A Zuckerberg Christmas Photo Tests Online Privacy

Randi Zuckerberg at the Digital Life Design (DLD) conference in Munich, Germany. Photograph by Ralph Orlowski/Getty Images for Burda Media

It’s become almost axiomatic that Facebook privacy settings are so complicated that even relatively savvy users get tripped up by them, especially since the giant social network has a reputation for changing them without warning, resetting defaults, and so on. In a deliciously ironic illustration of this phenomenon, Randi Zuckerberg—sister of Facebook co-founder and Chief Executive Officer Mark Zuckerberg—was caught in a privacy snafu on Christmas Day, when one of her family photos was shared publicly. But there’s a larger point behind all the schadenfreude, and it’s about more than just Facebook being evil: Online privacy is complicated, and inventing new software settings isn’t really going to help.

As detailed by BuzzFeed, the problem started late Christmas evening, when Vox Media staffer Callie Schweitzer shared a funny photo on Twitter of the Zuckerberg family using the social network’s new Poke feature—an app that allows users to send messages or photos that self-destruct after a certain amount of time (a feature that itself can be seen as a response to privacy concerns). Randi Zuckerberg saw the photo because she was mentioned in the tweet, which has since been deleted, and told Schweitzer that sharing it publicly on Twitter was “way uncool.”

Schweitzer apologized and said she had believed the picture was public because it showed up in her feed, and that she sees Zuckerberg’s updates because she signed up for them via Facebook’s Twitter-style “subscribe” feature. After some back-and-forth, Zuckerberg determined that the Vox staffer saw the photo because she is connected to a mutual friend—a friend who tagged Zuckerberg in the photo and thereby shared it with her entire social graph. Zuckerberg then shared what she felt was the lesson we should all take from this incident, namely: “always ask permission before posting a friend’s photo publicly.”

It would be nice if figuring out online privacy was that simple, but it isn’t—not by a long shot. And it’s not just Facebook, although the social network is the most obvious example of this problem, if only because it is so massive that virtually everyone is either using it or knows someone who is. It’s tempting to think of this as just another sign of how Facebook is an evil social overlord, deliberately tweaking privacy settings so it can sell our private details to the highest bidder, but that’s a little too facile.

The reality is that privacy issues we normally take for granted in the “real” world become almost infinitely more complicated when we move online: If Randi Zuckerberg had taken a physical photo of her family, she could only have shared it with a small group of people—and presumably those people would be close to her and her family, so privacy wouldn’t be a problem. But when anyone can “tag” a photo and instantly re-share that photo to an audience of thousands, things get complicated quickly.

Should Randi have asked before she shared that picture on Facebook? Maybe. But she (perhaps naively) trusted that it would only be seen by close friends and family—not thinking of how a friend’s decision to tag it could affect where and with whom it was shared. Should her friend have asked before she tagged it? Perhaps. I tagged a friend in a photo once, and she got upset with me because she didn’t want people to know where she was—not because she was doing anything bad, but because she didn’t like the feeling of being tracked. That never even occurred to me until she mentioned it.

To be fair to Facebook, figuring out these kinds of nuances isn’t easy—either is implementing them in the form of software controls. Facebook has gotten a lot of flak (much of it from Google (GOOG)) for not allowing people to download their friends’ e-mails, but it has always argued that those e-mails belong to your friends, and sharing them should be their choice, not yours. We may disagree, but there are good arguments on either side (Facebook now lets you do this, but only if your friend specifically allows it).

There are all kinds of things we need to learn—or relearn—when it comes to online behavior, and how to handle privacy is one of them. It’s easy to throw rocks at Facebook or make fun of Randi Zuckerberg, but the bigger issue is not going away: If anything, it is getting even more complicated.

Also from GigaOM:

Social 2013: The Enterprise Strikes Back (subscription required)

Healthcare Needs a Lesson in Cybersecurity 101, Report Says

Over Half of American Homes Don’t Have or Use Their Landline

Rewind: My Favorite Posts From 2012

All-Singing Devices Are Eating Up MP3 Player Sales

    Before it's here, it's on the Bloomberg Terminal.