mark zuckerberg facebook
REUTERS/Jim Young

Facebook CEO Mark Zuckerberg arrives for the start of a town hall meeting with U.S. President Barack Obama at Facebook Headquarters in Palo Alto, California April 20, 2011.

Mark Zuckerberg runs a giant spy machine in Palo Alto*, California. He wasn’t the first to build one, but his was the best, and every day hundreds of thousands of people upload the most intimate details of their lives to the Internet. The real coup wasn’t hoodwinking the public into revealing their thoughts, closest associates, and exact geographic coordinates at any given time. Rather, it was getting the public to volunteer that information. Then he turned off** the privacy settings.

[**Editor's note: Facebook disputes the notion that it has "turned off" its privacy settings. We have provided a statement from the company at the bottom of this post.]

“People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people,” said Zuckerberg after moving 350 million people into a glass privacy ghetto. “That social norm is just something that has evolved over time.”

If the state had organized such an information drive, protestors would have burned down the White House. But the state is the natural beneficiary of this new “social norm.” Today, that information is regularly used in court proceedings and law enforcement. There is no need for warrants or subpoenas. Judges need not be consulted. The Fourth Amendment does not come into play. Intelligence agencies don't have to worry about violating laws protecting citizenry from wiretapping and information gathering. Sharing information “more openly” and with “more people” is a step backward in civil liberties. And spies, whether foreign or domestic, are “more people,” too. 

Julian Assange, founder of WikiLeaks, knows better than anyone how to exploit holes in the secrecy apparatus to the detriment of American security. His raison d'être is to blast down the walls protecting state secrets and annihilate the implicit bargain, yet even he is frightened by the brazenness of Facebook and other such social networking sites:

Here we have the world’s most comprehensive database about people, their relationships, their names, their addresses, their locations and their communications with each other, their relatives, all sitting within the United States, all accessible to the U.S. intelligence. Facebook, Google, Yahoo — all these major U.S. organizations have built-in interfaces for U.S. intelligence. It’s not a matter of serving a subpoena. They have an interface that they have developed for U.S. intelligence to use.

It’s all there, and the Internet never forgets. But even if the impossible happened and the Internet did somehow develop selective amnesia, in the case of microblogging service Twitter, the Library of Congress has acquired every message ever posted by its two hundred million members. As Jeffrey Rosen wrote in the New York Times:

We’ve known for years that the Web allows for unprecedented voyeurism, exhibitionism and inadvertent indiscretion, but we are only beginning to understand the costs of an age in which so much of what we say, and of what others say about us, goes into our permanent — and public — digital files. The fact that the Internet never seems to forget is threatening, at an almost existential level, our ability to control our identities; to preserve the option of reinventing ourselves and starting anew to overcome our checkered pasts.

The U.S. government isn't the only institution to notice. Early in the military campaigns in Afghanistan and Iraq, soldiers of the social networking generation uploaded to their MySpace profiles pictures of camp life in the war zones. Innocuous photos of troops horsing around in front of tent cities, bunkers, outposts, motor pools, and operations centers circulated freely on what was then described as “a place for friends.”

The U.S. military soon realized that foreign intelligence services, sympathetic to America’s enemies and savvy to the social revolution, could collect these photographs by the thousands and build detailed, full-color maps of American military bases. During the Cold War, this would have required the insertion of first-rate spies, briefcases filled with cash, and elaborate blackmail schemes. In the age of radical transparency, all it would take is a MySpace account to know exactly where to fire the mortar round to inflict maximum damage on the United States.

The Marine Corps confirmed this in a 2009 directive. “These Internet sites in general are a proven haven for malicious actors and content are a particularly high risk due to information exposure, user generated content and targeting by adversaries.” The directive continued, “The very nature of [social networking sites] creates a larger attack and exploitation window, exposes unnecessary information to adversaries and provides an easy conduit for information leakage,” putting operational security, communications security, and U.S. military personnel “at an elevated risk of compromise.”

This type of clever thinking on the part of America’s enemies is not unique to this conflict. During the run-up to the Gulf War, foreign intelligence services had a pretty good idea that the U.S. war machine was preparing for its most substantial engagement since Vietnam. The U.S. military recognized a new kind of threat — one that didn’t require foreign intelligence to insert an agent onto every base in the Republic. Open source information could be just as dangerous. Spikes in late-night orders from pizzerias near key military bases and an exceptionally busy parking lot at the Pentagon could tell hostile powers everything they needed to know.

In determining what should remain secret and what should not, the military — like each component of the American secrecy apparatus — is good at overreaction. The default answer: more secrets. To counter the MySpace problem, they banned blogs and social networks. This benefitted base security but killed morale at home. No longer could parents see their young sons and daughters safe — and even happy — in the war zone. All that remained were breathless reports of intense combat on the cable news networks. And while the average supply clerk is probably safer in Baghdad than in Detroit, every parent and spouse saw the same thing: a son or daughter in a flag-draped casket.

In 2010, the Department of Defense revised and consolidated its ad hoc policy on social media. On its official website it declared, “Service members and [Department of Defense] employees are welcome and encouraged to use new media to communicate with family and friends — at home stations or deployed,” but warned, “it’s important to do it safely.”)

From "Deep State: Inside the Government Secrecy Industry" by journalists Marc Ambinder and D.B. Grady. Reprinted with permission from D.B. Grady.

*"When the book was actually written, they were still in Palo Alto." - D.B. Grady
In a statement to Business Insider, Facebook notes:

"In reality we spend a lot of time building privacy controls, and working to make them powerful, easy to use, and also educating our users on them. For example:

- (in the same post) In-product education about privacy that we did in December: http://newsroom.fb.com/News/547/Better-Controls-for-Managing-Your-Content 
- Recent flyout in the News Feed ahead of Graph Search that pointed to the new tools and highlighted how people could check their stuff: http://newsroom.fb.com/News/660/Expanding-Graph-Search-Beta"