De Wolf, R. (2016). Group privacy management strategies and challenges in Facebook: A focus group study among Flemish youth organizations. Cyberpsychology: Journal of Psychosocial Research on Cyberspace, 10(1), article 5. doi:http://dx.doi.org/10.5817/CP2016-1-5


Group privacy management strategies and challenges in Facebook: A focus group study among Flemish youth organizations

Ralf De Wolf

University of Ghent, Ghent, Belgium & Vrije Universiteit Brussel, Brussels, Belgium

Abstract

A large body of research has studied young people’s privacy practices and needs in Facebook. Less is known about group privacy. In this study 12 focus groups were organized with a total of 78 adolescents and young adults of local Flemish youth organizations to discuss their privacy practices. Findings describe how different strategies are used to coordinate the group information flow. The study also shows how online group privacy management can be challenging because ‘implicit’ privacy rules need to be made ‘explicit’, personal boundaries may conflict with those of the group one belongs to and privacy turbulence is difficult to define.

Keywords: Privacy; boundary coordination; group; focus groups; communication privacy management; qualitative; Facebook

DOWNLOAD PDF

Introduction

The dynamics of social networking sites (SNSs) challenge the privacy management of users. Specifically, users of SNSs are confronted with multiple and invisible audiences, context collapse and a merging between public and private sphere (boyd, 2010). Over the years, much research studied boundary coordination and privacy in the context of SNSs (e.g. boyd & Hargittai, 2010; boyd & Marwick, 2011; Litt, 2013; Marwick & boyd, 2014; Stutzman & Hartzog, 2012; Wisniewski, Lipford, & Wilson, 2012). Against popular belief, these studies show how young users re-establish boundaries and care about their privacy. Recently, there is a shift in focus from the individual to collaborative privacy practices in managing personal information (e.g. Lampinen, Lehtinen, Lehmuskallio, & Tamminen, 2011; Litt & Hargittai, 2014; Litt et al., 2014). Indeed, privacy management is beyond individual control. When information is disclosed, others become co-owners of that information and agreements need to be made (Petronio, 2002). Less is known, however, on how group information is managed.

This study contributes to the literature on privacy management in Facebook by studying group privacy management. Group privacy concerns the boundary coordination of group private information by group members. Specifically, offline and online group privacy management strategies of Flemish youth organizations (Flanders is the Northern part of Belgium) are studied. Youth organizations are an important part of the youth culture in Flanders. Up to one third of people below the age of 25 in Flanders is affiliated with a youth organization (Coussée, 2006). 12 focus groups with a total of 78 members and leaders of local youth organizations (ages 13-28) were organized and guided by following two research questions: “How do youth organizations manage group privacy and what strategies are used?” and “What are the challenges of group privacy management in Facebook?”

Theoretical Background

Communication Privacy Management

Boundary coordination for managing private information is elaborated in the Communication Privacy Management theory (CPM), as formulated by Petronio (2002). This theory states that when disclosing private information, others are understood to become co-owners of that information. Even though people may feel that they own their private information, it is governed collectively with others upon disclosure. Petronio (2002) argued that in order to manage private information, mutually agreed-upon privacy rules or strategies are needed and must be negotiated.

Privacy rules have two dimensions: acquisition and properties. It is through socialization and negotiation that people acquire privacy rules. People do not continuously develop new rules, but learn and express existing privacy boundaries. Initially, a child will not even have clearly defined privacy boundaries around the self – until the egocentric stage of development is reached that is (Petronio, 2002). Gradually, a child learns to differentiate between contexts (e.g., family, school) and internalizes a code of behavior that steers the balancing act of disclosure and withdrawal. Through negotiation with others privacy rules emerge, which can be both implicitly and explicitly formulated. Disclosure warnings (e.g., “Before I tell you this”) and timing parameters (“Please keep it a secret for the next few days”) are examples of explicit privacy rules. Implicit privacy rules are less articulated and occur in more ambiguous situations. People can hint at a rule without clearly formulating or let another person articulate the rule. Rules can be routinized or triggered. “(…) Once formulated, these rules become patterned actions that people depend on to communicate with others about this issue over time. The routinized rules become integrated into typical patterns used for privacy management” (Petronio, 2002, p.79).

Sometimes privacy rules need to change and synchronize with a changing situation. CPM differentiates between rules that are centered on linkages, permeability and ownership. When information is shared with others, collective boundaries are established. People can either transform the boundaries from an individual to a collective level or appropriate the rules of a preexisting collective boundary. There are many different types of rules for when boundary linkages are produced, such as rules about who is selected as a confidant, the timing and topic of disclosure, and the characteristics of the people involved. Once the collective boundaries are established the private information needs to be regulated. This is done through developing access rules about “(…) who, outside the boundary, can know the information, the amount of information they can know, when it is appropriate for them to know, and how they should be told” (Petronio, 2002, p.100). Next to rules about access people also develop rules that concern the private information itself. For example, certain topics can be avoided or even treated as taboo to prevent a breach in collective boundaries. Finally, Petronio (2002) also differentiates between rules that help determine the boundary borders, that is, boundary ownership. Because we have to manage multiple boundaries around the self and the groups we belong to, it is necessary to differentiate between borders.

Three collective boundary patterns are differentiated within CPM: inclusive, intersected boundary and unified boundary coordination. In the first pattern, person A has more power than person B, because person B gives up control by disclosing information. For example, a lawyer knows private information about her client but does not have to return the favor by disclosing herself. In the second pattern, person A and B are considered to be equals. For example, it is expected of friends to equally share private information. The third and final pattern is not focused on the relation between A and B but concerns how the entire group coordinates information. No individual owns the information but it is of his or her concern. For example, a cycling team hiding the usage of doping to the outside world.

