Instant Messaging: logging Loopholes in Privacy
Written December 1, 2004

We type. We type everything - our ideas, our views and our personalities. We type endlessly and effortlessly, layers of text windows opening, closing and multiplying at will. We, the digital generation, are fully aware that the sea of language flowing across our screens is a complex societal microcosm, our digitized social lives. We are alone at our computers and yet we are with everyone we know. We are instant messengers.

Instant messaging (IM) is quickly becoming an essential communications medium for students and young people. We like it because it’s efficient – multiple one-on-one conversations at the same time help us maintain our ever-increasing social networks. We like it because it helps us identify ourselves – choosing the handles which define us in IM’s digital playground is really a careful process of selecting how our social identity is constructed for others. But more than anything, we like instant messaging because it is extremely simple and informal. The process is effortless. Select a recipient, open a text box and type a comment – any message at all – and wait for a reply. There’s no spell checker here, no enforcement of grammatical rules or standards, but there’s also no opportunity to erase your words once you’ve hit the Enter key. Instant messaging is fluid conversation; mind to fingers just as speaking is mind to mouth, encompassing all of the gravity and superficiality of interpersonal dialogue. Messenger talk can cover an entire gamut of topics, from idle procrastination to gossip to grippingly serious discussions about relationships or academia. Anything you can say, we can type – and we do. The Canadian Wireless Telecommunications Association claims that Canadians send more than one million text messages a day via wireless devices (Buckler) and this is only the tip of the iceberg – this figure doesn’t include the exponentially larger group of people using desktop PCs and popular instant messenger clients such as MSN and ICQ. It’s not a fad, it’s a standard - instant messaging is rapidly becoming an important social portal for the digital generation, gathering the people in our lives together into a single virtual environment. We frequently sit at our computers and manage our relationships with words, immersing ourselves in the language of our acquaintances for a while before shutting down and detaching ourselves from the wide, wide world. But where do these words go when the windows close? We type, but what happens to our digital voice?

Many users would be surprised to find out that all leading IM clients today – MSN, ICQ, Yahoo Messenger and so forth – create logs, archived history of sent and received messages, of every conversation the user has as a default function. This feature is not widely advertised and can be disabled on individual machines, but typically underlies the software and dutifully records every communication unless specified otherwise. Viewing message history has certain advantages: recalling specific information such as addresses, for example, or finding out what you might have said when you were terribly inebriated the previous night. But, more importantly, message logging raises some serious issues. What happens when a medium used for informal conversation is equipped to digitally archive everything that you “say” and “hear”? How is our privacy affected when a communication structure that we use so glibly and yet for so many serious purposes is taking the most trivial and personal of opinions and permanently recording them? Does this technology pose a serious threat to our privacy?

