Social Media News
Newly-released stats reveal how social network dwarfs other top sites
Earlier this month, industry blog Inside Facebook reported that the social network’s international status doubles every month. “Facebook’s growth rate accelerated by at least 25 percent in 47 countries in one recent quarter. Its quarterly growth rate more than doubled in 28 of those countries.”
What are ya, chicken? Join Helen A.S. Popkin on Facebook or follow her on Twitter. All the kids are doin’ it!
Harry McCracken
For years, Facebook has had a pretty consistent modus operandi: It breaks stuff, catches flack for it, and then-eventually-backpedals or otherwise responds to the criticism. The tradition continues with CEO Mark Zuckerberg’s new blog post. After a few weeks of intense unhappiness over the company’s recent new features and related changes to privacy policies, it’s redoing its privacy settings in a major way.
Zuckerberg says that the new features will take a few weeks to reach every Facebook user. I don’t see them yet. But here’s a recap of what he says is new:
- Rather than having to wade through gazillions of granular settings, it’ll be easy to tell Facebook you want anything you post to be visible to friends only, friends of friends, or everybody. These rules will apply to future Facebook functionality that doesn’t exist yet.
- You’ll be able to make your Friends and Pages lists completely private.
- It’ll be easier to block apps on Facebook from getting at your information.
- It’ll be easier to block external sites such as Pandora which use Facebook’s new “Instant Personalization” from getting at your information. (Currently there’s no single place to go to do this, nor any way to block all sites with one click.)
- If users find these changes satisfactory, Facebook intends to avoid major changes to privacy policies “for a long time.”
It’s a given that these tweaks won’t satisfy every unhappy camper. For example, it sounds like Facebook will still share your info via Instant Personalization by default; if this bothers you, you’ve got to proactively tell it to knock it off. Some people, like my colleague Jacqueline Emigh, would be more pleased if Facebook renounced Zuckerberg’s recent proclamation that “the default is social” and made every new form of sharing opt-in rather than opt-out.
Overall, though, the changes look like a significant step in the right direction. If you were rattled by the previous round of changes-as 75 percent of Technologizer readers who took our recent poll said they were-do the ones outlined in Zuck’s new post calm you down?
Ian Paul
Facebook is expected to announce new streamlined privacy settings for its users during a press briefing on Wednesday at 10:30 a.m. Pacific time. The news comes just a few days after Facebook CEO Mark Zuckerberg promised to introduce “privacy controls that are much simpler to use ” for Facebook’s more than 400 million users. Following Wednesday’s announcement, Facebook will hold a briefing on Thursday in Washington, D.C, which will be open to Congress staff interested in learning more about Facebook’s privacy plans.
Facebook’s decision to revise its privacy controls is welcome news, but it’s not clear yet what privacy changes Facebook has in store for its users. It appears the company is not planning any changes to its actual privacy policies, but will instead give users easier choices about how their personal details are being used on Facebook.
Nevertheless, Facebook deserves credit for responding to criticisms and implementing changes that will, hopefully, give users a simpler way to understand what they’re sharing on Facebook. Here are five things I’m hoping to see from Facebook on Wednesday.
Opt-in, Not Opt-out
Facebook should make a public vow that whenever it introduces new features that can expose user data to third-parties the company will let users opt-in to the new feature and not opt-out.
On several occasions, Facebook has introduced new features that automatically exposed user data to third parties, such as Facebook Beacon and the new Instant Personalization program. An opt-out model forces Facebook users to turn these new features off instead of letting them decide whether or not they want to use the new feature in the first place.
Facebook quickly backtracked on Instant Personalization and made it opt-in, for which the company should be commended. Nevertheless, Facebook should vow never to mess with user settings again, and make every new feature it introduces opt-in and not opt-out.
Third-party Data Control
Whenever you sign up to use a third party application on Facebook all your publicly available information becomes accessible to that app. But does a company like Zynga, the makers of Farmville, really need access to a list of your favorite music and movies? Canada’s privacy commissioner didn’t think so during a review of Facebook’s privacy policies last year.
In fact, Canada’s privacy watchdog recommended that Facebook require third-party apps to explicitly tell users what personal information the app wants and then get permission from the user to access each piece of data. In practice, this would mean you’d be presented with a check list of information such as your Likes and Interests, location and public Wall posts. Then you’d get to decide which of your details the app could access.
Disconnect From Friends
In my view, one of the more troubling aspects of Facebook’s privacy controls is the fact that your Facebook friends can easily expose your personal information to third parties. For example, if Bob signs up to play Mafia Wars that application can then access Bob’s friend list and all of his friends’ publicly available information.
To Facebook’s credit, you can stop some of your data from being leaked by your friends by clicking on Account>Privacy Settings>Applications and Websites>What your friends can share about you. However, even if you make it through Facebook’s privacy maze to find this setting, you still won’t be able to stop third parties from seeing your Likes and Interests, the city you live in, and other data Facebook considers to be publicly available information.
To put it mildly, this is crazy. Facebook execs are famous for claiming that its users are in control of their Facebook data , and can decide how it is shared. But clearly that is not the case if my friends can share my data without my knowledge. Facebook needs to put a stop to this practice of indirectly sharing user data with third-parties. It’s a privacy loophole, and Facebook needs to close it.
Granular Versus Simple
Although Facebook’s current privacy set up is very confusing, it is also very granular and allows users to have a fair amount of control over their profile information. Instead of throwing out its complex controls, Facebook should give users a choice between using the simplified controls and the more complex ones. That way anyone who wants to exercise minute control over their sharing can still do so, while others can opt for privacy controls that are easier to understand.
Data Export
This isn’t really a privacy control, but it ties into Facebook’s theme of giving users control over their data. Facebook should give users a simple tool that can export all your personal information to your desktop including your Likes and Interests, photos, Friend list, Wall posts, and so on. That way users will feel more comfortable knowing they can pull all their information out of Facebook with just a few clicks. Admittedly, this is a scary prospect for Facebook, but the company might find that people are more willing to share their data if they know they can yank it off of Facebook any time they like.
Facebook CEO Mark Zuckerberg made headlines earlier this year when he declared privacy was no longer a “social norm.” But in a column published today by the Washington Post, the CEO admitted Facebook’s privacy controls may have “missed the mark.”
“Six years ago, we built Facebook around a few simple ideas,” Zuckerberg wrote. “People want to share and stay connected with their friends and the people around them. If we give people control over what they share, they will want to share more. If people share more, the world will become more open and connected. And a world that’s more open and connected is a better world. These are still our core principles today.”
According to Zuckerberg, the challenge is to facilitate the sharing of information while preserving user choice and control – all the while keeping the experience simple for everyone.
“These are issues we think about all the time,” he wrote. “Whenever we make a change, we try to apply the lessons we’ve learned along the way. The biggest message we have heard recently is that people want easier control over their information. Simply put, many of you thought our controls were too complex. Our intention was to give you lots of granular controls; but that may not have been what many of you wanted. We just missed the mark.”
In a radio interview May 18, Facebook Director of Public Policy Tim Sparapani said the company planned to simplify its privacy settings due to the ongoing controversy. It is not clear yet how Facebook will change the settings, but Zuckerberg re-iterated that the modifications will be rolled out in the coming weeks.
In the meantime, the battle about the site’s ‘personalization’ feature and default privacy settings continues to percolate. During the past few weeks, Facebook’s critics have gone as far as complaining to the Federal Trade Commission (FTC).
Security vendor Sophos conducted an online poll recently that found many respondents were considering leaving Facebook due to the controversy. Of the roughly 1,600 people surveyed, 60 percent said it is either “highly likely” or “possible” that they will leave Facebook due to concerns over privacy. Just 24 percent said they either wouldn’t leave or it is “not likely.” The remaining 16 percent of the respondents had already left the site.
“Social networks are a top concern among IT security teams from a proprietary data sensitivity perspective and that it poses an additional route to malware infections,” Mike Haro, senior security analyst at Sophos, told eWEEK.
Though Zuckerberg acknowledged missteps, he stressed some of Facebook’s core principles are to give users control over how their information is shared and to not share personal information with people or services users don’t want.
