Facebook privacy basics…


[Image above taken from one of many misguided initiatives as social networking enters its cash-in cycle…]

Nothing I intend to post here will be news to people who have been following the Facebook privacy saga. Facebook’s behaviour could be described as standard operating procedure in Web 2.0 these days, free services are paid for with leveraged user-generated content and relentless marketing — my own opinions are pedestrian and predictable.

Having said that, I am still encountering lots of people who are completely unaware of these issues, so with that in mind I’ll post some essential points on Facebook and privacy, hopefully they will be useful for a few people.

One, the quiet launch of the Facebook Beacon should make it clear what the value proposition for its absurdly high market capitalisation is all about. There’s lots to find creepy about Beacon, most notably its collection of your user data beyond the confines of Facebook itself. Participating companies extend Facebook’s surveillance of your online activities, reporting back, say, that you just bought a volume of the Fabulous Furry Freak Brothers at Amazon. If you are alert, you may have the option to “opt out” of a “feature” that would report that purchase to all of your Facebook friends. But even then Beacon would record that purchase and attach it to the detailed profile that Facebook keeps on you, one that when correlated with its huge user base may end up being of considerable interest to marketers.

After a fairly intense backlash, CEO Mark Zuckerberg offered a non-apology apology for how Beacon was rolled out (“we missed the right balance”). They claim you can now ‘opt out’ via the privacy settings on your Facebook profile. Directions on how to do so (mixed in with some high-grade snark) are here.

While you are in your privacy settings, I recommend you take some time to look through the tabs and think through what is exposed, and to whom. Two essentials jump out at me.

* Under “Profile” the default allows any user who belongs to any of your “networks” to see your profile. In other words, if you belong to the “Vancouver, BC” or “UBC” networks, anyone else in those networks can see your profile, not to mention those binge drinking jokes that your old high school buddy left on your wall. You may want to adjust that level of exposure.

* A friend of mine does security for a credit card company. He tells me that for various reasons the single most useful piece of information for identity thieves is your birthdate. (I remember one instance of telephone banking where I could not remember my “security codeword” for the life of me, but my birthdate was enough to convince the service representative that I was legit.) If you are intent on getting lots of well-wishes on your special day, consider dropping the year at least –though that part is not hard to figure out, especially if your high school graduation year is on your profile.

As an aside, I almost never install external applications for “Stupid Walls” or pop culture quizzes or zombie attacks… mostly because I find them highly annoying, but also because these applications gain access to your FB data, and I have no idea how far that access extends.

Personally, I always expect the worst of everyone, and believe that more often than not privacy settings provide a false sense of security. I expose myself accordingly. I still have a Facebook account, because at least once a week I get back in touch with someone I had thought I had lost all contact with. And I am endlessly fascinated with what my old classmates have done with their lives. So given all that, I anticipated Facebook’s scuzzy behaviour, and I’ll be keeping my profile active, at least until the next inevitable outrageous abuse.

Anybody else have Facebook digital identity tips or horror stories?

Update: I think Facebook is feeling the heat from this Beacon backlash. As of now, when you receive a message inside FB, you don’t merely receive a notice to go check Facebook, you actually get the text of the message itself. This will result in significantly fewer pageviews for Facebook, but a much improved user experience.

A bloggy high-five towards Northern Voice organizer Travis Smith, who organized one of the few Facebook groups I have joined, one dedicated to achieving just this very outcome…

About Brian

I am a Strategist and Discoordinator with UBC's Centre for Teaching, Learning and Technology. My main blogging space is Abject Learning, and I sporadically update a short bio with publications and presentations over there as well...
This entry was posted in Uncategorized. Bookmark the permalink.

8 Responses to Facebook privacy basics…

  1. Patricia says:

    I find that Facebooks’ privacy settings are quite serpentine and I recommend that users pick over them at least once a month. If for example you join FB and put yourself in the Vancouver,BC network and do your privacy settings to your liking and then a month later you add yourself to the (for example) UBC network it will cause a change in your privacy settings. Also, FB adds features (such as the mentioned beacon) without advertising it properly. I find that it requires some diligence.

    I do like FB right now for the same reasons you cite Brian in that I’ve gotten back in touch with former co-workers, student assistants (to answer the question: whatever happened to….?) etc… I’ve also found some social/business networking opportunities that I otherwise wouldn’t have. For the moment I find it useful, but I know eventually I will move on….

  2. Jon says:

    I found this a very thoughtful post about Facebook. Essentially, it points out that Facebook was originally about low levels of privacy within a relatively closed network. There’s some implicit lament for that period, and for the fact that we are all now (to use his metaphor) locking our doors to all but our chosen friends.

    In part that’s why I continue to keep my Facebook profile (or at least the vast majority of it) open to almost anyone in my networks. And this therefore serves as a reminder that Facebook (like blogs) is public.

    And likewise I’m pretty reserved to signing up to Facebook applications. But again see the linked post for a still smarter commentary about that: Facebook has now come to be about those applications, rather than about free access to relatively ordinary information.

  3. Heather Ross says:

    Great post, Brian. Thanks for sharing the link to how to “disable” Beacon. I’ve always found it very annoying when you have to opt-out of these things instead of the other way around.

  4. Brian says:

    @Patricia, I think you articulate something I was trying to get at, that annoying way they have of changing the terms, with no notice, and then acting shocked when people object.

    @Jon – That is an interesting post, and I applaud the principle of openness you articulate — though I’m not sure FB really is public. It reminds me more of some kind of cruise ship where some needs are met lavishly, but there is a strong sense of implied order and management.

    I’ve always had a fairly open approach with my online presence. I reveal more of myself on this blog, my del.icio.us account, my Flickr feed, whatever than I do on FB.

    My main point on this post was to make people aware of what they are exposing. It’s clear to me that people think they have more privacy on FB than they do, and make some pretty unfortunate decisions as a result.

    What I like most about FB is that it connects me to a lot of people who are otherwise not engaged with the web as a communication medium, but those people often display some fairly fundamental ignorance of how the web works. I’ve gotten 3 or 4 mass-message warnings now about some “hacker” (they even have a name attached) who will befriend you and use that access to get into your hard drive, and your credit card info. (It never occurs to them to report this person to FB if they are doing this…)

    And the point about the applications is interesting. Actually, that whole external applications framework strikes me as almost a tragedy of FB — it is very, very cool on a technical level. People in my field have no difficulty understanding what a ‘social networking operating system’ might look like now, we’ve got a clear model. I have some pretty useful applications installed (mostly to replicate what I do on my blog for the fair number of people who follow my Profile but never look at my blog), but I find it disheartening to see how this power has been used…

    @Heather – agreed, Patricia’s point also speaks to that.

  5. Marc says:


    I reposted this on the progressive-economics.ca blog, and rabble.ca has picked it up on their front page. Thanks for the nice primer. I’m sure I told you about how my ass was exposed thanks to facebook’s lax attitude …

    I added some personal commentary, and linked in a subsequent post to a development of open-source social networking software:




  6. Brian says:

    Nice! I’ve been meaning to plug your blog, I’ve really been enjoying it lately — you’re on fire!

  7. Brian says:

    Oh yes, and I was thinking of our conversation a couple weeks back when I wrote this post — it was that and others like it that prompted me to write.

  8. Andy says:

    Great post. Here’s a story for you. A friend of mine joined a group of highly personal and sexual nature, not realizing that it would send an alert to every one of her 200 friends that she had done so. Funny if you’re not her, a humiliation on the cosmic scale if you are her.
    “Our neighbours tragedies are our comedies.”

Comments are closed.