Different rules are developed to coordinate boundaries. Sometimes, by “mishandling” the rules on linkages, ownership and permeability of boundaries, turbulence occurs. Turbulence can happen in various degrees. A person might intentionally violate the established privacy rules by betrayal (e.g., a student confessing that different people cheated during an examination) or mistakenly disclose information towards a third party (e.g., accidently revealing someone’s surprise birthday party).

Privacy Management in Social Networking Sites

SNSs exacerbate the collapse of spatial, temporal and social boundaries, which, in turn, challenges privacy management and disclosures (Vitak, 2012). The collapse of boundaries, or context collapse, can be problematic for SNS users. Vitak and Kim (2014) showed that SNS users struggle to balance front stage and back stage performances, challenging their impression management. Context collapse also corresponds with the presence of multiple and often invisible audiences. While people can rely on the imagined audience to steer their online behaviors (Litt, 2012), the study of Bernstein, Bakshy, Burke, and Karrer (2013) demonstrated how users consistently underestimate the audience size for their posts. Moreover, even when consciously sharing information users can later regret certain disclosures, such as posting when in a highly emotional state (Wang et al., 2011). The collapse of boundaries also makes it difficult to decide what content is appropriate and can be distributed. Nissenbaum (2010) argued that the informational norms of appropriateness and distribution organize the flow within and between contexts. For example, the religious affiliation of a job applicant should not be discussed with a job recruiter (appropriateness), nor should the application be made public (distribution). With the collapse of boundaries in SNSs, however, a “context” is not as clearly delineated as in typical face-to-face interactions, making it unclear what is appropriate and can be distributed.

Although the context collapse in SNSs challenges boundary coordination, users employ different privacy management strategies to re-establish boundaries. Kramer-Duffield (2010) and Stutzman and Hartzog (2012) indicated that users control their information flow by using different forms of social media for different audiences. Users also delete content (wall posts and photo tags) and friends who have access to their profile (Madden, 2012; Young & Quan-Haase, 2013). Moreover, they seem to adapt to the default structure of SNSs, posting only information that is suitable for all audiences (Hogan, 2010). Users can also be very creative in managing their information flow online. boyd and Marwick (2011, p. 22) gave the example of social steganography: “a tactic of hiding information in plain sight driven by the notion of security through obscurity,” where youngsters encrypt their online postings in such a way that they only have meaning for a select audience. Recent work tends to shift the focus from individual to collaborative privacy practices in SNSs (Lampinen et al., 2011; De Wolf, Willaert, & Pierson, 2014; Litt et al., 2014; Litt & Hargittai, 2014; Page, Kobsa, & Knijnenburg, 2012). The study of Lampinen et al. (2011) found how users employ collaborative strategies both in a preventive (e.g. asking for approval before disclosing information that concerns a person involved) and corrective manner (e.g., asking a person to delete content). The study of Litt et al. (2014) suggested that many turbulent instances are caused by others, such as a Facebook friend posting information that is not suitable for all to see, and thus beyond individual control.

Despite this recent shift, it remains unclear what strategies are used in groups (e.g., sports club, youth organization, neighborhood, family) to manage group private information and how the networked environment is of influence. So far, researchers have mainly focused on personal privacy management privacy management – intersected boundary coordination to use CPM terminology – in SNSs. Less is known on how privacy rules are developed in groups and the unified boundary coordination pattern.

In previous research De Wolf et al. (2014) used a quantitative approach to study group privacy in youth organizations and found how different strategies are applied, such as making use of Facebook groups to share group information or having guidelines with regard to what kind of group information can be posted in Facebook. The study further found common bond and the role an individual is attributed within the youth organization to be the strongest predictors of group privacy management. In this study, I further examine the group privacy of Flemish youth organizations using qualitative methods to have a holistic view on group privacy and to better approach their needs. It is through studying the privacy rules and their foundations and occasions of turbulence that we can find the privacy needs of users in SNSs and provide subsequent solutions. Petronio (2002) states that “knowing the way rules develop and function is fundamental to comprehending boundary coordination, boundary turbulence, and the larger privacy management process” (p. 37). “How do youth organizations manage group privacy and what strategies are used?” constitutes the first research question. By comparing offline and online strategies and discussing them further with the participants the challenges for group privacy also become clear. The second research question is as follows: “What are the challenges of group privacy management in Facebook?”

Method

Youth Organizations

Flanders has a rich tradition of autonomous local youth organizations. CHIRO1 consists of 926 local youth organizations with a total of 100 643 people. KSJ-KSA-VSKJ2 overarches 276 local organizations with a total of 30 293 people. In these organizations, based on voluntary commitment, young adults (called “leaders”) from a particular region in Flanders organize recreational activities for children and adolescents (called “members”) of that region. I organized focus groups with local youth organizations affiliated with KSJ-KSA-VKSJ and CHIRO. Through the perspectives of those affiliated with youth organizations I studied how group privacy was managed between groups within the organization and between the organization and the outside world.

12 focus groups were organized, with a total of 78 participants (39 women) among 6 different local youth organizations.3 I did not include the youngest members (under 13 years old) in the study. To discuss the privacy rules of youth organizations we discussed potentially private and sensitive behaviors (e.g., drinking alcohol or smoking). I do not consider these topics appropriate for young children. Table 1 illustrates the demographics and the composition of the focus groups. For example, the third focus group consisted of five female participants, three members and two leaders, with an age between 15 and 22 years old. It is not my intention to provide a representative sample, but to look at how group privacy management strategies are developed and what is challenging. Looking from different perspectives makes it easier to study the negotiation of group privacy. Therefore, I organized two focus groups in each youth organization and sampled on gender and role, two important predictors of group privacy management in Facebook found in previous research (De Wolf et al., 2014).