“Facebook has evolved from a simple dorm-room project to a global social network connecting millions of people,” the CEO wrote. “We will keep building, we will keep listening and we will continue to have a dialogue with everyone who cares enough about Facebook to share their ideas. And we will keep focused on achieving our mission of giving people the power to share and making the world more open and connected.”
EMILY STEEL And JESSICA E. VASCELLARO
Facebook, MySpace and several other social-networking sites have been sending data to advertising companies that could be used to find consumers’ names and other personal details, despite promises they don’t share such information without consent.
The practice, which most of the companies defended, sends user names or ID numbers tied to personal profiles being viewed when users click on ads. After questions were raised by The Wall Street Journal, Facebook and MySpace moved to make changes. By Thursday morning Facebook had rewritten some of the offending computer code.
Advertising companies are receiving information that could be used to look up individual profiles, which, depending on the site and the information a user has made public, include such things as a person’s real name, age, hometown and occupation.
Several large advertising companies identified by the Journal as receiving the data, including Google Inc.’s DoubleClick and Yahoo Inc.’s Right Media, said they were unaware of the data being sent to them from the social-networking sites, and said they haven’t made use of it.
Across the Web, it’s common for advertisers to receive the address of the page from which a user clicked on an ad. Usually, they receive nothing more about the user than an unintelligible string of letters and numbers that can’t be traced back to an individual. With social networking sites, however, those addresses typically include user names that could direct advertisers back to a profile page full of personal information. In some cases, user names are people’s real names.
Most social networks haven’t bothered to obscure user names or ID numbers from their Web addresses, said Craig Wills, a professor of computer science at Worcester Polytechnic Institute, who has studied the issue.
The sites may have been breaching their own privacy policies as well as industry standards, which say sites shouldn’t share and advertisers shouldn’t collect personally identifiable information without users’ permission. Those policies have been put forward by advertising and Internet companies in arguments against the need for government regulation.
The problem comes as social networking sites—and in particular Facebook—face increasing scrutiny over their privacy practices from consumers, privacy advocates and lawmakers.
At the same time, lawmakers are preparing legislation to govern websites’ tactics for collecting information about consumers, and the way that information is used to target ads.
In addition to Facebook and MySpace, LiveJournal, Hi5, Xanga and Digg also sent advertising companies the user name or ID number of the page being visited. (MySpace is owned by News Corp., which also owns The Wall Street Journal.) Twitter—which doesn’t have ads on profile pages—also was found to pass Web addresses including user names of profiles being visited on Twitter.com when users clicked other links on the profiles.
For most social-networking sites, the data identified the profile being viewed but not necessarily the person who clicked on the ad or link. But Facebook went further than other sites, in some cases signaling which user name or ID was clicking on the ad as well as the user name or ID of the page being viewed. By seeing what ads a user clicked on, an advertiser could tell something about a user’s interests.
Ben Edelman, an assistant professor at Harvard Business School who studies Internet advertising, reviewed the computer code on the seven sites at the request of the Journal.
“If you are looking at your profile page and you click on an ad, you are telling that advertiser who you are,” he said of how Facebook operated, if a user had clicked through a specific path, before the fix. Mr. Edelman said he had sent a letter on Thursday to the Federal Trade Commission asking them to investigate Facebook’s practices specifically.
The sharing of users’ personally identifiable data was first flagged in a paper by researchers at AT&T Labs and Worcester Polytechnic Institute last August. The paper, which drew little attention at the time, evaluated practices at 12 social networking sites including Facebook, Twitter and MySpace and found multiple ways that outside companies could access user data.
The researchers said in an interview they had contacted the sites, which some sites confirmed. But nine months later, the issue still exists.
The issue is particularly significant for Facebook on two fronts: the company has been pushing users to make more of their personal information public and the site requires users to use their actual names when registering on the site.
A Facebook spokesman acknowledged it has been passing data to ad companies that could allow them to tell if a particular user was clicking an ad. After being contacted by the Journal, Facebook said it changed its software to eliminate the identifying code tied to the user from being transmitted.
“We were recently made aware of one case where if a user takes a specific route on the site, advertisers may see that they clicked on their own profile and then clicked on an ad,” the Facebook spokesman said. “We fixed this case as soon as we heard about it.”
Facebook said its practices are now consistent with how advertising works across the Web. The company passes the “user ID of the page but not the person who clicked on the ad,” the company spokesman said. “We don’t consider this personally identifiable information and our policy does not allow advertisers to collect user information without the user’s consent.”
The company said it also has been testing changing the formatting for the text it shares with advertisers so that it doesn’t pass through any user names or IDs.
MySpace, Hi5, Digg, Xanga and Live Journal said they don’t consider their user names or ID numbers to be personally identifiable, because unlike Facebook, consumers are not required to submit their real names when signing up for an account. They also said since they are passing along the user name of the page the ad is on, not for the person clicking on the ad, there is nothing advertisers can do with the data beyond seeing on what page their ad appeared.
MySpace said in a statement it is only sharing the ID name users create for the site, which permits access only to the information that a user makes publicly available on the site.
Nevertheless, a MySpace spokeswoman said the site is “currently implementing a methodology that will obfuscate the ‘FriendID’ in any URL that is passed along to advertisers.”
A Twitter spokeswoman said passing along the Web address happens when people click a link from any Web page. “This is just how the Internet and browsers work,” she said.
Although Digg said it masks a user’s name when they click on an ad and scrambles data before sharing with outside advertising companies, the site does pass along user names to ad companies when a user visits a profile page. “It’s the information about the page that you are visiting, not you as a visitor,” said Chas Edwards, Digg’s chief revenue officer.
The advertising companies say they don’t control the information a website chooses to send them. “Google doesn’t seek in any way to make any use of any user names or IDs that their URLs may contain,” a Google spokesman said in a statement.
“We prohibit clients from sending personally identifiably information to us,” said Anne Toth, Yahoo’s head of privacy. “We have told them. ‘We don’t want it. You shouldn’t be sending it to us. If it happens to be there, we are not looking for it.”
Well, it seems all this complaining about Facebook’s laissez faire attitude toward its users’ privacy has finally gotten their attention. According to published reports, the company called an “all hands meeting” to discuss the controversy last week. And what has come of that meeting? Apparently a lot of soul searching, renting of garments, and gnashing of teeth, per a report in the Wall Street Journal. But otherwise, a whole lot of nothing.
So leave it to some clever entrepreneurs to do what Facebook has so far refused to do: Put back the privacy protections Facebook just took away. And they do it in an ingeniously simple way.
First up, there’s ReclaimPrivacy, which can scan your Facebook settings and let you know where you’re at risk. Simply visit the site and drag the free “Scan for Privacy” button up to your browser’s bookmarks toolbar. Log into Facebook, click the bookmark, and it instantly analyzes your privacy settings in a popup window, letting you know what’s “secure” and where you may be at risk.
Of course, Scan for Privacy leaves it up to you to decide how to change your settings. If you want to lock down your Facebook profile completely, there’s Untangle’s SaveFace. It installs in an identical fashion to ReclaimPrivacy – visit the SaveFace site and drag the icon to your toolbar. This time when you log in and click the bookmark, it changes all your settings to “friends only.”
Personally, I don’t want everything on my Facebook page to be “friends only,” so I went back and changed some settings (like for my blog posts) to be more public. But that’s far easier than having to manually tweak each setting, which is Facebook’s only solution.
Finally there’s Openbook. This isn’t a tool at all, it’s merely a site that lets you search through Facebook users’ public updates to show you just what kinds of embarrassing/incriminating things people post on a regular basis, mostly without even realizing it. Try searching on “rectal exam” or “lost my virginity” and you’ll see what I mean.
Will Facebook cripple these tools, as it has done to similar efforts in the past? I don’t think they’d dare, given the bad press they’re already getting. Then again, we’re talking about Mark Zuckerberg here, so anything is possible.
One small sliver of hope: On a radio talk show the other day, Facebook’s director of public policy (how many people do they have with this job title?) Tim Sparapani said the service it would be “simplifying” its privacy controls over the next few weeks.
As one of the commenters on this very blog noted recently, Internet Explorer has had both extremely granular privacy controls and simple one-click privacy settings (high, medium, low) for more than a decade. If Microsoft could do this back in 1997, why can’t Facebook do it right now? Are they really that lame?