Firstly, I would like to build a contextual framework for privacy as it relates to instant messaging. Richard Lippke provides a broad definition: “Generally, there is a consensus that [privacy] involves two things: (1) control over some information about ourselves; and (2) some control over who can experience or observe us” (Lippke 342). These concepts apply directly to instant messaging: IM software allows users to reveal as much or as little personal information as they choose at any given time, and is loaded with features which control how others experience them online. The Block option, in particular, is a device for protection of privacy – any person can use this function to prevent another individual from ever seeing them in the virtual messenger environment. As a medium, IM has obviously taken steps to protect the privacy of its users and this privacy is paramount to a comfortable social experience, whether online or not. Also applicable is James Rachels’ theory of privacy as an important factor in social identity construction. Rachels suggests that privacy is an integral part of separating the relationships in our life, claiming that we reveal appropriate ‘faces’ depending on social circumstance - professional, friendly, intimate and so forth - and hide aspects of our personalities deemed inappropriate. He concludes that “because our ability to control who has access to us, and who knows what about us, allows us to maintain the variety of relationships with other people that we want to have, it is, I think, one of the most important reasons why we value privacy” (Rachels 295). This social construction is also relevant in IM and online interaction – one might talk about sex and other bawdy topics with longtime friends over MSN, but conversation with a new acquaintance or coworker would typically be far more conservative and structured. We reveal ourselves to others as we feel it appropriate and because instant messaging is primarily composed of one-on-one conversations, the ‘faces’ we present, even simultaneously, can be drastically different depending on who we’re relating to. Privacy is integral to separating and maintaining these social images. Finally, James Moor addresses the general threats which technology poses to privacy: “Given the ability of computers to manipulate information – to store endlessly, to sort efficiently, and to locate effortlessly – we are justifiably concerned that in a computerized society our privacy may be invaded and that information harmful to us might be revealed” (Moor 289). He then proceeds to suggest that “In a computerized world we leave electronic footprints everywhere and data collected for one purpose can be resurrected and used elsewhere” (Moor 291). This point, I think, summarizes the basic privacy concerns that are brought into play by instant messaging logging. If we treat IM like a conversational extension, informal and an interchangeable site of both casual and important personal discourse, a lot of information about ourselves is available for dissemination. Our words, no matter how flippant or introspective, are preserved as permanent information in message histories, leaving us vulnerable with our privacy threatened on a number of levels.

The most obvious privacy issues at stake here are social – words and phrases twisted and contextualized to become embarrassing, blackmail or conflictive. Much like verbal conversation, nearly everyone lets something inappropriate slip at one point or another. The key difference is that instant messaging preserves these instances in their quotable entirety and serves them in a digital format which is infinitely reproducible and distributable through the Internet. What’s more, the nature of IM logging dictates that two copies of each conversation are saved – one on each computer. Suddenly your dialogue is under someone else’s control and they have a veritable stash of linguistic ammunition to use against you should they choose to do so. While you conversely have their text at your disposal, the fact remains that instant messaging logs effectively reduce the control that you have over your own voice, your own words, by recording them and giving the records to others. As specified in Professor McNulty’s lecture notes, a distinctive violation of privacy is the process of “keeping or collecting extensive information” (McNulty) – which is exactly what our friends’ IM logs do to us, and ours does to them. Through IM, our dialogue becomes instantly reproducible and our privacy, as defined by Lippke as our ability to control information about ourselves, is consequentially affected, particularly when that information is used to harm us.

Additionally, the chance of message histories suddenly becoming a form of testimony or legal evidence is increasing. Recent proposals by the Canadian police are requesting “increased powers [which] would take the form of warrants to monitor Web surfing, mobile telephones, e-mail, instant messaging and phone services that use Internet connections” (Foster). If this were the case, IM logs would be an obvious detriment to privacy as excerpts from any informal, personal conversation could be accessed and potentially used to harm the user. While the legal ramifications are suspect – for instance, how would one go about proving that an individual was actually responsible for typing a specific incriminating sentence? – a threat to personal privacy is certainly present in the opportunity for authority figures to seize and peruse records of casual conversation.

Another primary danger which IM logs pose to privacy is the potential for deconstruction of the individual identity and social ‘faces’ as described by Rachels. I recall a story told to me by a girl whose ex-boyfriend was in the habit of reading her MSN message histories with other users while she was at class. She was oblivious of this until one day he confronted her, demanding to know why she was so affectionate with certain boys on her contact list while her conversations with him seemed jilted by comparison. I never learnt why, exactly, but she did tell me that she felt like her privacy had been invaded and that she reacted with a great deal of anger to this intrusion. And understandably so – the boy had effectively, without permission, peeled back all of her social identities and broken down the walls of privacy which allowed her to separately manage her relationships. IM logs, by their functionality, lay each of these ‘faces’ side-by-side as texts for the perusal and analysis of anyone who reads them – the unauthorized viewing of which would be an obvious violation of privacy by Rachels’ definition. In the right hands, these message histories could even be used to build a psychological or psychographic profile of an individual for targeted marketing and consumer analysis purposes – an even more clear-cut invasion of privacy. If privacy is essential to maintaining our interpersonal relationships and building our social identities, message histories pose a distinct threat to that process.

