Privacy

[tiredoftherain]

Title
Privacy

Short, concise description of the idea
Not able to set the default privacy to "Registered Users"

Full description of the ideaAt the moment it's not possible to set the default privacy of an account to "Registered Users

Comments

[siderea]

Except it's not "security through obscurity". It's not security at all. It's a deterrent.

Extensive experiments online and F2F show that one of the best ways to radically decrease -- not eliminate, but deter -- social transgressions is to add very minor roadbumps.

There are two fundamental modes of griefing online. One is the targeted attack, where the attacker has identified a particular victim of choice and will go to great lengths to pursue them; stalkers are in this category. That's clearly what you are thinking of. However, that is the minority case. And important one, to be sure, but not the commonest sort of griefing.

The other mode of griefing is the attack of opportunity, where the griefer is going about their business and sees a low-effort opportunity to hassle someone -- possibly someone they have identified as a target, but often a random stranger -- and takes that opportunity.

The vast majority of obnoxiousness online is the latter. Which is great news, because all you have to do to counteract it is make engaging in that behavior more inconvenient. You don't have to try to prevent it. You don't have to try to stop it.

You just have to add a speedbump.

And it is absolutely shocking how effective such "speedbumps" can be to deter behavior. A friend of mine brought me great example in meatspace. Disney is using them in places like Disneyworld, where keeping the happy-place-lalala illusion intact requires a very non-confrontational approach to transgressive patron behavior, such as exploring the employee-only areas. He took a "backstage" tour which showed how rather than have "DO NOT ENTER" signs or locking doors, they have access ways with no physical barriers or verbal admonishments whatsoever... they're just psychologically uncomfortable in a variety of clever ways. Anybody can walk right on through them, if they're persistent. But causal spelunkers aren't persistent, so the system works to keep them out without confronting patrons.

The OP's intuitions are perfectly correct in requesting a "registered only" permission level. It won't stop their hasslers from getting accounts and continuing to greif them, if they turn out to be targetted attacks. But if they are merely attacks of opportunity -- which is, statistically, the way to bet -- "registered only" is likely to work, because it requires the persistence of getting an account. It adds a speedbump.

It's very frustrating to me that all discussions of access and privacy on LJ devolve into discussion of "security". Security is not the only issue. Privacy != security (this is why LJ allows one to have a robot.txt!). Deterrence != security (this is why LJ has a screen-comments functionality!). It is not unreasonable to want to enrich these functionalities.