Sarah Jacobsson
Facebook and Zynga announced Tuesday that they have agreed to a five-year “strategic relationship” that will expand the use of Facebook Credits in Zynga’s games. So much for the rumors that Zynga was planning to go rogue and launch its own social gaming site.
The rumors, which were first reported by TechCrunch earlier this month, suggested that Zynga CEO Mark Pincus had announced the unveiling of a new social gaming site called Zynga Live.
Online game developer Zynga has been at odds with social networking giant Facebook for several weeks now–conflict most significantly arose when Facebook changed its developer platform to the disadvantage of companies such as Zynga.
A major change was the introduction of Facebook Credits, a virtual currency that Facebook now requires its developers to use. The issue with Facebook Credits, of course, is that Facebook takes a significant cut of the revenue–30 percent. It is not yet mandatory for developers to use Facebook Credits, but rumor has it that it soon will be.
Unnamed TechCrunch sources reported that Facebook and Zynga were trying for a long-term relationship–but that negotiations weren’t going too well, hence Zynga’s preparation for a complete move off of the social networking site. According to sources, during the negotiation period Facebook pulled some underhanded tricks, such as shutting down notifications from some of Zynga’s games and threatening to remove Zynga’s games from Facebook completely.
However, it looks like everything is hunky-dory–the official word on the street is that everything is fine (a step up from “intense,” a couple of weeks ago), and that this is a long-term, strategic relationship.
“We are pleased to enter into a new agreement with Zynga to enhance the experience for Facebook users who play Zynga games,” says Facebook COO Sheryl Sandberg.
Of course they’re “pleased”–Zynga is the manufacturer of several of the most popular games on Facebook (including Farmville and Mafia Wars), and Zynga apps on Facebook have about 230 million users–over half of Facebook’s worldwide count of 400 million users.
Ian Paul
Facebook is reportedly undergoing internal struggles as the company debates concerns raised over user privacy, and the social network may revamp its user privacy settings in the coming days.
Ever since Facebook introduced new sharing features in April during the company’s F8 developers conference, the company has received criticism over its privacy policies from critics, lawmakers, interest groups and regular users. Looking to address its critics, company executives and employees have been involved in marathon debate sessions to figure out what to do about user privacy on Facebook, according to The Wall Street Journal.
Facebook’s Privacy Maze
The biggest issue up for debate at Facebook HQ, according to the Journal, is what to do about the social network’s labyrinthine privacy system that many users have found confusing. The New York Times reported earlier this month that you need to navigate through 50 settings and more than 170 options to completely manage your privacy on Facebook.
Some inside Facebook are reportedly proposing simplified controls that would make it easier for users to maintain their privacy, according to the Journal, while others argue for the more granular controls Facebook currently offers.
Public Statements, Private Dissent
While Facebook reportedly debates in private about how best to deal with user privacy settings, Facebook executives have been telling a different story in public. Elliot Schrage, Facebook’s vice president of global communications, marketing, and public policy, recently wrote in The New York Times that Facebook would “work to make [Facebook's privacy] settings easier and simpler.”
Then on Tuesday, Tim Sparapani,Facebook’s public policy director said on a local Washington D.C. radio show that Facebook was “going to be providing options for users who want simplistic bands of privacy that they can choose from,” as first reported by Wired. Sparapani said changes to privacy settings would be coming in the next couple of weeks.
While Facebook reportedly debates what to do about user privacy, people outside of Facebook continue to direct criticism at the social network. Sites like openbook and zesty.ca provide tools for people to see just how open the profiles of most Facebook users are. Meanwhile close to 6,000 people at the time of this writing have committed to leave Facebook on May 31, according to QuitFacebookDay.org.
Facebook currently has over 400 million users worldwide, and will reportedly reach 500 million users by June.
http://www.youtube.com/watch?v=UZn-fXzXEbE&feature=player_embedded
Several new applications have launched this week that are designed to easily reset a Facebook member’s privacy settings, following new changes from the company that make a sizable chunk of profile content public by default when it was once kept under lock and key.
A firewall and spam filter company called Untangle has launched a tool called SaveFace, which takes the form of a browser bookmark utility and sets as many Facebook profile elements as it can–contact information, friend lists and connections, wall posts–to “friends only.”
“We wanted to help our customers get back to Facebook of 2005,” Untangle CEO Bob Walters said in a release from the company, in which he referred to Facebook’s current privacy controls as “insane” and difficult to handle.
Additionally, an independent developer has created a similar tool called ReclaimPrivacy.org, which scans a Facebook member’s privacy settings, flags profile elements that may be unexpectedly public, and like SaveFace can reset them. Both applications are open-source.
It’s unclear as to what Facebook thinks of these apps, but considering the social network very vocally banned an app that “unfriended” people, citing a privacy violation, it may also take issue with services that modify privacy settings. Granted, ReclaimPrivacy and SaveFace are not built on the Facebook developer platform, so the rules that govern them may be different.
CNET has contacted Facebook for comment and will update this post when the company responds.
On the other hand, Facebook might want to keep these services around because, in a sense, they may put members at ease and let Facebook off the hook in the process–whether it should be or not.
The site that functions as one big popularity contest looks a little unpopular today. After a series of changes that eroded its users’ privacy, Facebook has been getting smacked around in public.
A Wired blog post declared the widely-used social network “Gone Rogue.” A team of programmers looking to develop an open alternative to Facebook quickly raised tens of thousands of dollars from strangers. A series of bold-face names in technology have canceled their Facebook accounts.
I am neither terribly surprised about this nor too sympathetic for Facebook. The Palo Alto, Calif., company has earned this scorn.
First, consider the changes it’s imposed on its users. One turns many parts of your personal profile–your city, employer, hobbies and so on–into public links unless you remove that information. Another change can expose your endorsements of links at various sites, this one included, with a click of Facebook’s increasingly-ubiquitous “Like” button. (Note that my first posts on these changes failed to capture their privacy implications.) A third, “Instant Personalization,” shares some of your data, without your advance permission, with other sites.
Second, Facebook’s ever-changing privacy-settings interface has made it difficult to monitor and control these changes. The company has an obnoxious habit of revising this miserably-complex system in ways that make earlier instructions inoperative and sometimes reverse prior settings of users. Without clear, concrete examples of who can see what you post, it’s no surprise that some people wind up oversharing with the entire Internet.
Third, Facebook has done these things before. An alarming Flash animation illustrates how its default settings have steadily chipped away at a user’s privacy over the past few years.
(You’ve memorized these disclaimers by now, right? Post Co. chairman and chief executive Donald E. Graham sits on Facebook’s board of directors; former Facebook chief privacy officer Chris Kelly is a friend from college; and many Post staffers, this one included, market themselves on Facebook.)
It’s possible that Facebook’s 400-million-plus users will settle down and accept these shifts as they’ve done before.
But Facebook has a fourth problem: It looks arrogant.
Maybe that’s only perception. It can’t help Facebook’s cause that its most public face, 26-year-old founder Mark Zuckerberg, can’t seem to bother to put on a collared shirt, let alone a jacket or tie, before blathering on about how our notions of privacy are, like, changing.
But when I’ve talked to Facebook executives about the complaints I’ve heard from users, I’ve gotten airy defenses of the company’s need to keep innovating. Sometimes they’re followed up by vague allowances that it could explain these changes better–the dot-com equivalent of a politician’s weasel-worded “if I have offended anybody” non-apology. And then they go on to tout heart-warming stories about how Facebook has helped adoptive parents find a child.
Meanwhile, from what I can tell the leadership at Facebook sincerely believes that the company can and should become the Web’s dominant source of identity and authentication, providing a feature left out of the Internet’s original design. But they don’t seem to accept the thought that becoming such a social utility might require changes in their behavior.
Don’t get me wrong: I like Facebook as a service, one that often works better than individual e-mails at keeping me in touch with friends. When I finish writing this post, I will probably click over to the site to see what’s new with them. But I’ll also hope that my friends now realize they should be as calculating in their use of Facebook as Facebook seems to be in its manipulation of their privacy.
Tony Bradley
The villagers have pitchforks and torches in hand and everyone seems to be converging on Facebook–the scourge of all things private and personal. I am here to disband the angry mob by asking the question “how did Facebook get your data in the first place?” and telling people to look in the mirror before attacking Facebook.