Table 1. Demographics of the Participants and Composition of Focus Groups.

Focus Group (F)

#


Gender


Role


Age




Men

Women


Member

Leader



Youth organization 1










F1

9


0

9


0

9


1724

F2

7


7

0


0

7


1628

Youth organization 2










F3

5


0

5


3

2


1522

F4

7


7

0


0

7


1724

Youth organization 3










F5

6


0

6


0

6


1621

F6

6


6

0


0

6


1621

Youth organization 4










F7

6


2

4


6

0


1317

F8

7


4

3


0

7


1721

Youth organization 5










F9

6


6

0


6

0


1617

F10

7


7

0


0

7


1819

Youth organization 6










F11

6


0

6


6

0


1415

F12

6


0

6


0

6


1821

Total participants

78


39

39


21

57


13–28

Procedure

All focus groups took place between September and the beginning of December 2013 in the clubhouses of youth organizations during the weekend and lasted for about an hour and a half. The head of a local youth organization was contacted to co-organize the practical part of the focus groups and provide the items needed for the setting (e.g., table, chairs, separate room). Before the focus group began, participants were asked to sign a document of informed consent. Participants younger than 18 years old were asked to let their parents or legal guardians give their informed consent. The conversations were recorded, transcribed and coded. All participants were compensated with a cinema ticket.

Before the focus groups began, the participants filled out a document with general questions concerning their Facebook activity and privacy. All youth organizations used Facebook for sharing photos, communicating with others, as well as for advertising for events and parties they organized. The document asked if the participants ever experienced an embarrassing or problematic group incident on Facebook (yes/no question). Only one youth organization reported privacy turbulence (see Table 2). During the focus groups, however, the participants brought up different examples of turbulence. I also asked them to score the following statements on a 7-point Likert scale, ranging from “strongly disagree” to “strongly agree”: “In our youth organization we have clear rules regarding Facebook” and “I believe that our youth organization controls who has access to information that is of our concern.” Table 2 presents the aggregated number. To measure privacy turbulence, privacy rules and privacy control I used items as developed previously by De Wolf et al. (2014).

Table 2. Privacy Turbulence, Rules, and Control.

Focus Group

Privacy Turbulence

Privacy Rules

Privacy Control

F1

No

M = 2.89

M = 7

F2

Yes

M = 5.71

M = 3.71

F3

No

M = 1.6

M = 4.2

F4

No

M = 6

M = 3.14

F5

No

M = 6.5

M = 3.5

F6

No

M = 6.67

M = 5.66

F7

No

M = 4

M = 5.5

F8

No

M = 3.86

M = 5.71

F9

No

M = 3.17

M = 5.5

F10

No

M = 4

M = 4.43

F11

No

M = 4.67

M = 5.67

F12

No

M = 4.33

M = 3.00

Note: Privacy turbulence: “Has your group ever experienced an embarrassing or problematic incident in Facebook” (Yes/no question); Privacy rules: “Our group has clear guidelines with regard to sharing information in Facebook” (1-7 Likert item); Privacy control: “Our group controls who has access of information that is of our concern” (1-7 Likert item)

Focus groups with pre-existing youth organization groups were set up, so that the participants could elaborate on shared experiences in the comfort of being among familiar faces. Because the research centered on private and sensitive information, participants’ comfort was an absolute necessity. One of the main pitfalls when conducting focus groups with young people is that the approach is not attuned to their developmental needs and capabilities (Gibson, 2012). Therefore, I integrated young-people-friendly eliciting techniques in the study, with a focus on ‘generating’ and ‘interrogating’ meaning. The latter describes the act of reflection and questioning everyday activities, while the former refers to transforming data into new data (Markham, 2013).

In the first part, the participants wrote one word that described what their youth organization meant for them. After they had written down their answer, the participants further elaborated on what they wrote. The exercise made sure that everyone was involved, and clarified the relationships and group boundaries.

The second part of the focus groups focused on boundary coordination in an offline environment. Specifically, I asked the participants to make a ground plan of their previous summer camp, for which they were given a piece of paper and markers. One participant drew the ground plan, while others helped by providing suggestions and remarks. Further on, the participants gave me a tour and elaborated on how they structured and organized their camp. Then, visualizations of potentially private information had to be placed on the ground plan (e.g. pictures of beers, non smoking signs), so to provoke a discussion on offline group privacy. For example, leaders hide their smoking and drinking from members – younger members especially. I noticed that all participants could place a “non-smoking sign” on the map and demarcate where it was and was not allowed to smoke, so to prevent younger members from knowing. Figure 1 gives an impression of this exercise.


Figure 1. The participants in focus group 7 (F7) in the process of drawing their ground plan.

In the third and final part, I asked questions about online group privacy practices. I also showed some propositions (e.g. “Our youth organization has control over who has access to private information”) in a sequence, and the participants had to answer with a green (I agree) or red (I do not agree) card. The propositions were formulated broadly, which forced the participants to reflect on their practices.

Data Analysis

The recordings of the focus groups were transcribed and coded using Strauss and Corbin’s approach (1990): moving from a procedure focused on examining salient categories (open coding); to grouping (sub)categories that seem to relate (axial coding); to producing a set of themes and theoretical propositions (selective coding).

