Social Media: No “Friend” of Personal Privacy by Christopher Spinelli — 67
that understanding social networks will aid the courts in applying a more balanced standard of a reasonable expectation of privacy. Strahilevit agrees that state and appellate courts have been inconsistent in making this determination. “Jurisdictions cannot agree on a framework for resolving these kinds of cases. Hence, Georgia law holds that disclosing sensitive information to dozens of people, and perhaps even tens of thousands of strangers, does not necessarily render information ‘public’ for the purposes of the public disclosure of private facts tort, but Ohio law governing the same tort holds that a plaintiff’s decision to share sensitive information with four coworkers eviscerates her expectation of privacy in that information.”47
The key to resolving this type of discrepancy is to accept “the fact that an event is not wholly ‘private’ does not mean that an individual has no interest in limiting disclosure or dissemination of the information.”48 According to Strahilevit, “tort law can thus function as a form of social insurance: protecting those people who engaged in socially desirable sharing of personal information, but who had the misfortune to see those per- sonal details disseminated to the general public without their consent.”49 In his analysis, Strahilevit proposes that a reasonable expectation of privacy can be determined based on “the possibility that the information will be disseminated to a number of people that exceeds the size of his social network.”50 On Facebook and MySpace, privacy features are often used to restrict access to a specific group of people. Therefore, they are an appropriate indication of with whom the individual would like his information to be shared, and the extent to which he would prefer it to be spread. In accordance with this assertion, any unauthorized access by an outside party to bypass a person’s privacy settings would constitute a violation of their reasonable expecta- tion of privacy. Strahilevit’s proposal conforms to the research conducted by Boyd and Cambridge University’s Computing Laboratory concluding that many users incorrectly believe that only select friends and family can access their information. Therefore, Strahilevit’s solution can go a long way in resolving instances of cyber- bullying, defamation, child predation, and employee discrimination on Facebook and MySpace. Although Strahilevit offers an effective resolution to many of the problems plaguing social networking websites such as Facebook and MySpace, it is unreasonable to expect a reinterpretation of privacy law to come from the Judicial Branch. Rather, it is the legislature that must become the innovator of new laws that govern privacy through this newborn medium. In doing so, they should heed the advice of scholars such as Strahilevit, and establish a system that clearly outlines how social networks are used to determine a person’s reasonable expectation of privacy.
IX. Proposed resolution
The argument furthered in this comment places emphasis on the need to correct privacy concerns facing the users of social networking websites such as MySpace and Facebook. It is evident that free market self-regulation of social networking websites denies individuals the privacy protection they deserve. As shown earlier, it is counter-intuitive for social networking websites to protect one’s privacy because it adversely af- fects financial gain provided by the business of advertisers. Additionally, protecting social networking websites from any sort of regulatory responsibility through the application of Section 230 of the CDA, has produced multiple negative consequences including the emergence of “cyberbullying” and concerns over the potential for child molestation and employee discrimination.
Congress should take decisive action to combat these growing problems. One such solution may in- volve the passing of legislation that redefines a “reasonable expectation of privacy” on social networking web- sites. A more appropriate way to view privacy on social networking websites is advanced by J.D. candidate Matthew Hodge. In his comment, Hodge provides an analogy that accurately depicts how social networking websites should be regarded in light of privacy controls. By relating an individual’s Facebook or MySpace ac- count to a safety deposit box Hodge asserts:
In each case, a person rents a small area in a public facility to store effects or information. The vendors of these areas hold them out to be private, by giving the purchaser a tangible key, or in the case of cyberspace, through a password. In both the case of the safety deposit
47 Strahilevitz, “A Social Networks Theory of Privacy” 921. 48 Strahilevitz, “A Social Networks Theory of Privacy” 923. 49 Strahilevitz, “A Social Networks Theory of Privacy” 927. 50 Strahilevitz, “A Social Networks Theory of Privacy” 974.