I agree that Facebook is a little too brazenly cavalier in its attitude toward privacy. I am in no way suggesting that Facebook is completely innocent, or that it is some sort of paragon of information privacy practices. However, the opposite extreme is equally false.
Notable online personalities such as Leo Laporte, Cory Doctorow, and Matt Cutts, and Jason Rojas have deleted their Facebook accounts in protest–some in grand public gestures. What is lacking in all of the self-righteous indignation over Facebook privacy policies is the mea culpa factor.
The situation reminds me of the case where the woman spilled McDonald’s coffee on her lap, then sued McDonald’s because the coffee was hot and McDonald’s didn’t have the prescience of mind to notify her up front that pouring hot coffee on her lap might be bad. It’s like shooting someone and blaming the bullet without stopping to consider who was responsible for pulling the trigger.
Even if there were no Facebook, a vast amount of personal information is already available on the Web just from publicly available documents and records. Just check BeenVerified.com or Whitepages.com to see how much the Internet already knows about you.
When it comes to any additional information that is out there, though, users need to take some responsibility for sharing that data. Privacy and social networking are at opposite ends of the spectrum and it’s up to the individual user to exercise discretion in sharing information, and utilize the controls provided to place the fulcrum in the right spot to find a balance between the two that is comfortable.
Admittedly, much of the backlash isn’t so much about Facebook having the information, or even in how that information is used or distributed. Many users are simply frustrated that the rules keep changing. Every time Facebook introduces a new feature, or unveils a new service or partnership, suddenly data is exposed in new ways that the user did not overtly consent to.
On that point, I refer back to my Open Letter to Facebook on Privacy. I believe that Facebook should be much more open about its development lifecycle, and allow for more pubic beta testing and forewarning before springing new features on half a billion members. I also feel that Facebook should disclose the details of any changes, and make new features and services opt-in rather than automatically moving the line in the sand for existing members.
However, my main point in the open letter still stands, and brings me back to the mea culpa focus of this article. Ultimately, the vast majority of users won’t read the disclosures, and won’t use the security controls provided to them. They will opt-in to take advantage of cool features and they will share information without regard for privacy.
IT administrators need to have clearly-defined policies in place regarding social networking using company computers or network resources. If social networking is allowed, even on a limited basis, user education is a key element of protecting data–informing users what to share and what not to share, and ensuring they are aware of the privacy and data security controls available.
McDonald’s can’t protect every clumsy customer that drives a car with a scalding hot cup of coffee between their legs, and Facebook can’t be expected to be the guardian of every personal detail and sensitive fact shared willingly across its social network.
Both tools have to do with stopping unknown devices from logging in to a user’s Facebook account.
Following Thursday’s quickly convened meeting to discuss user privacy concerns, Facebook has unveiled two tools designed to help protect account-holders from scammers and alert users to suspicious activity.
With one tool, users can elect to approve the devices they typically use to log-in and receive e-mail or text notifications. This feature would serve as an alert if another, unselected device is used to access the account.
“For example, you can save your home computer, your school or work computer, and your mobile phone. Once you’ve done this, whenever someone logs in to your account from a device not on this list, we’ll ask the person to name the device,” wrote Lev Popov, a software engineer on Facebook’s site integrity team, in a company blog.
The opt-in feature is available under the Account Settings page. Users may click the link next to “Account Security,” and select the option to receive notifications for log-ins from new devices. The first time users access their Facebook accounts, they must name and save the devices they use to log onto Facebook.
|
Numerous technologies including deduplication may have a role to play in managing burgeoning corporate storage requirements
|
To block suspicious log-ins, if the Facebook system determines if someone is trying to access an account from an unknown device and asks the individual to answer a verification question to prove their identity. Identifiers could include date of birth, identifying a friend in a photograph or answering a previously-provided security question, Popov wrote.
“These questions are designed to be easy for you, and hard for a bad guy, and we’ve already seen some great results,” he said. “Once you’ve confirmed your identity, you’ll have the opportunity to review recent logins on your account and reset your password if you see logins that you don’t recognize.”
These tools — which Popov said have been under development for several weeks — do not, however, address Facebook’s policies towards user information and privacy. The European Union’s Article 29 Working Party, part of the EU’s Justice and Home Affairs’ Data Protection division, added its voice to those cautioning Facebook about its approach to user privacy.
Earlier this week, the division wrote to Facebook, stating its dissatisfaction with the site’s changes to its privacy settings.
“It is unacceptable that the company fundamentally changed the default settings on its social-networking platform to the detriment of a user,” said a statement from the Working Party. “Facebook made the change only days after the company and other social networking sites providers participated at a hearing during the Article 29 Working Party’s plenary meeting in November 2009.”
In the U.S., four Senate Democrats have asked the Federal Trade Commission to develop guidelines governing the way social networking sites can use information submitted by users. Privacy groups the Federal Trade Commission and Congress that the social network is violating consumer protection laws.
Facebook hired this month former U.S. Federal Trade Commission chairman Timothy Muris to help defend the popular Web site’s privacy practices in Washington, D.C.
There’s been a fair bit of hubbub lately over Facebook and its privacy policies. The Electronic Frontier Foundation has documented what it terms Facebook’s eroding privacy policy, the Electronic Privacy Information Center in league with 14 privacy and consumer protection organizations has filed a complaint with the FTC over privacy issues, and New York Senator Charles Schumer likewise urged the FTC to provide privacy guidelines for social networking sites that protect users’ personal information. In response, Facebook’s vice president of public policy, Elliot Schrage, took a page in the New York Times to profusely apologize for not being clear enough about how awesome Facebook is.
I was a very occasional Facebook user. I rarely visited my Facebook wall and any items posted there were simply relayed from my Twitter account. Like a lot of Facebook folk, I found the service to be a useful way to reconnect with old friends, schoolmates, and former colleagues. It was just as helpful for keeping in touch with local community groups. I rarely friended anyone who wasn’t a real friend or associate, I completely avoided the games and polls, and I was careful about the images and movies I shared. In short, a somewhat cautious and conservative Facebook user.
I went into Facebook understanding that social networking sites are designed for people to share the details of their lives. I also understand that many people are tempted to share too much about themselves on such sites without clearly understanding that the Internet is forever.
For instance, that Spring Break picture of you hanging out of your blouse after 17 margaritas—you know, the one your ex-boyfriend took and is now sharing with your name plastered all over it? The one that bears the caption “Sooooooooo wasted!!!!”? That picture may be less fetching to the parents of the third-graders you now teach. And is it really wise to let the entire world know that you’re going to leave an unoccupied-yet-full-of-treasure house empty for a month while you visit Australia?
But hey, you knew this going in, right? It’s a Social Freaking Network. If you didn’t want to share this kind of stuff, you wouldn’t have signed up. And that’s basically Facebook’s take. In answer to this question from one abycats, New York in Schrage’s New York Times piece:
Why not simply set everything up for opt-in rather than opt-out? Facebook seems to assume that users generally want all the details of their private lives made public.
Schrage replied:
Everything is opt-in on Facebook. Participating in the service is a choice. We want people to continue to choose Facebook every day. Adding information—uploading photos or posting status updates or “like” a Page—are also all opt-in. Please don’t share if you’re not comfortable.
And in a perfect world that would be great. Be a grown-up and take responsibility for your actions.
The problem is that Facebook wasn’t designed for Internet grown-ups. It’s designed for regular folks who aren’t terribly tech- or privacy savvy. Try this experiment:
Those of you who are Facebook users, take a look at your friends. How many of them would you consider fully conscious of how their information might be used to their detriment? How many would you trust capable of configuring Facebook’s increasingly complicated privacy settings so that the information they choose to share is shared only with a very select group of people?
If your answer is anything but “very few,” I admire the company you keep.
My particular problem with Facebook—and the reason I deactivated my account—is that rather than responding to people’s very real concerns about how the service shares its users’ personal information, Facebook has determined to attack it as nothing more than a PR problem.
Elliot, it’s not about PR or how we seem to misunderstand Facebook’s message. As those New York Times readers made very clear, people are upset that Facebook is playing fast and loose with users’ privacy. With each service “upgrade,” users have to play whack-a-mole with their privacy settings because Facebook has opened up yet another window to their world. And those privacy settings are now so convoluted that a veritable cottage industry has risen to inform people how to close the holes you’ve opened—if they bother to close them at all. The truth is that most Facebook users don’t have a clue about how their privacy settings are configured nor do they think about the results of their inaction.