In a first stage of analyzing the data, every word that appeared significant was coded. A close connection between the codes and the qualitative data was maintained, meaning that no categories or further dimensions were made yet. Simultaneously, during the first stage, I took notes about reoccurring answers throughout the focus groups, examples of group privacy management strategies and marked sections that displayed remarkable or problematic issues. In the next stage I made categories of different open codes, introducing the interpretation of the researcher for the first time. The open codes were categorized and three themes emerged: 1) codes that describe the goal, role and relationships of youth organizations; 2) codes that describe their privacy practices for different types of information; 3) and codes that present new media technologies and settings. In the final stage the interpretation of the researcher was introduced for the second time by coupling the three themes with theoretical concepts as delineated in the literature, such as privacy rules and turbulence.

Results

The research questions center on group privacy management strategies and challenges of youth organizations. In the following sections I will first discuss the youth organization’s goal, role and relationships to contextualize the privacy rules and boundaries of the groups. Next, I consider what strategies were used to coordinate boundaries at summer camp (offline). Hereafter, group privacy management in Facebook (online) is discussed. Finally, the challenges for group privacy management in Facebook found in this study are summarized.

Youth Organizations: Goal, Role and Relationships

In a first exercise the participants wrote one word that described what their youth organization meant to them. It quickly became clear that the participants’ youth organizations were considered very important. The following quotation from Alan illustrates the overall sentiment expressed by many.

F4 Alan (23 years old, male, leader): ‘My Life’—That’s what I wrote down. I really mean it. Everything I do is marked by my youth organization.

The participants described their youth organization with terms such as ‘fun,’ ‘amusement,’ ‘joy,’ and ‘entertainment,’ and in their elaboration, they labeled other members as friends. To learn more about how they perceived this group of friends, I provoked them to make a comparison with other contexts (e.g., ‘Is it the same as going to a bar with friends?’). The latter clarified another aspect of their youth organization: guidance and learning. Although they did many things that a normal friend group would do, they felt responsible toward the other members and even defined their actions as a part of ‘larger project’.

F4 Braxton (22 years old, male, leader): Building the future.
Interviewer: You wrote that down. Why?
Braxton:
In the beginning, you start making friends; you learn how to act in a group and work together. When you become a leader, you organize fun activities and let younger ones have a good time. You teach them norms and values in the process.

I asked them to compare themselves with other socialization agents (e.g., ‘Do you consider yourselves to be teachers?’) to learn more about their ‘educational’ role. None of them wanted to label themselves as a teacher, parent, or another type of educator. Only younger members sometimes treated them like this.

F5 Luna (21 years old, female, leader): Younger ones often call us ‘Miss Luna’ or ‘Miss Jasmine’ instead of just calling us by our first name. We often correct them, but they keep on saying it. Those little ones really treat us as a mother figure. When they hurt themselves, they want a hug; when they go to sleep, they want a bedtime story.

Overall, the leaders defined their role as less strict and formal than that of a teacher, a perception that was also confirmed in the focus groups that only included members. Two conclusions can be derived from the first exercise. First, for many, it would have been difficult to say that their participation in youth organization life was just another hobby. Second, the relationship between leaders was defined by friendship, whereas the relationship between leaders and members is also interwoven with a role of responsibility. The definition of the relationships within the youth organization as well as the goal of the organization is important to understand how privacy rules are negotiated and expressed, as will be illustrated in the next sections.

Offline and Online Group Privacy Management Strategies

Group privacy management at summer camp. Each year leaders organize a summer camp for younger and older members (minimum age: 6 years old). At summer camp the days are filled with activities such as hiking, canoeing and building rafts. In the focus groups we discussed the daily life at summer camp and how it was organized, with special attention devoted to boundary coordination and group private information. The boundary coordination at camp was most obvious when looking at how the tents were organized (the participants were instructed to draw a ground plan of their camp). Leaders’ and members’ tents were clearly separated. Towards younger members very basic strategies were employed to make sure they did not go into the tents of their leaders.

F6 Levi (18 years old, male, leader): Towards the younger ones we say that a monster or ‘fatty’ sleeps in there [referring to their tent] and that they will be eaten alive when they come too close [laughs]. You would expect them to be curious and go and look, but when you tell them not to go near they really don’t.

In most youth organizations a minority of the leaders smoked. Various privacy rules were developed to prevent (younger) members from knowing this and centered on limitations in time and space. In each focus group the participants could easily point out on the ground plan where it was permitted to smoke and when.

F2 Gabriel (23 years old, male, leader): Around four o’ clock I usually signal my co-leader that I’m [going] away for five minutes to smoke a cigarette.
Kayden (27 years old, male, leader):
We always mention it to one another. I still remember from when I used to smoke that you have to keep the other leaders informed.

When older members smoked they had to receive permission from their parents. The leaders co-coordinated the boundaries of these members so to prevent younger members from knowing. The responsibilities and rights over the control of the information were shared, but with the leaders having the upper hand. Next to limitations in time (e.g., only when the younger members were off to bed) and space (e.g., a specific area), they were also limited in how many cigarettes they were allowed to smoke. Drinking alcohol was also subjected to limitations in time and space. The rules for alcohol and smoking were different in the sense that alcohol was also treated as a reward or a sign of trust between leaders and older members. Specifically, older members were allowed to drink beer on certain occasions (e.g., at campfire).4 Hence, the boundaries for alcohol are more permeable than those for smoking to use CPM terminology.

F3 Fiona (15 years old, female, member): I really like it when they [referring to their leaders] allow us to [drink one beer]. Not everyone drinks alcohol. But knowing we are allowed to is rather nice.

