writing this post, let alone by the time you read it. But having to fight this battle on a site-by-site, service-by-service basis is disgusting. For a number of groups of people, including people who are the targets of a violent obsession among others, information about who they are in contact with, where they live and what they’re interested in has life-threatening implications. For a larger number of people it has non-life-threatening but potentially serious implications for their job, for example, or their continuing loving relationship with their family. Sometimes people are in frequent contact with people who have power over them, and/or who hate them. Why aren’t privacy policies centring that possibility, and working out the implications for the rest of us later?
Note: as I hope you anticipate, attempts to victim-blame along the lines of “people who are very vulnerable shouldn’t use technology unless they 100% understand the current and all possible future privacy implications” not welcome.
Update 13th February: Fugitivus has had a response from Google making it clear that protected items in Reader were not shared despite appearances, and stating some changes that are being made in Reader and Buzz in relation to issues she raised.
Geek Feminism Blog 
I’m so angry it feels like I drank acid. I am counting how many of my friends may be put at risk.
Another common privacy flaw I find disturbing is that among social networking sites, it is common to have a “Find Friends From E-mail Contacts” feature.
Let’s say you join Twitter and want to tweet with a pseudonym, but you use your real e-mail address when you sign up, believing that your e-mail address will be hidden from the public. Let’s say that you e-mailed your boss once with your real e-mail address. If your boss joins Twitter with his e-mail address, then he can “Find Friends From E-mail Contacts” and discover your “pseudonymous” tweets.
I think Digg has this feature as well, and probably many social networking sites.
I believe, although I don’t have a link to hand, that Facebook had/has a feature where it saves the email addresses too. So, you sign up and do the Friend Finder thing. Ten months later, your boss signs up. FB remembers that you had his email in your contacts and tells him “Hey, you may know Restructure!”
It does, which is why I use a Gmail address for Facebook that I only use for forwarding stuff.
It’s bad enough that I have one friend on Facebook who is still in a religious group I wish I could forget I was ever in, and Facebook keeps showing these people how to find me online.
Sorry, it doesn’t work for Twitter (see below), but I recall it working for Digg. And if any of these accounts have a link to your pseudonymous blog, they can find that too.
I got a big window on my gmail asking me to confirm all the automatic connections made (I undid most of them) with a big “okay” button the first time Buzz showed up, so maybe they fixed this?
I did too.
First time I logged in, it showed me a big window with the people it suggested, and asked me to manually confirm. It’s still somewhat risky, but it’s atleast one step better than doing it fully automatically. (many enough people “confirm” all sorts of things without even reading it trough)
Also, the auto-thing, where it suggest people you communicate with often, doesn’t trigger if you only RECEIVE a lot of email from a certain address, it only considers it frequent communication if you also SEND a lot of email to some address.
I’m not saying it’s good. It’s definitely a risk. I’m just saying that it -does- seem they’ve taken *some* precautions (even though probably not enough)
There is only so much that reading alone will give you. You need to understand what it’s actually saying it will do.
The weird thing about understanding is that you don’t always know when you’re misunderstanding something. The folks we’re discussing and discussing with here are the ones who grasp the technology of blogging, emails and online identity enough that they can piece the puzzle together — and even then sometimes not quick enough.
What about the folks who are not that savvy? What hope do they have?
Very much true, and an excellent point.
It’s tricky, even for people who know a lot about how the web ticks to understand the implications of ticking, or not ticking, some obscure checkbox on some website or other.
You’ll need to at a minimum, read the agreements, and be able to understand them. Most privacy-agreements are in a form that make them damn-near incomprehensible to a large fraction of the population, hell some of them are incomprehensible even to people who -have- law-degrees.