Which is why I’d like to see Facebook take more of a caretaker role. I think I know how to configure those many privacy settings but my mother—a new Facebook user—doesn’t. Rather than being hell-bent on making a buck by shoving targeted advertising at their users, how about taking a measure of responsibility for how the service treats privacy. For example, when Ben from Chicago writes in the New York Times:
I love Facebook, but I am increasingly frustrated by the convoluted nature of the privacy settings. It’s clearly within Facebook’s ability to make the privacy settings clear and easy to use—why hasn’t this been a focus?
Perhaps you could come up with something more genuine than:
Unfortunately, there are two opposing forces here—simplicity and granularity. By definition, if you make content sharing simpler, you lose granularity and vice versa. To date, we’ve been criticized for making things too complicated when we provide granular controls and for not providing enough control when we make things simple.
Elliot, allow me to add the additional criticism that this kind of insincere malarkey is insulting to your users. You’ve used a computer before, right? In that time have you ever run through a configuration process—a step-by-step procedure that asks you how you’d like to use the program? No? Let me help then.
When I sign up for a Facebook account I should see this:
“Would you like us to share the information you post on your wall with third-parties (including advertisers)?”
- Yes
- No
“No it is. Now let’s talk about the friends you specifically invite to view your wall and what they can do with your information.’
And off you go, asking some very direct questions and providing enough information so users understand the implications of their choices. Half-a-dozen questions should nicely deal with most people’s settings. At the end of the process point out that a click on the Advanced Settings tab will allow those who wish to granularly control their settings do so.
Of course it will likely impact your business. It may also help prevent people like me and my former Facebook friends from leaving in droves.
KI MAE HEUSSNER
For most of us, it will likely never be more than an idle threat. But what happens when you actually do decide to sign off from Facebook — for good?
Frustrated by privacy changes or perhaps simply overwhelmed by the non-stop online chatter, Facebook users sometimes say it’s time to go cold turkey. But a few really do follow through.
After Facebook’s most recent changes and the discovery of a (now-fixed) security hole that let users see friends’ chats, complaints from Facebook users erupted last week in comment threads and even a dedicated protest page on the site.
But Peter Rojas, co-founder of the popular tech blog gdgt, announced on Twitter that he was actually going to cut the cord.
“I was spending more time managing my account than actually using my account,” he toldABCNews.com. “Having to constantly monitor the privacy settings was way too complicated. You can never be sure if you actually caught everything.”
Before Deactivation, Facebook Lists Friends Who Will Miss You
Rojas said that though he never expected others in the tech community to respond to his action, he thinks the Facebook privacy issue is a big one.
“I’m happy to use the site, but I don’t want to be sharing my private updates [and] personal information with other Web sites,” he said.
After hitting the “deactivate” button listed under “Account Settings,” he said the site tried to convince him to stay.
Before completing the process, Facebook asks the question “Are you sure you want to deactivate your account?” and displays pictures of a few friends, captioned with the lines “[Friend's name here] will miss you.”
“It just seemed really desperate in a way that Facebook doesn’t need to be desperate,” he said.
Maybe someone at Facebook thought it might be a clever way to bid departing users farewell, he said, but it “just seems kind of weird to be so almost pathetic. They certainly don’t need to do that. It’s not like they’re hemorrhaging users.”
But according to the tech blog Search Engine Land, more and more people seem to be at least curious about how to delete their Facebook pages.
Tech Blog: More People Searching for How to Delete Facebook Accounts
In a blog post Monday, editor Danny Sullivan said that while doing a “how do I” search on Google he noticed that “how do I delete my facebook account” was one of the top suggested search topics.
According to Google, suggested search topics are based on the queries of others and are determined algorithmically without human intervention. The popularity of search terms is one of the factors used in the algorithm.
To see how recent the Facebook trend was, Sullivan used Google Trends, which shows the popularity of certain searches over certain periods of time.
Although there was not enough search volume for “how do I delete my facebook account,” he said he found something interesting when he entered “delete facebook account.”
“Yes, there is definitely a rising trend,” he wrote. “Over time, more and more searches at Google have involved it, it appears.”
Facebook Users Can Deactivate or Permanently Delete Accounts
He also wrote that if you start typing in “delete” into the Google search box, the first suggested topic is “delete facebook account.”
Facebook gives users the option to deactivate or delete their accounts, though listed under “Account Settings,” the deactivate option is much easier to locate. To find the delete option, users have to search for the option in the site’s “Help Center.”
If a user decides to deactivate an account, the profile information is no longer available on Facebook, but the site still saves all of the information in case the user returns.
“We preserve the account in its entirety. People often deactivate for temporary reasons and expect their content and information to be there for them when they return,” a Facebook spokesman said in a statement.
The user is taken off Community pages, photos tagged with her are de-tagged and status updates or other information posted to her own page are taken down. Posts on friends’ walls remain, but the person’s name appears in unclickable text.
Facebook Waits 14 Days Before Deleting Account
Still, Facebook said third-party applications or sites might be able to hold on to that information “to the extent permitted by our policies.” If a user turned over credit card information on Facebook to buy virtual gifts or make other purchases, that information is also retained by Facebook.
The social network said there is no limit on how long a user can keep her account deactivated.
But if a Facebook user really wants to make the separation permanent, she can choose to delete the account altogether. If a user goes to the “Help Center” and searches for “delete account,” she is directed to a link that lets her send a deletion request to Facebook.
Once they receive the request, the spokesman said the site waits 14 days before deleting the account.
“Because deletion is irreversible, this allows people who mistakenly submitted a request to let us know so we can cancel it,” the Facebook spokesman said.
After the 14 days, Facebook said it purges the user’s information from the site. The policy says copies of some materials may remain for “technical reasons,” but Facebook did not immediately explain this further.
Though Facebook said it collects information about how many users have deactivated or deleted accounts, the spokesman said it generally does not publicize that information.
Industry Watcher: Facebook Continues to Grow
Still, despite user complaints and possible curiosity about leaving the site, industry watchers say Facebook appears to be attracting even more people.
“The site is still growing really fast as far as we can tell. It’s growing fast, especially some of the younger [users], men and women in their 20s,” said Eric Eldon, co-editor of the Inside Network, which runs the Inside Facebook blog.
He said Facebook grew by at least 4 million U.S. users in March to reach 117 monthly unique visitors and added about 20 million global users to reach more than 400 million users worldwide.
“One concern at this point is that Facebook can do so many changes that eventually people get fed up and delete their accounts, or at least stop using the site regularly,” he said. But “that’s always a concern but it hasn’t happened yet.”
“Maybe Facebook is so ingrained in people’s lives so it’s not a risk,” he continued. “This is all such new territory.”
Helen A.S. Popkin
Glitch allowed users to ‘force’ other users to follow
The Twitpocolypse is upon us! Earlier today, as the microblogging site attempted to fix an embarrassing bug, follower lists suddenly disappeared. As the Twitterverse panicked and “Follower 0″ rose to the top of it’s trending list, Twitter
assured its users via the company’s own Twitter feed that the issue would be rapidly remedied.
“Follow count display is set to 0 and follow/unfollow is temporarily offline while we fix a bug,” Twitter’s own Twitter account reported at 1:02 p.m., confirming that everyone, from Ashton Kutcher to Justin Bieber bloggers, was affected.
Earlier Monday, the microblogging network was beset by a bug that allowed anyone to force other Twitter users to follow his or her account. Social network news site Mashable reported that one alert reader e-mailed the details of the glitch Monday morning, writing “[tweet] accept [username]” then the [username] immediately starts following you.”
Tech blog Gizmodo noted that the auto-follow was exploitable in Twitter’s Web interface, not on third-party apps. The blog also posted instructions: “Follow this dead-simple guide to force any Twitter user — from Oprah to Kutcher — to follow you. No, seriously.”
Notably Conan O’Brien, who famously follows only one person, appeared to follow 194 people earlier Monday.