In everyday life, most participants made much use of social media and smartphones. New media, however, were subject to certain rules at camp. Younger members are not allowed to bring smartphones, while older members had to hand over theirs. The leaders developed these rules primarily because their members would be preoccupied with them, but they also wanted to limit the communication with the outside world. The below quote exemplifies the latter.

F12 Alana (18 years old, female, leader): We’ve had a heavy storm at camp and a couple of our tents were torn down. We needed to evacuate and move to the closest farm for shelter. One of the cooks at our camp posted the situation on Facebook, but we didn’t had a chance to inform the parents first. So we were kind of worried that they would think we wouldn’t have everything under control.

The youth organizations did not reject social media completely at camp. They found social media very useful to connect with the outside world and inform parents that everything was all right.

F5 Luna (21 years old, female, leader): It’s a rule that you don’t put information on Facebook when you are at camp.
Interviewer: Why not?
Luna:
Because you do not control the situation. We never check our smartphones and imagine one of the members putting information on Facebook.

Further on the participants in focus group 5 (F5) mentioned the following:

F5 Jasmine (21 years old, female, leader): On our website, the cooking team puts a small message on our website every day during camp.
Laura (18 years old, female, leader):
They just put a little text online with what the children have done that day, and that’s it. It keeps the parents happy.

Overviewing the boundary coordination at summer camp it is noticeable that spatial, temporal and social rules are used to manage group information. Rules apply to both behaviors and information about behaviors. In line with CPM theory (Petronio, 2002) I noticed both explicit rules (timing parameters, disclosure warnings) and implicit rules that were internalized and taken for granted. The changing environment (e.g., a heavy storm at camp) also illustrated how youth organizations were occupied with synchronization (e.g., making sure parents were not anxious). The following section shows how group boundaries are coordinated in Facebook, a SNSs that was very popular among all youth organizations.

Group privacy management in Facebook. De Wolf et al. (2014) previously found that the usage of Facebook groups - an option in Facebook to share information with a predefined group of people – was a popular strategy among Flemish youth organizations to share group information. In this study it was found that the youth organizations especially made use of Facebook groups to control group information. The groups they made resembled those of the bans that existed within the youth organization. Hence, a separate space was created for them to interact while adhering to their youth organization’s structure. They also developed rules for when people left the youth organization. The conversation below shows how this was done.

F5 Katherine (21 years old, female, leader): It’s a [Facebook] group for active leaders only. When people leave the youth organization they are removed from the Facebook group.

The participants also made use of other group privacy management strategies. Some groups were rather strict on boundary linkages and developed rules on accepting and deleting Facebook friends. In Focus group 5 and 6, the leaders even told of a control agent they created to make sure that the group privacy rules were maintained.

F5 Laura (18 years old, female, leader): We created Facebook police because you cannot be Facebook friends with members of our youth organization.
Interviewer: “Facebook police”, can you explain to me how it works?
Laura (18 years old, female, leader): When you become a leader in our youth organization you are not allowed to be Facebook friends with one of the members. Not even the oldest members. So the Facebook police [referring to the two head leaders of the youth organization] scan for members in the Facebook friendslist of all leaders.
Katherine (21 years old, female, leader): You have to delete them after that.
Laura:
It seems ridiculous, but it’s pretty serious. Imagine those young ones seeing pictures of you. Everyone drinks a beer or goes out to party.

In the discussions I had with the participants it became clear that the youth organizations developed various rules that centered on permeability, linkages and ownership: deleting inappropriate content (e.g., a picture of a leader in uniform drinking a beer), developing rules on audience management (e.g., not accepting parents of members as Facebook friends) and the type of content that could be placed publically on Facebook (e.g., make sure that younger members have limited access to pictures of leaders that are smoking or drinking alcohol).

Table 3 gives an overview of the different strategies that were found.

Table 3. Overview of Group Privacy Management Strategies Used in Youth Organizations.

Group privacy management strategies

Example

Establishing spatial boundaries



Creating Facebook groups for sharing information with a defined group of others.

Making use of different SNSs for disclosing different sorts of information.

Establishing temporal boundaries

Removing leaders/members from a Facebook group when they leave the youth organization.

Managing content together

Organizing a slide show evening where all pictures of camp are presented and a selection is made before it is allowed on Facebook or website.

Deleting online information that can be harmful for the youth organization.

Managing audiences together

Not accepting parents or (young) members as a Facebook friend.

Making use of Facebook groups or chat to discuss group information.

Creating a control agent

Scanning profiles and enforcing group privacy rules (e.g., “Facebook police”)

Considering Table 3, I argue that similar strategies were found with previous research that focused on personal privacy management (e.g. Kramer-Duffield, 2010; Stutzman & Hartzog, 2012; Young & Quan-Haase, 2013). boyd and Marwick (2011) found in their research that young users of SNS develop social strategies online and move beyond the settings that are offered by SNSs. The current study also shows how they can be creative on a group level, by translating the youth organization’s internal structure into the Facebook groups or by creating a control agent to preserve the established boundaries (e.g., “Facebook police”).

Group Privacy Management Challenges

The second research question asked about the challenges of group privacy in Facebook. By comparing and discussing the offline and online privacy two factors were found to be challenging for online group privacy management: making the rules and boundaries explicit and dealing with the tension between individual and group privacy.