Unauthorized viewing of IM logs isn’t even that difficult. As the previous example indicates, many people treat instant messaging with an attitude of nonchalance – leaving themselves online while they are physically elsewhere, signing onto public computers and forgetting to log out later, allowing others access to their accounts. The dangers even exceed the personal sphere. Research analyst Melanie Turek, who primarily works with IM safety in a business context, notes that “The consumer-based services really don’t have any kind of security in place at all” (Buckler). Home computers and popular IM software are vulnerable to intrusion from largely-anonymous probes via the Internet. Message history logs are certainly not exclusively restricted to the eyes of the user in terms of effective privacy.

So, if IM logs are far from secure and their contents provide a number of opportunities for privacy invasion, what can we do to regain our control without crippling instant messaging functionality? Well, we can, as Moor suggests, “create zones of privacy” and foster “informed consent” (Moor 299). In the context of message logging, this can be achieved by requiring users to set permission levels for each of the people they talk to, allowing each individual to choose which of their friends are permitted to keep IM logs of conversations (if they so choose). Additionally, IM users should be given the effortless opportunity to request that any given conversation not be logged by either user’s computer by selecting an option from within the software interface, without needing to provide notification or explanation. Instant messaging software should be more straightforward and vocal about the logs it creates and give users plenty of explanation and opportunity to customize the feature to their desired level of privacy. And finally, measures should be taken to make message histories more difficult to reproduce and transfer across the Internet, either by restricting copy and paste access to the text to a permission-based model or by eliminating interactions with the log entirely. By placing power over the digital dialogue “spoken” by IM users back into their own hands, threats to privacy generated from loss of control over personal information are stunted.

While instant messaging is, so far, not a site of serious privacy abuse, its rising status as a primary vehicle of social interaction lends the medium increasing weight when examining issues of potential violation. A simple dispute between roommates over one impersonating the other’s virtual identity on MSN may seem inconsequential now, but as people increasingly conduct their social affairs and maintain their relationships online, IM security and privacy will become more pressing issues to address. As theorists become more comfortable with discussing the nuances of this new medium, additional issues will surface. For example, I know from personal experience that it is a distinctly uncomfortable feeling to have your own words hurled against you in an argument, to make a point and then be faced with your own dialogue, flung at you from the past via cut and paste from message history, insolubly revealing a flaw, a hypocrisy in your position. Is this a new type of privacy violation, to have your own past raided and used against you in this manner? Perhaps, but that is an issue for future consideration. For now, it is enough to know that instant message logging opens a number of problematic opportunities for privacy invasion on a number of levels. The digital generation may type, but without proper protection from intrusive behaviour and abuse, we’ll be so confined by fear and guarded suspicion that we’ll never actually share any of our ideas.

Works Cited

Buckler, Grant. “Instant messaging replacing pagers in the enterprise” in Computing Canada Mar 26, 2004. Vol. 30 Iss. 4 P. 18.

Foster, Scott. “’Lawful access’ debate heats up” in Computing Canada Sept 24, 2004. Vol. 30, Iss. 13, P. 1.

Lippke, R.L. “Work Privacy and Autonomy” in Moral Issues in Business Vol. 8, Pp. 342-349. Wadsworth Publishing Company, 1989.

McNulty, Mike. Mike McNulty’s CS323 at Wilfrid Laurier University: Overheads.Accessed Nov. 22, 2004. http://www.arts.uwaterloo.ca/~mjmcnult/323/overheads.htm

Moor, James. “Toward a Theory of Privacy in the Information Age” in Ethics and Valuesin the Information Age , Pp. 289-299. Wadsworth Publishing Company, 2002.

Rachels, James. “Why Privacy is Important” in Philosophy & Public Affairs 4(4)Pp. 323-333. 1975.