Open season on follower-poaching was shortlived however, as Twitter worked to remedy the problem, posting this at 10:19 a.m. PT: “We’re now working to rollback all abuse of the bug that took place. Follower/following numbers are currently at 0; we’re aware and this too should shortly be resolved,” Twitter has posted on its status blog.”
This will no doubt come as great relief to Twit-celebs such as “Weird” Al Yankovic, who posted this bit of satirical self-doubt :” Was my last tweet that offensive? Looks like I’ve lost every single one of my followers.”
Kent Lindstrom is founder and CEO of location-based social network PlacePop and the former CEO of Friendster.
Facebook is planning to enter the “local” space in a big way, according to numerous reports. The impact of such a move – across Facebook’s more than 400 million users and, perhaps more significantly, 100 million mobile users – will be significant.
Rumors abound about what this new service will look like, but it’s not clear that even Facebook knows yet. It has recently tested “stickers” in store windows that urge customers to “like” the store on Facebook, suggesting a relatively early phase of the product.
I’ve spent a lot of time studying local social networking both in my former role at Friendster (planning something called “Friendster Places” that was never implemented) and in my current role at PlacePop. So naturally I’m curious as to what Facebook’s plans in the space might be. Here are my best guesses:
Latitude and longitude vs. places
Twitter allows latitude and longitudes to be associated with tweets, and Google does the same with its mobile friend-finding software. Sites like Foursquare, PlacePop, Yelp and Gowalla, on the other hand, provide users a list of actual places to choose from and ‘check-in’, based on their phone’s latitude and longitude. So which route will Facebook go?
My bet: Place Pages. Facebook is trying to turn everything on the Web into a Facebook page that can be “liked”, and Places makes for a logical page category. Indeed, there’s evidence of such a function in Facebook’s mobile website.
Place Pages: user-generated or curated?
Place pages could either be user-generated (businesses create their own pages), or “curated” (Facebook uses a structured database of places). Colleges on Facebook are curated, while Fan pages are user-generated.
My bet: curated. This is a tough call, since user-generated pages are much more scalable, and there are orders of magnitude more places in the world than colleges. However, Facebook’s window decal tests indicate they are operating from a structured database.
Will Facebook have check-ins?
The popular term for sharing your location is a “check-in.” Will Facebook call it a check-in? Would you “check in” repeatedly on Facebook, or just announce that you “like” a place page? This is the question we location-based social networks await most anxiously.
My bet: check-ins, but called something else. Facebook has shown it can create and popularize its own terms (“poke”, “like”). While check-ins on Facebook could deluge the feed, Facebook has already opened this can of worms with the universal “Like” button. Real-world liking is probably too irresistible an idea.
How will you check in?
Will Facebook provide a list of places like other location-based service apps? Let you scan a window decal? Or text a “like” from a location?
My bet: Scan a decal with a camera-equipped smartphone. While this option is radical, it’s pretty visionary. Not only is every Web page a Facebook page you can “like,” but every physical location is a Facebook page you can “like.”
Will location data be in Facebook’s API for developers?
As users check in to places, three pieces of data are generated: who, where and when. Facebook would generate these types of data at a rate orders of magnitude beyond all other location-based networks combined. Third-party developers could turn this check-in data into games, maps, lists and all manner of interesting applications.
My bet: Data will be in Facebook’s applications programming interface. Or at least we hope it will. The applications unleashed could be quite unique, and useful. But the temptation to keep such valuable data proprietary will be great.
Will Facebook’s offering kill off other location-based players?
With the best-known location-based services reporting numbers in the low single-digit millions (or fewer), it appears 99 percent of people on Facebook have never used a location-based application. So by introducing the “check-in” concept to tens of millions of people, Facebook would bring an enormous new audience to this market. Applications that used check-ins in a way similar to Facebook would likely die fast deaths. But applications that adapt – by figuring out something valuable and unique that is relevant to millions of people newly introduced to check-ins – could be transformative. So will Facebook kill all other location-based services?
My bet: no.
Renay San Miguel
Since its f8 event two weeks ago, Facebook has in the center of the media spotlight, and it hasn’t always been flattering. Its new Open Graph system has drawn the ire of critics, and it had to rush to fix an embarrassing software glitch. Should users forgive the mistakes of a still-young innovator in online socialization? Or should they send a clear signal of what’s not acceptable by heading for the door?
After a tumultuous couple of weeks for Facebook that have included the introduction of Open Graph, threats of lawmaker scrutiny, complaints from consumer groups and embarrassing bugs in its software, members of the social networking site may be wondering whether it’s time to ask the musical question: Should I stay or should I go?
Should members stick with the world’s largest social network as it reaches critical mass and rethinks — once again — its position on how to treat its users’ data? Or should they withhold that valuable personal information and quit the network until Facebook shows a little more respect for customer 
privacy?
Those thoughts may be racing around users’ heads in light of the latest software gaffes to hit the company. A flaw that allowed users to see private chat conversations of friends showed up Wednesday, and some tech media discovered that visiting certain websites while logged onto Facebook resulted in applications showing up in a user’s profile without their knowledge.
Company officials patched the chat bug on the same day it showed up, and Facebook spokesperson Barry Schnitt told TechNewsWorld that the bug depositing apps on user profiles had also been fixed. However, Schnitt also wanted to make it clear that no personal data changed hands along with the apps.
“There was a bug that was showing applications on a user’s Applications Settings page that the user hadn’t authorized,” Schnitt said. “No information was shared with those applications, and the applications did not appear to anyone but the user.”
Although he did respond to the app bug situation, Schnitt did not address questions by press time about why users should stay with Facebook.
Reasons to Give Facebook a Chance
It is, of course, too soon to tell if the recent headlines regarding Facebook privacy issues and software bugs will result in a flurry of account closings on the network. That leads to one reason why users might want to stick with Facebook as it deals with these problems — all their friends will probably still be on the network. “I don’t see a mass exodus from Facebook anytime soon,” Gartner (NYSE: IT) analyst Ray Valdes told TechNewsWorld. “Facebook has now reached critical mass and become an essential part of many people’s online persona. Facebook is where your friends are, so you are unlikely to leave unless all your friends also leave. And there are no strong alternatives to Facebook on the horizon.”
Another vote in Facebook’s favor: The company is still relatively young, and other tech firms that are now respected leaders in their sections of the Internet playing field also had growing pains.
“Facebook is kind of this big lumbering oaf that keeps crashing into tables and knocking over the dishes,” social media consultant Paul Gillin, author of The New Influencers: A Marketer’s Guide to the New Social Media, told TechNewsWorld. “They’re headed in the right direction, but they can’t seem to get there without tripping and falling down along the way. But Google (Nasdaq: GOOG) had a number of mistakes in its history when it was first rolling things out like Gmail, which has gone on to become a part of its users’ everyday activities.”
Amazon (Nasdaq: AMZN) and Ebay had system outages — some lasting longer than a day — during their early years. Stumbles and lurches are to be expected when one is carving out a new niche in the online space, Gillen said.
“They are really way out by themselves with the stuff they’re doing. They’re trying to create social-based applications on a scale that’s never been attempted before, and they’re playing with the most delicate information you can have, which is people’s personal activities and their conversations with their friends.”
Reasons to Tell Facebook ‘Enough’
All the more reason to close your account, says Paul Stephens, director of policy and advocacy for the Privacy Rights Clearinghouse.
“Aside from protecting your privacy, it’s a matter of making a statement,” Stephens told TechNewsWorld. “Consumers need to talk with their wallets if they’re unhappy about something. If a site is not being privacy-friendly, my opinion is that computer users need to take action to show that site they’re not happy with what’s going on, and the way you do that is by closing down your account.”
If consumers are also weary of trying to navigate a byzantine maze of account settings in order to lock down any info they don’t want shared with friends or strangers, saying goodbye to Facebook may also send Mark Zuckerberg and company the message that they need to make that process simpler, Stephens said.
“They have made it so complicated that even people who wrre online-savvy have a great deal of difficulty understanding what is private and what is going to be disclosed. The defaults are not what you would expect them to be. Even when they make changes (in privacy policy), there are wrinkles that don’t necessarily protect your privacy in all the ways you think they would.”