Many rules to coordinate boundaries at camp were considered to be self-evident and routinized (e.g., “It’s self-evident that you shouldn’t drink beer by day,’ or ‘it’s obvious that you shouldn’t smoke in front of younger members). Their privacy rules were often implicit and structured in their practices. The context collapse in SNSs, however, asks users to define their relationship with others and manage their information flow and boundaries in an explicit way. When bringing up the idea of the “Facebook police”, brought up in F5 and F6, which seemed to be a pretty effective strategy, most replied in a negative manner and found it to interfere too much with their personal lives. The tension between the individual and group level became especially clear in the third exercise as the participants were asked to reflect on certain statements.

F10 Interviewer: “I decide for myself what I post on Facebook and whom I accept as a Facebook friend.” [Interviewer reads this statement aloud]
Fabian (18 years old, male, leader):
It’s your own Facebook account. Other people should not decide what you post and [do] not post.
Pete (18 years old, male, leader
): There is no one who can tell me what to do on Facebook, except for my mom (laughs).
F11 Marie (14 years old, female, member):
How can it be any different than that? It’s your own profile. Nobody else can make such decisions.

Nearly all of the participants followed a similar discourse, which was rather paradoxical for those that appropriated very strict rules. When confronting them with their self-contradictory line of thinking, Trenton questioned the differentiation between the group and the individual level.

F6 Trenton (21 years old, male, leader): I completely agree with what the organization tells us to do. I also favor not becoming Facebook friends with members on Facebook. Maybe this is a bit strange and hard, but you aren’t “friends” with the members. That’s not appropriate.

Group privacy rules were perceived as an individual choice because they were negotiated within the youth organization. Moreover, it frequently became clear that the participants were creative in balancing their individual and group identities on Facebook. For example, Lauren had a couple of members as a friend in her Facebook account, but she did not want to add all of them to preserve her individual privacy. She did, however, wanted to create a Facebook group with all members for sharing group information. She chose the following strategy.

F12 Lauren (20 years old, female, leader): I’m a Facebook friend with only four or five members. So I created a group, added them, and asked them to add the others I wasn’t a Facebook friends with but I knew they were.

CPM theory states how a privacy turbulent experience makes people re-establish boundaries (Petronio, 2002). Having to make privacy management strategies explicit and the co-presence of personal and group boundaries, I noticed, left their mark on how turbulence was perceived and handled. Many participants argued that they made use of tag controls to make sure that their Facebook friends did not see any embarrassing pictures posted by others. Asking the “perpetrator” to delete such content was often considered a step too far. Braxton talked about how he did not react to an embarrassing picture of himself on Facebook taken by someone at his birthday party, to avoid making a scene – and hereby not making his personal boundaries explicit.

F4 Interviewer: What did you do?
Braxton (22 years old, male, leader):
Me? Nothing. What are you going to achieve when you react to such posts? You can confront them, but then you also create a very unpleasant situation. It’s not worth my time. I will not let them provoke me. I do think it’s ridiculous and a lack of respect towards my privacy.

The co-presence of the group and personal identity in Facebook also complicated what should be labeled as something turbulent.

F12 Rayne: We did have a discussion on other stuff [hesitating].
Interviewer: I am not trying here to come to terms with the past. But can you tell me something more about this discussion?
Rayne (19 years old, female, leader):
There are things online through which it seems that the members are too close with the leaders. We think that there should be some sort of “wall” between the leaders and the members, and in some of the conversations on the newsfeed [referring to communication between a leader and member in Facebook], it wasn’t that clear.

The conversation with Rayne clarified how the co-presence of different sets of privacy rules (group and individual) challenges the perception of turbulence. While Rayne thought from the perspective of the group, the leader who communicated publicly with a member on the Facebook News Feed did not.

Discussion

Main Results and Reflections

CPM theory states that people need to coordinate boundaries for privacy management (Petronio, 2002). Privacy research in Facebook has mainly focused on intersected boundary coordination and individual information. This research contributed by studying unified boundary coordination or group privacy management of youth organizations. 12 focus groups were set up to discuss the practices with young adults and adolescents of local youth organizations in Flanders.

The results show different ways of managing online group privacy, such as developing rules about accepting and deleting Facebook friends, managing content together, or making use of multiple sites to distribute group information (Facebook and the youth organization’s website). Although the context collapse is dealt with by groups, there are factors that challenge group privacy. First, the privacy rules have to be made explicit. This requires users to actively create boundaries that were not necessary or previously routinized. For example, it was noticed that the leaders had difficulties in defining their relationships with older members. Facebook asks users to define relationships by accepting or refusing Facebook friend requests. Even though other means are available to fine-tune those relationships and content sharing (e.g., allowing users access to the main Facebook profile but limiting what content they are able to see), it still requires thinking about and defining relationships. Second, a compromise has to be found between individual and group privacy rules. It might as well be that an individual user wants to add a person as a Facebook friend, but the group he or she belongs to prohibit this, creating a tension between the individual and group.

Privacy turbulence was sometimes ignored or not defined as such to avoid a confrontation. Litt and Hargittai (2014) previously argued that an online reaction could make a turbulent event even more turbulent by drawing unwanted attention or potentially offend those who unknowingly caused for turbulence. The qualitative data of this study are in agreement with these arguments. Handling privacy turbulence, and making boundaries explicit, is challenging. Moreover, the definition of turbulence is unclear: what informational norms apply and determine when and if a violation has occurred – to use Nissenbaum’s terminology (2010) – is difficult to answer in an environment with context collapse.

The focus groups were sampled based on gender and role. Both were found to be important predictors of group privacy management in Facebook (De Wolf et al., 204). In this study, however, no clear differences were found between the privacy practices of men/women or member/leader.

