My broken record at the moment is privacy and the amount of control we have over data we publish about ourselves. My long default has been to publish everything to a public rather than private space—basically so it’s drop-dead simple to reason about who can see my stuff. I’m lazy and, frankly, I don’t think the stuff I write about is important enough to be kept “secret”.
And “secret” in scare-quotes is the right way to think about it. On balance, it’s probably best to think of anything you publish online as being “eventually public”, even if it’s currently restricted to a small group. Given the ease of copying data online, eventually it’s safe to assume that someone will copy data to outside your technological fencing.
Any faith I have in technological access restrictions ultimately relies solely on my trust in the recipients of credentials to access the data. In any scenario where someone who you don’t have good reason to trust is able to access your data, all bets are off.
Facebook “friends” are a prime example of this latter group. I don’t trust Facebook’s protections: while its restriction methods arguably technically sound, there is such a large, untrusted set of “friends” who are able to tag, copy and forward any and all data posted that it makes a mockery of any protection offered. It’s the people who matter, not the technology.
Facebook’s “groups” help restriction of publication to people you trust, but it’s hard to remember to use these consistently and time-consuming to set them up. Again, laziness stops me using these effectively.
It would be great if this were not an issue, if someone solved the data-sharing problem effectively and simply. But for now that just isn’t the case. So just remember: “eventually public”. And think before you post.