Given the fact that Facebook seems to be planning to adapt a location-based side to their platform and services, I thought it was important to address how facebook currently operates within their privacy settings, how easy it was to change those settings, and how transparent the information was. While the locational information isn’t already included in the privacy settings, the current settings provide a model for what is likely to come. The trends I found were both encouraging and somewhat disheartening, because based on my research Facebook is highly committed to transparency, however it seems that users aren’t taking advantage of the opportunity to track the information about themselves being distributed. This interesting situation is a good marker for how location-based services might be handled in the future.
Facebook has proposed changes to their privacy policy, especially concerning location-based information. This new shift protects Facebook from any liability and reminds users that if they share information with “everyone” it can be collected by a third party and be impossible for Facebook to delete. The article details the major changes in the policy, and commends Facebook on making their terms clearer and easier to read.
Given the interesting changes in the article, I took the time to check my own Facebook settings to see how where I currently stood and how easy it was to change the settings. I was shocked to find that my security settings were completely different from what I had expected and believed I had programmed at the conception of my account. While I had believed my profile to be private to my friends, it was actually open to my whole network, not to mention my pictures and groups were visible if someone were to search my name. After navigating through a variety of different settings, I came to a page that informed me that Facebook ads had actually been using my information in ads to my friends, and even including my profile picture occasionally. Additionally, without my knowledge a public search listing was created for me the moment I turned 18. The information on applications was less of a surprise but still worrisome. I had noticed from the beginning that the “I Agree” boxes at the beginning of applications seemed rather all-encompassing, therefore I often avoided or used then deleted any application I came across. However the idea that if one of my friends authorized an application, they could use all the information on my profile available to that friend was shocking! What these applications could see included my: current location, relationship status, profile status, personal information, wall posts I had made, and my work and educational history. I actually had to go through and de-select every item that I didn’t want shared with an outside application.
On the one hand, it is technically the user’s job to check and modify their own privacy settings. However the amount of information available to third-parties because of these little checked boxes hidden away in my privacy settings was frightening. Without reminders to check your privacy settings or notifications of modifications, users could easily be constantly sharing a different amount of information than they expected. This situation requires the user to fight for their privacy instead of opt-out of it if they were less concerned about privacy issues. Users might, and often do, enjoy ads specifically tailored to their interests, however might be less thrilled to appear in ads to their friends. Given the importance if this distinction, it seems reasonable for Facebook to alert the user on occasion (either every few months or each time the user agreement is changed) to update their privacy settings. Especially as Facebook integrates location-based services into their setup, it will be increasingly important for them to be very transparent about what information is public, what is private, and the definition of those two terms.
Despite things that Facebook could do better, they are already doing a lot right. A clear and transparent setup on the Site Governmance page with easy to navigate links to more information gives the user the basics with quick access to depth. By personally investigating reported misuse and promising to act accordingly, they accept the burden of policing the site and keeping both other users and third-parties from abusing the platform. Their third party advertisements are designed in a way that the advertiser chooses specific characteristics of users he wants his advertisement displayed to and Facebook does the distributing of ads from there. This is a much better system than releasing the information to advertising companies for them to choose from. It releases less information, allows Facebook to censor inappropriate content from advertisers, and helps them take the user’s privacy settings into account.
Unfortunately, the majority of users never read the privacy agreements or visit the Facebook Site Governance page to check any new developments or how their information is being used; but if they did, they would find a well organized, easy to navigate site that clearly spells out the inner working of Facebook’s privacy settings. Every user could benefit from keeping better track of their personal information online, especially when location is about to be added to the mix. In this situation, it is hard to fault the creators of this straightforward site, showing that the responsibility truly falls on the user to make the effort to check their settings now and again.
A interesting and fearsome point that you brought up was the lack of ability to delete information collected by third parties. Seeing as how many people obliviously add whatever gimmicky app their friends sends them results in their data being distributed to who knows where.
ReplyDeleteFurthermore, with Facebook in charge of the default settings, many are susceptible to risk. Only a very small percent of users actually go through the trouble to go into the settings pane and change them.
I completely agree with the surprising ability to go beyond the user who accepts the application's terms and reach into the trees of contacts. Ah! Where is privacy in all of this. Clearly, regulation needs to be put in place. The only trouble is that social networks are quickly evolving and changing, so coming up with adequate limitations is nearly impossible.
You suggest that Facebook should send reminders to users to monitor their privacy settings. Would actually setting the defaults as private be a reasonable solution too? Or, would that be too conservative? What vested interests does Facebook have in ensuring the openness of user data? You say that it is the user's responsibility to check the settings. But, does Facebook bear any responsibility?
Great post! I look forward to the innovative ways that Facebook incorporates location technologies!
Interesting that you would write on this topic: I had a very similar expereince recently! I stumbled across the same settings, about what of my information was being shared with third-party applications.
ReplyDeleteMy hunch is that Facebook recently introduced that section. Before it existed, applications you "Agreed" to had full access to that information and you couldn't do much about it.
The commenter above me brought up a great point: opting out vs. expressed consent. Which should Facebook require? Currently, it seems to be following an opt-out formula, but this obviously takes advantage of most users because they don't make the agreements clear. Yet they are a private business, and if we really don't like them we can vote with our mouses: namely, leave the site. So they shouldn't really be required to use expressed consent, as this might hurt business.
A fun read! It's always interesting to see how the social networking giant grapples with the privacy issue.
Facebook's privacy settings are an interesting case study because as a company, Facebook wants its users to share more of their information with everyone but since Facebook was built around the idea of complete and granular privacy controls, opening up all the information is tough to do all of a sudden. As a user, I think Facebook could do a better job of displaying exactly how someone views a page (you can currently do this for individual users but not for "Everyone" i.e. the public view). However, from a business perspective, Facebook wants all its status updates to be searchable to compete with Twitter as the "pulse of the world". There are way more Facebook status updates than there are tweets so the crucial step is getting all Facebook users to be more open. They have been somewhat successful (perhaps, through unethical means) in doing this. After Facebook's recent privacy changes, a lot of users are actually showing their photos to everyone and this is a lot worse than the previous situation you describe where it's only open to users in the same network.
ReplyDeleteWhen you look at the larger issue, there seem to be two questions - whether increased "lack of privacy" is a good thing or bad thing, and whether it is inevitable or within your control. Google's CEO Eric Schmidt's recent comments about privacy, "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place", caused quite an uproar. He suggests that there's really no such thing as privacy anymore. Just looking at this matter legally, this is true to some extent. The PATRIOT Act intrudes on the right to privacy greatly. But Facebook, at least in its early days, offers a flawed but strong counterexample to the idea that all online activity is public. Like most people, I think privacy is crucial and I feel that users should have complete control of their own data and without explicit approval, this data should not be used for any unspecified purposes.
But perhaps unlike most people, I beleive that you should share what was traditionally private information publicly on the Internet (only voluntarily, of course). Gmail creator and Friendfeed co-founder Paul Bucheit wrote a great blogpost about this recently[1], where he says that as we share these tiny bits of information and as our lives are more publicly visible and open, society as a whole becomes better and more humane. I tend to agree with this view. Take one example, the President 40 years from now is going to have all his teenage life in public view (on Facebook and Twitter and Flickr). We'll come to realize that all humans are fallible even the President. People curse when they are angry. They get drunk. They hate some things (yes! even the President doesn't love everything and everyone!). Honesty will certainly lead to a more accepting and happier society but only if people *chose* to share the information without any external coercion.
[1] http://paulbuchheit.blogspot.com/2009/11/open-as-in-water-fluid-necessary-for.html