Recommendations

The results indicate that the group information flow in Facebook is coordinated but groups need to compensate for the exacerbation of context collapse. In face-to-face interactions the situation co-defines the boundaries (e.g. at work you have the role of a colleague, which helps in deciding what topics are appropriate and which ones are not). In SNSs users are given more responsibility in defining the situation and establishing boundaries. CPM theory has elaborated boundary coordination for privacy management, how mutually agreed-upon privacy rules need to be negotiated and how turbulence is of influence (Petronio, 2002). Because the situation in SNSs is constantly changing it is difficult for privacy rules to become routinized and implicit. Moreover, it is difficult to differentiate between borders because individual and group boundaries are co-present. To further understand (group) privacy in SNSs I advise researchers to take into account the dynamics of SNSs (see boyd, 2010), the constant reflexivity that is required of users to manage the context collapse and the alignment between individual and group privacy management.

Lampinen et al. (2011) and Wisniewski et al. (2012) recommend service providers to support the negotiation process of content, audiences and boundaries, and ease the burden on individual users in SNSs. Because implicit rules need to be made explicit, personal boundaries may conflict with group boundaries, and privacy turbulence is difficult to define, I argue that groups could also benefit from a space where the negotiation process is stimulated and supported. At the moment tag controls in Facebook can help individual users to prevent posts and photos that are shared by others to be visible on one’s personal profile (i.e. Timeline). For group information a similar function could be offered to groups, so every member has to give his or her consent before a group photo or post becomes visible to certain audiences. Moreover, an online space could be provided for groups where the group information is available, can be managed and discussed.

Limitations and Future Research

This research is limited because it is focused on the practices of one type of group in Facebook. People, however, belong to many different groups (family, close friends, sports clubs, etc.) and develop different sets of privacy rules. Future research should therefore focus on studying how group information is managed in other platforms (e.g. Twitter, Snapchat, LinkedIn) for other populations (e.g. older generations) and environments (e.g. work environment) to have a more holistic view on group privacy. In the sample, leaders were overrepresented in comparison to members. I mainly focused on leaders because they are responsible for the members and have to coordinate boundaries internally and to the outside world. To have a good understanding of the unified boundary coordination of younger people further research is necessary. The privacy practices were studied through the perspectives of those who belonged to the group. It would be useful to study the overarching policy of a group regarding boundary coordination in SNSs – if any exists – and how this aligns with their practices. This study focused on group privacy management strategies and challenges, without further comparing other types of group privacy management (e.g. intergroup versus intragroup). Unified boundary coordination in the context of SNSs is rarely studied. Because of my interest in this boundary coordination pattern psychological development differences were not taking into account in the sampling or controlled for. Finally, in table 2 an inverse relationship was sometimes found between the implementation of group privacy rules and perceived group control. A positive correlation was expected between these variables, in line with CPM theory. A possible explanation could be that the groups who score high on group privacy rules have the need to express that as a group you do not have everything under control. Hence, a low score on group control can be seen as a justification for their implementation of privacy rules on a group level. In a similar fashion, the groups who score low on implementing group rules justify their practices through stating that they control the situation. Future research is necessary to support or reject these hypotheses.

Conclusion

SNSs challenge the privacy management of users. Previous research, however, has shown how users manage their personal information flow in SNSs despite its fluid and open architecture. Group privacy management, or the process of concealing and revealing of group private information by group members is less studied. In this study group privacy management strategies and challenges were examined. The results show how a variety of strategies are used to coordinate the group information flow. Making privacy rules and boundaries explicit and the co-presence of individual and group boundaries, however, were found to be challenging.

Notes

1. CHIRO is not an abbreviation but a contraction of the Greek letters ‘C’ (chi) and ‘R’ (rho) that refer to Jesus
2. KSJ-KSA-VKSJ is an abbreviation in Dutch: Katholieke Studerende Jeugd [Catholic, education and youth]- Katholieke Studenten Actie – [Catholic, students and action]; Vrouwelijke Katholieke Studerende Jeugd [Catholic, women, students and youth].
3. On an average the local youth organizations consisted of 136 people in total, with an average of 18 leaders and 14 oldest members.
4. In Belgium, 16 year olds are allowed to drink alcoholic beverages that contain a maximum of 5 percent alcohol. 18 year olds are allowed to drink strong liquor.

Acknowledgement

The research leading to these results has received funding from the Strategic Basic Research (SBO) Program of the Flemish Agency for Innovation through Science and Technology (IWT) in the context of the SPION project (www.spion.me) under grant agreement number 100048. I would like to thank Mark Johns, Jennifer Dunn, Annette Markham, Camille Johnson-Yale, Lien Mostmans, Paulien Coppens and the anonymous reviewers for their constructive feedback and suggestions regarding this study.

References

Bernstein, M. S., Bakshy, E., Burke, M., & Karrer, B. (2013). Quantifying the invisible audience in social networks. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (pp. 21–30). New York, NY, USA: ACM. http://dx.doi.org/10.1145/2470654.2470658

boyd, d. (2010). Social network sites as networked publics: Affordances, dynamics, and implications. In Z. Papacharissi (Ed.), A networked self: Identity, community, and culture on social network sites (pp. 39–58). New York: Routledge.

boyd, d., & Hargittai, E. (2010). Facebook privacy settings: Who cares? First Monday, 15(8). Retrieved from http://firstmonday.org/ojs/index.php/fm/article/view/3086

boyd, d., & Marwick, A. E. (2011). Social privacy in networked publics: Teens’ attitudes, practices, and strategies (SSRN Scholarly Paper No. ID 1925128). Rochester, NY: Social Science Research Network. Retrieved from http://papers.ssrn.com/abstract=1925128

Coussée, F. (2006). De Pedagogiek Van Het Jeugdwerk [The pedagogy of youth work]. Gent: Academia Press.

