Facebook Is Losing It | Tom McGee's Blog

“It” plus thousands of customers. Their privacy problems/screwups are becoming big news, and when you hit the front page of The New York Times’ business section this way you’ve got a problem.

The gist of it, as I see it, is that anything you do on Facebook is now fair game for anyone unless you jump through an astonishing number of hoops. And it’s not just you sharing your information with advertisers; it’s your friends sharing your information with search engines.

You may not have realized these things, but if you list your interests (and doesn’t everybody), your friends can inadvertently make those personal preferences public, even if you have limited them in your profile (without the fine-grained detail now necessary). If they play Farmville, for example, which flashes up a quick warning that your profile information yada yada yada will be used, then that’s it. It will show up on a public page, get Googled, and now your next employer knows far more about you than you really wanted them to. Or your spouse or girlfriend sees your list of friends, including that special someone you’d rather they didn’t.

I found this out in a strange way, I Googled myself (don’t we all?) and part of my Facebook profile came up in the top four — with a list of my Facebook friends.

The FAQ for these features runs to some 45,000 words, according to the Times article linked above. But:

And still, some information will no longer remain private because Facebook has also added a feature, called community pages, which automatically links personal data, like hometown or university, to topic pages for that town or university. The only way to disappear from those topic pages is to delete personal data from Facebook.

Wired reports on the bait-and-switch tactics being used over the last few months:

So in December, with the help of newly hired Beltway privacy experts, it reneged on its privacy promises and made much of your profile information public by default. That includes the city that you live in, your name, your photo, the names of your friends and the causes you’ve signed onto.

This spring Facebook took that even further. All the items you list as things you like must become public and linked to public profile pages. If you don’t want them linked and made public, then you don’t get them — though Facebook nicely hangs onto them in its database in order to let advertisers target you.

For some of this, there’s no way out. The Electronic Frontier Foundation warns that you used to be able to block the API from gathering your personal information, but no more:

The issue of privacy when it comes to Facebook apps such as those innocent-seeming quizzes has been well-publicized by our friends at the ACLU and was a major concern for the Canadian Privacy Commissioner, which concluded that app developers had far too much freedom to suck up users’ personal data, including the data of Facebook users who don’t use apps at all. Facebook previously offered a solution to users who didn’t want their info being shared with app developers over the Facebook Platform every time a one of their friends added an app: users could select a privacy option telling Facebook to “not share any information about me through the Facebook API.”

That option has disappeared, and now apps can get all of your “publicly available information” whenever a friend of yours adds an app.

It was creepy enough when LF’s daughter, writing from Berlin, wondered if there were any Dunkin’ Donuts. All of a sudden her, LF and myself all had Dunkin’ Donuts ads appear in the right-hand column. That’s at least a (creepy) attempt at being helpful. But as Wired points out:

Now, say you you write a public update, saying, “My boss had a crazy great idea for a new product!” Now, you might not know it, but there is a Facebook page for “My Crazy Boss” and because your post had all the right words, your post now shows up on that page.

Which can be somewhat less helpful, especially it these times of constantly shrinking headcounts.

There is a lot of advice out there on how to go through the 50-odd privacy settings scattered around on different pages of your profile. But there’s a nice tool available to do a quick check for you, and make corrections as needed. Use ReclaimPrivacy.org’s Scan For Privacy button. It’s a chunk of Javascript code that you run when you’re logged in to FB.

I read through the code this morning, and though I’m not a total expert by any means it looks legitimate. It’s not at all obfuscated, and the source is totally open. It makes a bunch of HTTP calls to the privacy pages, and checks the status of the checkboxes for you, throwing up alerts for potentially dangerous settings.

FB has been on a campaign against outside services, but this one’s gone viral; and since it’s an open-source Javascript now that it’s out there it can’t be reeled back in. I guess they can change the way you set your privacy preferences (again), but they probably will anyway.

What To Do?

Well I’ve removed all my interests. Not like I’d put up anything I’d be unwilling to answer for. I’m also removing the “Share This” widget that used to be on the top of all my posts here. Not like I was getting a lot of traffic (if any) out of it anyway. But on principle, if you want to point this article out to someone online, just do it the old-fashioned way and copy and paste the link. If the plugin is modified to allow me to select which services to use, I’ll probably put it back in.

Facebook’s CEO continues to draw bad press for his lousy skills at handling this miasma. A book is coming out, which among other things talks about him watching user profiles to guess who would be hooking up, and who would be breaking up, based on their comments and friend lists. Also, intra-Facebook messages are scanned, used for advertising, and sometimes purposefully intercepted because of content. Innocent content, sometimes:

Wired.com confirmed Facebook is blocking private messages by sending a link to a Pirate Bay torrent feed of a book in the public domain. Such content is freely available to everyone, as all copyrights have expired. Nevertheless, the message bounced twice, returning the following failure notice: “This Message Contains Blocked Content. Some content in this message has been reported as abusive by Facebook users.” (Facebook’s link-censoring system is may be just tilting at windmills, however, because removing a single vowel from the domain name lets the URL go through.)

In the case of Wired.com’s test, there were only two Facebook users who should have been aware of the content — Wired.com editor John C. Abell and his message’s intended recipient, who was sitting five feet from him — and neither had the slightest objection to it whatsoever.

Doesn’t it make you feel good to know that your photos, interests, friends, and private communications are being treated this way?

On Kitchen Renovation — Almost Done (2)

tom: This time next week we’ll be more than that!
Tom Reingold: Ah, you’re engaged. I’m happy for you.

On “Rufford Park Poachers” (2)

tom: I originally got it from here. Scroll down to the title “Rufford Park Poachers,” click, and that...
Kyler Zary: Well-written, very informative article. However, I must ask where you found the original recording of...

On Workhorse (2)

tom: I spotted another one last month in Brooklyn Heights, NY, chained to a railing. And it even had the original...

S	M	T	W	T	F	S
« Apr
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

What To Do?

Leave a Reply Cancel reply