Privacy vs advertising on Facebook

I’ve been on Facebook for almost a year now and have a love-hate relationship with it. For connecting me with old friends, feeling the daily pulse of people I know through status updates, and being a means of coordinating an event or party, thank you Facebook. But I am increasingly disturbed by the callous attitude taken by Facebook with regard to the privacy of its users. In its quest to become the next Google, Facebook sees a goldmine in all of those personal tidbits you think you are just sharing with your friends, but that Facebook would like to share with advertisers to fatten its bottom line. And I hate advertising.

Back when a colleague of mine was doing up a presentation on Web 2.0 I noticed she used my profile page as part of it. How did she get that, I asked? Well, it was just sitting there for anyone to see who was part of the Vancouver, BC network, because the default setting in Facebook is much less private than one might expect. Having realized that my ass was airing in the cyber-breeze for a several months, I changed those settings right away. Not that I really care if someone knows I love the Drive-By Truckers, but still. Anything you say on Facebook can and will be used against you in some future interrogation. So please be careful.

Here’s a brief Facebook privacy primer from Abject Learning:

Nothing I intend to post here will be news to people who have been following the Facebook privacy saga. Facebook’s behaviour could be described as standard operating procedure in Web 2.0 these days, free services are paid for with leveraged user-generated content and relentless marketing — my own opinions are pedestrian and predictable.

Having said that, I am still encountering lots of people who are completely unaware of these issues, so with that in mind I’ll post some essential points on Facebook and privacy, hopefully they will be useful for a few people.

One, the quiet launch of the Facebook Beacon should make it clear what the value proposition for its absurdly high market capitalisation is all about. There’s lots to find creepy about Beacon, most notably its collection of your user data beyond the confines of Facebook itself. Participating companies extend Facebook’s surveillance of your online activities, reporting back, say, that you just bought a volume of the Fabulous Furry Freak Brothers at Amazon. If you are alert, you may have the option to “opt out” of a “feature” that would report that purchase to all of your Facebook friends. But even then Beacon would record that purchase and attach it to the detailed profile that Facebook keeps on you, one that when correlated with its huge user base may end up being of considerable interest to marketers.

After a fairly intense backlash, CEO Mark Zuckerberg offered a non-apology apology for how Beacon was rolled out (“we missed the right balance”). They claim you can now ‘opt out’ via the privacy settings on your Facebook profile. Directions on how to do so (mixed in with some high-grade snark) are here.

While you are in your privacy settings, I recommend you take some time to look through the tabs and think through what is exposed, and to whom. Two essentials jump out at me.

  • Under “Profile” the default allows any user who belongs to any of your “networks” to see your profile. In other words, if you belong to the “Vancouver, BC” or “UBC” networks, anyone else in those networks can see your profile, not to mention those binge drinking jokes that your old high school buddy left on your wall. You may want to adjust that level of exposure.
  • A friend of mine does security for a credit card company. He tells me that for various reasons the single most useful piece of information for identity thieves is your birthdate. (I remember one instance of telephone banking where I could not remember my “security codeword” for the life of me, but my birthdate was enough to convince the service representative that I was legit.) If you are intent on getting lots of well-wishes on your special day, consider dropping the year at least —though that part is not hard to figure out, especially if your high school graduation year is on your profile.

As an aside, I almost never install external applications for “Stupid Walls” or pop culture quizzes or zombie attacks… mostly because I find them highly annoying, but also because these applications gain access to your FB data, and I have no idea how far that access extends.

Personally, I always expect the worst of everyone, and believe that more often than not privacy settings provide a false sense of security. I expose myself accordingly. I still have a Facebook account, because at least once a week I get back in touch with someone I had thought I had lost all contact with. And I am endlessly fascinated with what my old classmates have done with their lives. So given all that, I anticipated Facebook’s scuzzy behaviour, and I’ll be keeping my profile active, at least until the next inevitable outrageous abuse.

Anybody else have Facebook digital identity tips or horror stories?

Update: I think Facebook is feeling the heat from this Beacon backlash. As of now, when you receive a message inside FB, you don’t merely receive a notice to go check Facebook, you actually get the text of the message itself. This will result in significantly fewer pageviews for Facebook, but a much improved user experience.

2 comments

  • Isn’t technology amazing? Just when it seems to open doors and present new streams of business and social interactions it exposes loopholes that perpetuate the requirement for technology to be solution to its own problems.

    Facebook requires participants to expose their privacy for system to work. This in itself is not unethical but the possibility of misappropriation of that information is where the problem is.

    Facebook is doing what they should do, innovate their services. As long as they are candid about making risks involved in their product transparent.

  • Wow. Thanks. Will change now. God, I didn’t know.

Leave a Reply

Your email address will not be published. Required fields are marked *