De Wolf, R., Willaert, K., & Pierson, J. (2014). Managing privacy boundaries together: Exploring individual and group privacy management strategies in Facebook. Computers in Human Behavior, 35, 444–454. http://dx.doi.org/10.1016/j.chb.2014.03.010

Gibson, J. (2012). Interviews and focus groups with children: Methods that match children’s developing competencies. Journal of Family theory and Review, 4, 148-159. http://dx.doi.org/10.1111/j.1756-2589.2012.00119.x

Hogan, B. (2010). The presentation of self in the age of social media: Distinguishing performances and exhibitions online. Bulletin of Science, Technology & Society, 30, 377–386. http://dx.doi.org/10.1177/0270467610385893

Kramer-Duffield, J. (2010). Beliefs and uses of tagging among undergraduates. University of North Carolina, Chapel Hill.

Lampinen, A., Lehtinen, V., Lehmuskallio, A., & Tamminen, S. (2011). We’re in it together: Interpersonal management of disclosure in social network services. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (pp. 3217–3226). New York, NY, USA: ACM. http://dx.doi.org/10.1145/1978942.1979420

Litt, E. (2012). Knock, Knock. who’s there? The imagined audience. Journal of Broadcasting and Electronic Media, 56, 330–345. http://dx.doi.org/10.1080/08838151.2012.705195

Litt, E. (2013). Understanding social network site users’ privacy tool use. Computers in Human Behavior, 29, 1649–1656. http://dx.doi.org/10.1016/j.chb.2013.01.049

Litt, E., & Hargittai, E. (2014). A bumpy ride on the information superhighway: Exploring turbulence online. Computers in Human Behavior, 36, 520–529. http://dx.doi.org/10.1016/j.chb.2014.04.027

Litt, E., Spottswood, E., Birnholtz, J., Hancock, J. T., Smith, M. E., & Reynolds, L. (2014). Awkward Encounters of an “other” kind: Collective self-presentation and face threat on Facebook. In Proceedings of the 17th ACM Conference on Computer Supported Cooperative Work & Social Computing (pp. 449–460). New York, NY, USA: ACM. http://dx.doi.org/10.1145/2531602.2531646

Madden, M. (2012). Privacy management on social media sites. Pew Internet & American Life Project, Washington, DC. Retrieved from http://pewinternet. org/Reports/2012/Privacy-management-on-social-media.aspx

Markham, A. (2013). Remix cultures, remix methods: reframing qualitative inquiry for social media contexts. In N. Denzin & M. Giardina (Eds.), Global dimensions of qualitative inquiry. Walnut Creek, CA: Left Coast Press, 63–81.

Marwick, A. E., & boyd, d. (2014). Networked privacy: How teenagers negotiate context in social media. New Media & Society, 16, 1051-1067. http://dx.doi.org/10.1177/1461444814543995

Nissenbaum, H. F. (2010.). Privacy in context: Technology, policy, and the integrity of social life. Stanford, CA: Stanford University Press.

Page, X., Kobsa, A., & Knijnenburg, B. P. (2012). Don’t Disturb my circles! Boundary preservation is at the center of location-sharing concerns. In Sixth International AAAI Conference on Weblogs and Social Media. Retrieved from https://www.aaai.org/ocs/index.php/ICWSM/ICWSM12/paper/view/4679

Petronio, S. (2002). Boundaries of privacy: Dialectics of disclosure. State University of New York Press.

Strauss, A., & Corbin, J. (1990). Basics of qualitative research. Grounded theory procedures and techniques. Newbury Park: Sage.

Stutzman, F. & Hartzog, W. (2012). Boundary regulation in social media. In Proceedings of the ACM 2012 conference on Computer Supported Cooperative Work (pp. 769-778). New York, NY, USA: ACM. http://dx.doi.org/10.1145/2145204.2145320

Vitak, J. (2012). The impact of context collapse and privacy on social network site disclosures. Journal of Broadcasting & Electronic Media, 56, 451–470. http://dx.doi.org/10.1080/08838151.2012.732140

Vitak, J., & Kim, J. (2014). “You can’t block people offline”: Examining how Facebook’s affordances shape the disclosure process. In Proceedings of the 17th ACM Conference on Computer Supported Cooperative Work & Social Computing (pp. 461–474). New York, NY, USA: ACM. http://dx.doi.org/10.1145/2531602.2531672

Wang, Y., Norcie, G., Komanduri, S., Acquisti, A., Leon, P. G., & Cranor, L. F. (2011). “I regretted the minute i pressed share”: A qualitative study of regrets on Facebook. In Proceedings of the Seventh Symposium on Usable Privacy and Security (pp. 10:1–10:16). New York, NY, USA: ACM. http://dx.doi.org/10.1145/2078827.2078841

Wisniewski, P., Lipford, H., & Wilson, D. (2012). Fighting for my space: Coping mechanisms for sns boundary regulation. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (pp. 609–618). New York, NY, USA: ACM. http://dx.doi.org/10.1145/2207676.2207761

Young, A. L., & Quan-Haase, A. (2013). Privacy protection strategies on Facebook: The internet privacy paradox revisited. Information, Communication & Society, 16, 479–500. http://dx.doi.org/10.1080/1369118X.2013.777757


Correspondence to:
Ralf De Wolf
Department of Communication Sciences
Ghent University
Korte Meer 7-9-11
9000 Gent, Belgium

Email: Ralf.DeWolf(at)ugent.be