Interesting updates in the world of social media for Facebook and MySpace.
An article from The Financial Times notes that Facebook will be making changes to it’s privacy settings so you can determine who you share your information with. It will include the ability to opt out of sharing data with 3rd parties, and set you visibility settings to everyone, friends of friends or just friends. This may seem quite confusing to everyone (as it should) as this sounds remarkably like what Mark Zuckerberg claimed to be included in the security updates for Facebook last December. In fact, this is directly from that article:
The plan we’ve come up with is to remove regional networks completely and create a simpler model for privacy control where you can set content to be available to only your friends, friends of your friends, or everyone.
So what actually happened when you use the current settings that supposedly restricted who could see your content?
Did this not actually work in December? Will it work with the next round of changes?
At least when the most recent programming issue (earlier this month) was discovered that allowed people to see content you had restricted, Facebook reacted quickly, apologized saying it was part of a programming change that has just been pushed out, and make changes to fix the issue. LINK HERE
However that little bit of rebuilding of faith in Facebook has been quickly undermined when you find that the current configuration also LEAKS INFORMATION TO THIRD PARTIES. While Facebook settings allow you to opt out of share information, what does happen is that it passes your username and/or an ID number in the URL to the third party who hosts the add. Having the name or ID allows you to look up the person on Facebook (easily done programatically if you are large advertising company who is looking to harvest information). Which interesting contradicts what Facebook’s VP for Public Policy stated in the New York Times earlier this month.”
However, we don’t provide the advertiser any names or other personal information about the Facebook users who view or even click on the ads. (LINK HERE)
Given the changes in security settings and that they often “default” to what Facebook considers optimal (which I would assume is not optimal for most) and the “oops” factor when they make unintended changes, this leaves the information you may have thought you restricted open for viewing. Since we know that information can have a long life on the Internet, changing the settings after the fact doesn’t pull your information back, it just limits the future leakage.
Do I still have a Facebook profile? For now, yes. But there’s nothing there that isn’t quite public knowledge about me anyway. But I’m definitely part of the 60% of people considering leaving Facebook (only a small sample and definitely more security minded people took it). (LINK) Nevertheless, if some percent of the 400 million users turn, it would send quite a loud message.
Then again, are we expecting entirely too much here? I hate to say it, but this is a social media site. Should we be indigent when we find that information we post on the internet is shared with people we didn’t mean for it to be? I don’t want to absolve any site of it’s responsibility to properly secure the users data, but we put it there!!! To the degree which you can, don’t put things online you don’t want shared with anyone. At least that limits your exposure and the possibility of another issue with Facebook leaking any more information about you than you want.
Poll and picture from sophos.com