Fixing the application-addition snafu to a user’s profile is a good example. Opting out of the Instant Personalization feature introduced with Open Graph isn’t enough to block apps from showing up. You have to go into your Account and click on Application Settings. There you will see all the applications you’ve used in the past month. Visiting certain websites will result in an app getting dropped in that profile. You must click on “Profile” for that particular application and look for the “block application” listing on the left-hand side of that apps’ Profile Page.
Got it? You’ll be tested on this later. In the meantime, Facebook is also being tested, and critics can always take consolation that the company might end up like its predecessor in the Hot Social Media Company category. “MySpace was close to reaching this threshold a few years ago, to the point of becoming entrenched in the online social landscape,” Valdes said. “Unfortunately, Myspace proved unable to seal the deal for a number of reasons — lack of strong peer-verified identity, lack of a robust, extensible platform. It was hampered by a user interface that lacked usability and burdened by a corporate parent that had slow responses to changing user needs.
“Facebook, by comparison, has executed pretty well,” he added. “Granted, that execution has not been totally smooth, and not all users are happy. There are likely some users who are considering a possible exit. Nevertheless, Facebook continues to show strong growth and momentum even while competitors are scrambling to get on track.”
JENNA WORTHAM
For many users of Facebook, the world’s largest social network, it was just the latest in a string of frustrations.
On Wednesday, users discovered a glitch that gave them access to supposedly private information in the accounts of their Facebook friends, like chat conversations.
Not long before, Facebook had introduced changes that essentially forced users to choose between making information about their interests available to anyone or removing it altogether.
Although Facebook quickly moved to close the security hole on Wednesday, the breach heightened a feeling among many users that it was becoming hard to trust the service to protect their personal information.
“Facebook has become more scary than fun,” said Jeffrey P. Ament, 35, a government contractor who lives in Rockville, Md.
Mr. Ament said he was so fed up with Facebook that he deleted his account this week after three years of using the service. “Every week there seems to be a new privacy update or change, and I just can’t keep up with it.”
Facebook said it did not think the security hole, which was open a few hours, would have a lasting impact on the company’s reputation.
“For a service that has grown as dramatically as we have grown, that now assists with more than 400 million people sharing billions of pieces of content with their friends and the institutions they care about, we think our track record for security and safety is unrivaled,” said Elliot Schrage, the company’s vice president for public policy. “Are we perfect? Of course not.”
Facebook is increasingly finding itself at the center of a tense discussion over privacy and how personal data is used by the Web sites that collect it, said James E. Katz, a professor of communications at Rutgers University.
“It’s clear that we keep discovering new boundaries of privacy that are possible to push and just as quickly breached,” Mr. Katz said.
Social networking experts and analysts wonder whether Facebook is pushing the envelope in a way that could damage its reputation over time. The privacy mishap on Wednesday did not help matters.
“While this breach appears to be relatively small, it’s inopportunely timed,” said Augie Ray, an analyst with Forrester Research. “It threatens to undermine what Facebook hopes to achieve with its network over the next few years, because users have to ask whether it is a platform worthy of their trust.”
Over the last few months, Facebook has introduced changes that encourage users to make their photos and other information accessible to anyone on the Internet. Last month its chief executive, Mark Zuckerberg, unveiled plans to begin sharing users’ information with some outside Web sites, and Facebook began prompting users to link information in their profile pages, like their hobbies and hometowns, in a way that makes that information public.
That last change prompted the Electronic Privacy Information Center, an advocacy group, to file a complaint on Wednesday with the Federal Trade Commission.
“Facebook continues to manipulate the privacy settings of users and its own privacy policy so that it can take personal information provided by users for a limited purpose and make it widely available for commercial purposes,” Marc Rotenberg, the group’s executive director, said in a letter to the commission.
The extent of the discontent among users is hard to quantify, but one measure is a group created on Facebook to protest the recent changes, which has attracted more than 2.2 million members.
Mr. Schrage said that the company was aware that some users were not happy with the changes, but that the overall response had been positive.
Part of the reason Facebook’s recent changes are upsetting users is that, in contrast to a service like Twitter, most people signed up for Facebook with the understanding that their information would be available only to an approved circle of friends, said Danah Boyd, a social media researcher at Microsoft and a fellow at Harvard University’s Berkman Center for Internet and Society.
“Facebook started out with a strong promise of privacy,” she said. “You had to be at a university or some network to sign up. That’s part of how it competed with other social networks, by being the anti-MySpace.”
As the company has changed its approach to privacy, it has introduced new ways for users to adjust their privacy settings. But these tools have grown increasingly convoluted, leaving many users frustrated and unsure of what information is available to whom. They say a site that they joined for the sake of friends and fun has started to feel too much like work.
“At this point, I have no idea how many times I’ve changed my settings,” said Lauren Snead, a 24-year-old student in Murfreesboro, Tenn. “I’ve done it so many times. I’m tired of logging in one day and seeing everything is different and trying to understand what it means.”
In addition, many users are not even aware of the privacy settings, Ms. Boyd said. A recent survey from Consumer Reports found that 23 percent of Facebook users either did not know the site offered privacy controls or chose not to use them.
Mr. Schrage said the company was working to clear up confusion about the settings.
Many frustrated users may not give up on the site because it has become a vital form of communication. Facebook continues to add users at a rapid clip, doubling in size in the last year.
“I’m not going to quit Facebook, because it’s so ingrained in the culture,” said Ryan Scannell, a 26-year-old food scientist in Chicago. “Facebook is not a private place, I don’t expect it to be. But at the same time, I’d like to control what’s accessible to strangers and what’s accessible to family and friends.”
There are financial motives behind the company’s moves. One of the ways Facebook makes money with its free service is by customizing the selection of advertisements shown to individual users. The more information that users put into their profiles, the more the company can make from such focused ads.
In addition, analysts say Facebook may be eyeing the lucrative market for online search, figuring that its users will be more likely to turn to their friends for advice and information than the wider Web. That opens up more opportunities for advertisers.
“They’re heating up in their battle against Google,” said Sean Sullivan, a security adviser at the Internet security firm F-Secure who analyzes social networks. “If I’m looking for a day care for my 6-year-old, I’m going to put that in my status message, not do a Google search.”
Mr. Schrage of Facebook said the controversy over the site’s changes was indicative of a larger shift online.
“Facebook has been made the center of attention around a really important issue of how technology is changing the conception of privacy, control and sharing,” he said. “People are uneasy about it, but as they start to see the benefits and advantages of it, they start to see the value of the experiences.”
Security Expert on Big Risks You Should Be Aware You’re Taking When You Use the Site
But are they well-protected from prying eyes, scammers and unwanted marketers?
Not according to Joan Goodchild, senior editor of CSO (Chief Security Officer) Online.
She says your privacy may be at far greater risk of being violated than you know when you log onto Facebook, due to security gaffes or marketing efforts by the company.
Facebook came under fire this week, when 15 privacy and consumer protection organizations filed a complaint with the Federal Trade Commission, charging that the site, among other things, manipulates privacy settings to make users’ personal information available for commercial use. Also, some Facebook users found their private chats accessible to everyone on their contact list — a major security breach that’s left a lot of people wondering just how secure the site is.
In two words, asserts Goodchild – not very.
On “The Early Show on Saturday Morning,” she spotlighted five dangers she says Facebook users expose themselves to, probably without aware of it:
Your information is being shared with third parties
Check privacy settings after each redesign – they revert to a less safe default mode
Facebook ads may contain malware
Your real friends unknowingly make you vulnerable
Scammers are creating fake profiles
Is Facebook a secure platform to communicate with your friends?
Here’s the thing; Facebook is one of the most popular sites in the world. … Security holes are being found on a regular basis. … It is not as inherently secure as people think it is when they log on every day.
Certainly, there are growing pains. Facebook is considered a young company and it has been around a few years now. It is continuing to figure this out. They are so young they are still trying to figure out how they are going to make money. They don’t even have a revenue model yet. It is hard to compare this to others; we have never had this phenomenon before in the way people are communicating with each other — only e-mail comes close.
The potential for crime is real. According to the Internet Crime Complaint Center, victims of Internet-related crimes lost $559 million in 2009. That was up 110 percent from the previous year. If you’re not careful using Facebook, you are looking at the potential for identity theft, or possibly even something like assault if you share information with a dangerous person you think is actually a “friend.” One British police agency recently reported the number of crimes they’ve responded to in the last year involving Facebook climbed 346 percent. These are real threats.
