Does Steemit need to be a part of the surveillance capitalism?
First time I saw Steemit my thought was YES!!! Finally a social media site that doesn't need to capitalize on it's users, instead they can make an steady income on a stable crypto currency! Different from the competitors, who earn income by capitalizing on their users data. As they saying goes, if you are not paying, you are the product.
Surfing around Steemit
Then after poking around on the site for some time, I noticed the the NoScript extension warnings in my browser and it seems to be there on every page I visit. Clearly an indication that some code gets added that might transfer information on my browser habits to to some commercial company.
Could it be...
SteamIt transferring users browser habits to Facebook?
Steemit seems to leak information to both Facebook and Google, two of the big brothers in surveillance capitalism. So I was obviously a little disappointed. Is this new hot decentralized site based on crypto currency already going in the wrong direction?
It's no surprise that Steemit uses Google Analytics, like 67.2% of the top 10.000 sites uses, but Steemit should be more careful with the linkage to Facebook, as they are known to collect this information.
The only reasons I have noticed for loading the Facebook SDK, are to allow signup and login via Facebook. I'm not sure, but maybe it's a way to only load this when Steemit shows the signup and loging page and not load it on every visit before the user has decided to sign in.
In fact, if you navigate a link to Steemit from anywhere on the internet, Steemit transfer information to Facebook about which article you view the HTTP Referer header:
:authority:www.facebook.com
:method:GET
:path:/impression.php/[removed]/?api_key=1402743653357701&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
cookie:datr=UxmmV_[removed]
referer: https://steemit.com/netocracy/@cryptogee/netocracy-the-book-that-predicted-the-rise-of-the-blogger-and-the-new-elite
(to reproduce, in chromium, open a new tab, right click on page, open webinspector, go to networking, paste a Steemit link into the urlfield and press enter)
Privacy Policy
I hope the issue with transferring data on read article to Facebook is only a glitch, but this was a little warning sign for me so I went and read the privacy policy of Steemit.
Reading the privacy policy it's clear that Steemit wants to generate income based on advertisement sometimes in the future. Usage of Google Analytics is however well explained in the privacy policy.
But it's not clear why Steemit is transferring users browser habits to Facebook and let them collect this data. So I would suggest to make this clearer in the privacy policy, or better, try to find a way to not load Facebook SDK on every request, but only when signing up and logging in.
Also it would be interesting to look into this privacy policy from an EU legislation. It's problematic that Steemit still obey by the old "Safe Harbour" agreement when it's invalidated in EU court (but it's good that it's explained in the privacy policy). Not to mention blockchain technology and how the right to be have your data deleted from the service is going to be enforced - when the blockchain is immutable. But this is something for a future post.
So during this testing I have learned that maybe this new service based on decentralized crypto economy isn't so drastically new as I first thought it was? Or maybe I'm wrong and Steemit will continue in a different direction, maybe ditching Facebook, Google Analytics and privacy engulfing ad-networks completely and only relaying on income from user contribution? Or maybe someone else will create a version with higher emphasis on privacy, if Steemit has a different focus.
I added the tag #privacy and hope to see more posts regarding this topic from other users and investigate further what steem means for user privacy. In all cases, happy to be here and I wish you safe surfing!