Why We Blab Our Intimate Secrets on Facebook
few years ago, when Leslie K. John was a doctoral student at Carnegie Mellon University, a classmate introduced her to a then-nascent website called Facebook. John took a look, scrolling through page after page of photographs, personal confessions, and ongoing accounts of people's every move. She found the whole thing perplexing.
"I didn't understand why people were putting all this information out there," says John, now an assistant professor in the Marketing Unit at Harvard Business School. "There seemed to be a constant need for people to give status updates on what they were doing. It was very bizarre to me."
John's curiosity led to a raft of collaborative research about information disclosure in the age of social media. Her goal: to determine when we're most likely to divulge intimate facts and when we're apt to keep our lives to ourselves.
In short, the initial findings indicate that individuals are both illogical and careless with their privacy on the web. "We show that people are prone to sharing more information in the very contexts in which it's more dangerous to share," John says.
Specifically, John and two colleagues from Carnegie Mellon set out to study a common contradictory attitude toward Internet privacy. On the one hand, studies show that Americans are wary of companies having access to their personal information. For example, in a February 2012 survey by the Pew Research Center, 73 percent of 2,253 adult respondents answered they would not be OK with a search engine (such as Google) keeping track of their searches and using the results to personalize future searches. And 68 percent said they were uncomfortable with targeted advertising for the same reason: they didn't want anyone tracking their behavior. On the other hand, millions of people routinely share the most intimate details of their lives via various social media sites.
With a series of field and lab experiments, John, Alessandro Acquisti, and George Loewenstein shed some light on the discrepancy.
In each experiment, the researchers asked participants to answer a list of questions to indicate whether they had engaged in various sensitive activities—looking at pornographic material, cheating on a romantic partner, trying cocaine, and so on. "We basically sat down together and brainstormed creepy questions to ask," John says.
The experiments tested the idea that downplaying privacy concerns would increase the likelihood of disclosure. For example, the researchers set up laptop computers across the Carnegie Mellon campus and asked passersby to fill out a "Web survey about student behaviors," which comprised 15 yes/no questions. Unbeknownst to them, the participants were randomly assigned to one of three user-interface conditions.
n some cases, they took an online survey titled "How BAD Are U???" Deliberately designed to look unprofessional, it featured red font and a pixelated cartoon devil. Other participants received a deliberately professional-looking survey titled "Carnegie Mellon University Executive Council Survey on Ethical Behaviors," which sported the school's official crest. A third set, the control group, received the relatively neutral "Survey of Student Behaviors."
The questions were exactly the same in every case. Yet participants in the "unprofessional" condition were almost twice (1.98 times) as likely to admit to having engaged in the various behaviors relative to those in the "professional" condition, with the control group answers generally falling in the middle.
From a logical Internet privacy viewpoint, the results don't make sense. After all, an amateur website of unknown origins is likely far less concerned with data protection than a professional website of a firm or university. But according to John, the research supports the hypothesis that people often don't even think about privacy unless reminded to do so. Ironically, professionalism seemed to remind participants that airing their affairs might have negative consequences.
"When you're on a very official-looking site, it sort of cues you in to think about the concept of privacy," she says. "We argue that oftentimes, privacy isn't something that's at the forefront of people's minds until you cue it."
To further test this argument, the researchers repeated their experiment, but added a very deliberate privacy cue at the onset: Before completing the personal survey, some participants took a test called "Phind the phishing emails," in which they viewed screen shots of email messages and identified them as "just spam" or "phishing"—the common cybercrime of masquerading as a trustworthy source to acquire data such as credit card information. Others (the control group) took a test called "find the endangered fish."
Indeed, thinking about phishing caused participants to be equally judicious in their responses, regardless of whether they were taking the "How BAD Are U???" or the "Executive Council on Ethical Behavior" survey. (Looking at pictures of endangered Acadian redfish and Atlantic halibut had no effect.)