Lately, it seems a week doesn’t go by without some new news about a Facebook-related security problem.
Earlier this week, a publication called “TechCrunch” discovered a security hole that made it possible for users to read their friends’ private chats. Facebook has since patched it, but who knows how long that flaw existed? Some speculate it may have been that way for years.
Last month, researchers at VeriSign’s iDefense group discovered a hacker was selling Facebook user names and passwords in an underground hacker forum. It was estimated he had about 1.5 million accounts — and was selling them for between $25 and $45.
And the site is constantly under attack from hackers trying to spam these 400 million users, or harvest their data, or run other scams. Certainly, there is a lot of criticism in the security community of Facebook’s handling of security. Perhaps the most frustrating thing is that the company rarely responds to inquiries.
Do people really have privacy on Facebook?
No. There are all kinds of ways third parties can access information about you. For instance, you may not realize that, when you are playing the popular games on Facebook, such as Farmville, or take those popular quizzes, every time you do that, you authorize an application to be downloaded to your profile that gives information to third parties about you that you have never signed off on.
Does Facebook share info about users with third parties through things such as Open Graph?
Open Graph is a new concept for them — they unveiled it last week at a conference. It actually is basically a way to share the information in your profile with all kinds of third parties, such as advertisers, so they can have a better idea of your interests and what you are discussing, so they can – as they portray it — ‘make it a more personal experience.
The theory behind Open Graph — even if they have not implemented it — is their whole business model, isn’t it?
Well, that is the business model — they are trying to get you to share as much information as possible so they can monetize it by sharing it with advertisers.
Isn’t it in Facebook’s best interest to get you to share as much info as possible?
It absolutely is. Facebook’s mission is to get you to share as much information as it can so it can share it with advertisers. As it looks now, the more info you share the more they are going to with advertisers and make more money.
It is not only sharing the information: Isn’t there a security problem every time they redesign the site?
Every time Facebook redesigns the site, which happens at least a few times a year, it puts your privacy settings back to a default in which, essentially, all of your information is made public. It is up to you, the user, to check the privacy settings and decide what you want to share and what you don’t want to share.
Facebook does not notify you of the changes, and your privacy settings are set back to a public default. Many times, you may find out through friends. Facebook is not alerting you to these changes; it is just letting you know the site has been redesigned.
Can your real friends on Facebook also can make you vulnerable?
Absolutely. Your security is only as good as your friend’s security. If someone in your network of friends has a weak password and his or her profile is hacked, he or she can now send you malware, for example. There is a common scam called a 419 scam, in which someone hacks your profile and send messages to your friends asking for money – claiming to be you – saying, “Hey, I was in London, I was mugged, please wire me money.” People fall for it. People think their good friend needs help — and end up wiring money to Nigeria.
A lot of websites we use display banner ads, but do we have to be wary of them on Facebook?
Absolutely: Facebook has not been able to screen all of its ads. It hasn’t done a great job of vetting which ads are safe and which are not. As a result, you may get an ad in your profile whey you are browsing around one day that has malicious code in it. In fact, last month there was an ad with malware that asked people to download antivirus software that was actually a virus.
Is too big a network of friends dangerous?
You know people with a lot of friends, 500, 1000 friends on Facebook? What is the likelihood they are all real? There was study last year that concluded that 40 percent of all Facebook profiles are fake. They have been set up by bots or impostors. If you have 500 friends, it is likely there is a percentage of people you don’t really know and you are sharing a lot of information with them, such as when you are on vacation, your children’s pictures, their names. Is this information you really want to put out there to people you don’t even know?
Facebook is opening up new and interesting ways for you to share information, links and other items online with new features like its universal like button and Instant Personalization. But at the same time, Facebook’s tendency to make more and more of your previously private information public continues to be a troubling habit of the popular social network. Concerns over Facebook’s treatment of user privacy recently led the Electronic Privacy Information Center and 14 other consumer advocacy groups to file a complaint with the Federal Trade Commission over Facebook’s stance on privacy.
While Facebook may be a great tool for connecting with friends and sharing photos and news, it’s important to be aware of how Facebook treats your information and how those policies have evolved over time.
With that in mind, here are four reasons why Facebook’s treatment of user privacy should cause concern among its users.
1. Privacy Regression
The Electronic Frontier Foundation has an interesting post up on its Deeplinks blog that charts Facebook’s privacy regressions from keeping your information private to making more and more of your data public.
In 2005, for example, other Facebook users could not see any of your personal information on Facebook unless they belonged “to at least one of the groups specified by you in your privacy settings,” according to the EFF blog post. By 2006, public information included “school, your specified local area, and other reasonable community limitations that we [Facebook] tell you about.” By 2007, public information included your, “name, school name, and profile picture thumbnail.” By November 2009 your publicly available information was being indexed by third-party search engines, and by December 2009, publicly available information included your “name, profile photo, list of friends and pages you are a fan of, gender, geographic region, and networks.”
That is a drastic change in privacy in just five years, although some of these changes may be attributed to Facebook’s popularity and new user features and services. Nevertheless, it will be interesting to see how much more of your information Facebook pushes into the public sphere over time.
2. Complex Privacy Settings
Facebook allows a certain level of control over some of the information you want to make private, but these controls are not as simple as they should be. For example, Facebook has an entire section in its privacy settings called “Friends, Tags and Connections” that controls what types of information about other people are displayed publicly on your profile.
But to control what your friends can share about you, you have to edit these settings under the “Applications and Websites” heading. That may appear to be a logical grouping if you’re familiar with Facebook’s privacy settings and how the social network shares your information, but a user who isn’t familiar with these policies would have a much harder time finding this setting.
There are numerous other complexities in Facebook’s privacy settings, but on the positive side they do make it relatively easy for you to opt out of having your profile indexed by third-party search engines like Bing, Google and Yahoo.
3. Unclear ‘Connections’
Facebook recently lumped a lot of information together under a new heading called Connections that includes likes and interests, friends and connections. It may also include your current city, hometown, family, relationships, networks, activities, interests, and places. The problem is Facebook is not explicitly clear about what exactly is included in Connections and how this publicly available information is listed on your profile. Here is how Facebook explains Connections in its latest privacy policy:
“Connections. Facebook enables you to connect with virtually anyone or anything you want, from your friends and family to the city you live in to the restaurants you like to visit to the bands and movies you love. Because it takes two to connect, your privacy settings only control who can see the connection on your profile page. If you are uncomfortable with the connection being publicly available, you should consider removing (or not making) the connection.”
Nowhere in Facebook’s privacy policy does it explain exactly what Connections are. It doesn’t tell you, for example, that everything included in the “Likes and Interests” section of your profile are Connections, and therefore, this information is now public.
Facebook needs to explicitly state what connections are and where they can be found on your profile.
4. Getting Rid of Likes and Interests Is Getting Harder
Facebook wants to enhance the Likes and Interests section of your Facebook profile by linking your likes and interests to actual Web pages on the Internet. Liking a movie page on IMDB.com, for example, will create a link from that Web page back to your Facebook profile. The problem is, Facebook’s new interface makes it incredibly difficult to erase your likes and interests from your profile.
For example, I visited the movie page for Knight and Day on IMDB and “liked” it (in the Facebook sort of way), and a link was then created to my Facebook profile. Now, to go and erase that like from the “Likes and Interests” section of my profile (it’s under the “Info” tab), I can’t simply insert my cursor and hit the backspace button to erase it as if it were a piece of text. Instead, I have to select the movie title, then click on “Remove” over on the left column (see image above to see how this works).
Then, if want to remove more my likes and interests — something I recently did — I have to repeat this process for every single “like” that I want to take off my profile and erase them one by one. Facebook does not provide any method for making this a simple and easy process, and there’s no way to mass-delete information. This new process makes it less likely that users will go to the trouble of deleting this information, and you have to wonder if that decision wasn’t deliberate.
The Bottom Line
Facebook is offering a lot of new and interesting services, but as more Facebook information becomes public, you need to always be aware of what the social network is doing with your data and how you can protect or delete it as you see fit.
ABOUT
Leading The Way In e Commerce Solutions
RECENT POSTS
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Oct | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | ||||