Simplified, standards would be a huge advantage. Infact I’ve quoted that as one of the advantages of free software in a different context. If you know what “GPL” or “BSD” means, you don’t have to spend hours and effort analyzing the new eula. Not that anyone ever does anyway, 9 out of 10 click “I agree” without even scrolling to the bottom of the document. (some installers force people to scroll, but people still generally do not read)
Sorry, I was wrong about Twitter, because they don’t let you find your contacts’ accounts by default, but you just know that they are on Twitter. However, I think it works/worked for Digg, IIRC.
Facebook does the same thing. When my step-mother signed up for Facebook, she innocently clicked The Button. It says something deceptive like “find your friends!” Which it does by sending an email to every single person in your address book.
I received an email saying “M—— would like to be your friend, click here to friend M——!” (Except with the full name, obviously.)
Imagine the reaction of a delusional stalker getting an email saying “Your ex-wife would like to be your friend!”
The HUGE ERROR these companies continue to make is in assuming that if I’ve emailed someone, I want ANYTHING TO DO WITH THEM EVER AGAIN. Which, in the case of several people in my email contact list, is resoundingly untrue.
For gmail, if you have an pseudonymous non-gmail email account that forwards to your personal gmail account, and you reply to emails sent to the pseudonymous account from your personal gmail account (but with the pseudonymous profile), your personal gmail address will still show up in the message header of the “pseudonymous” emails you send out, if you didn’t choose the option to “Use your other email provider’s SMTP servers.” (By default, this is not set up.) (More details here.)
If there are any other privacy issues related to pseudonymous blogging, please let me know…
OH MY GOD WHAT. I… did not know that. Shit, thanks for the link. :(
If anyone is interested in doing a “pseudononymous blogging: best practices” post, it would probably be a good guest post for geekfeminism.org.
I’m potentially interested in writing such a thing.
I will contact you via the email address left with your comment.
Coincidentally, over at Mozilla (where I work) we’re discussing some of our own privacy policies this week. We don’t collect this specific class of information for anything we have now, but it seems like a valuable thing to keep in mind anyway, so I’ve forwarded the link to where we’re talking about it.
I saw a post on “Isis the Scientist” this afternoon saying that she was disappointed because her privacy had been violated and there were anonymity concerns…and all I could think was that it would be less than a day before I heard a story of some woman with a stalker having problems. Sad to see that I was right, but I grossly overestimated the time. It makes me not want to log in to any google service. Ever again. I just don’t understand how they could be that dumb…
I noticed that fault of buzz, too, and also that you cannot block people from following you if they choose to be buzz lurkers (have no public profile). Naturally, I noticed this because someone I blocked from my contacts showed up in my buzz.
Awesome, google, thanks for that. Make sure when you are turning it off that you delete all your public buzz and your profile info as well.
BTW, my primary email is a shell account for which I use alpine as my email client.
There are a number of reasons for this.
1) Nothing gets downloaded onto my computer ever unless I’ve looked at it and know that it isn’t spam, let alone a virus;
2) I can’t control whether other people have it in their contacts list, and G-d knows my crazy nasty abusive ex has it, but he seems to have lost interest in going out of his way to bother me; but there are no apps that can get into it the way they can Gmail or Yahoo or Hotmail to decide that everyone I’ve ever exchanged mail with is my friend, buddy and pal.
I also highly advise NOT linking AIM, YM and MSN messenger usernames up with facebook and other such services, or using one that you never use–I have a “public” AIM that I check maybe twice a year, and multiple other SNs for different groups I belong to, and one for my intimate friends. They do the same thing with these that they do with email.
It’s…even worse.
I’ve blocked and unfollowed Friend A and Friend B. Friend A has blocked and unfollowed me. I can still see who Friend A is following — not just the people she’s following who have public profiles, but also Friend B, who does not have a public profile. Buzz helpfully tells me that Friend A is following Full Name at username@gmail.com, who doesn’t have a public profile.
In short, Friend B’s name and email address are still available, despite the fact that she has not made them public, through Friend A’s profile, to someone (me) that Friend A has blocked.
I wrote a letter.