SocIT

This a great article and Read Write Web has been doing excellent reporting on Facebook.

I've sited this article and a couple others in our initial podcast: socitpodcast.wordpress.com.

Thanks for keeping us informed.

Michael D. Snyder

1. Reduce privacy settings to what most people will accept as a "bare minimum"
2. Introduce a paid area to Facebook which allows people greater control over their privacy settings.

It's a great money making ploy...

Someone should develop a similar service, but market it on the points of privacy and exceptional customer service. And while they're at it, make it more user friendly for the novice.

A lot of people are still under the impression that they are privacy-protected.

The company should run TV ads asking people on the street, "Do you have a Facebook page?" When they say yes, point out all the privacy weaknesses that people aren't aware of, in plain language, and market the new service geared toward customer privacy.

And please, some customer service. Facebook is abysmal in that respect.

For the time being I'm on FB but I do have concerns about it and may delete my page at some point.

I suppose it's naive to believe that anything posted online is every truly private, no matter what the service tells you. It's difficult because this is the way things operate these days. I suppose one could toss the GPS, get offline, toss the cell phone, and go live in an RV in the woods out of the sight of Google Earth, but it's not very practical for interacting in the world on a day to day basis. =)

I believe both you and JustinKistner make valid points. To your point, Facebook created an unprecedented social communication network on the promise of privacy and free. People have found it useful, enjoyable and valuable and have come to depend on it in various ways. You are right to point out the "Let Them Eat Cake" mentality of tech executives, a mentality once attributed only to subprime mortgage lenders and Wall Street bankers. But at the same time, forgive me if I'm being repetitive, but similar to Justin, I find it hard to believe that any user thought there wouldn't be a day when Facebook would turn around and say "time to pay." None of us believed we'd have to pay with our privacy.

I still think industry insiders - tech bloggers, social media gurus, etc. - miss a larger point. Most of the people I know on Facebook are not tech savvy and are not policy experts. The New York Times article by Sarah Perez from 1/20 on how to manage privacy settings is great, (btw, I could not figure out how to share it on FB so I came here to find it and found this instead) but until you stop hand-wringing and tell people how to fight back rather, than how to adapt, you're not helping that much.

I'm not powerful enough or based in the industry enough, but the people I know see me as a tech expert. So on their behalf and mine, I'd like to see some guidance about what people like me can do to force change or find an alternative.

Here are some ideas:
-I tweeted to @Jason that he should boycott Facebook instead of Comscore.
--I am happy to pay Mark Schmuckerberg a small fee every month for the use of his service. Please let him know that and have him tell me where to sign up.
- Alternatives: Would you recommend people bring their networks to NING? What are other options? Are there any moribund social networks that would welcome a mass shift to their site?
-What about MySpace? If Rupert Murdoch is all about paying, why can't he slap a new brand on MySpace and make it private? Will he listen to you guys rather than me?

Unlike the guy that said "Keep the government out of my Medicare," I'm not naive enough to believe that I can keep NBC out of my late night TV or to continue to receive services from businesses like Facebook for "free".

But as I said in my comments in your 1/12/10 post:

"Recognize that what Facebook has done is unconscionable and consumers need to know it in plain language. This is a USA Today story not a TechCrunch or even a Wall Street Journal story. Help get it to the right people, so Facebook users - and users of other free media networks - understand what is happening, what they can do about it, how they can replace it and how much free really costs."

if you don't want your photos, name, words/ideas on the internet... don't publish them.

As for that chestnut, "If you have nothing to hide then you have nothing to fear", its survival is an indictment of us all. When the last person has used it in argument we'll know that progress is being made.

I'm sorry, but I don't think a user generated media company owes it's users privacy. Governments might have an obligation to uphold its citizens right to privacy and a vendor like Facebook would have to comply; but that's not what's going on here.

Facebook didn't suddenly make the messages people addressed to each other public. Address routed communication does have implied privacy. But, publishing media is different. Media is by definition not private. It may have limited distribution, but there is no expectation of privacy. If people started using media to share information they should have addressed through private channels, then hopefully the sting from this will be a catalyst for better personal discretion and innovation in the marketplace.

Facebook could rather than nefariously steal users info, be open, honest and offer incentives to promote the sharing and activity they crave. If the value to Facebook is the asset of the user's information and activity, make the asset a shareholder. Develop some sort of point system for how users engage Facebook. More public, more points. More friends, more points. More posts and pics, more points. Invite a friend to join, more points. Update status and wall, more points. Click Ads, points. Post links to products, points. Make the users motivated rather than fearful of sharing. Let the users recommend products to friends rather than some algorithm that gets it wrong 30% of the time.

This point system could be paid in their virtual goods, Advertisers promo gifts, discounts, heck, maybe even stock options in Facebook. They are going about this the wrong way by breaking one of the basic common sense behavior of trust and business fair dealing, not doing what they have said they will do and appearing to bait and switch. People are not as dumb as Facebook assumes and eventually users will react by posting false profile information, using aspects of Facebook less, recommending their children or other friends and family avoid it, restrict their communications with fears of unknown repercussions. If Facebook wants the users to be players in their version of Reality TV, offer them a carrot to really perform.

The most valuable asset an organisation has is its client base. Without one, the 'laws of economics' don't amount to a hill of beans.

Much bigger companies than Facebook have crashed and burned over the last 18 months.

A happy, well informed, client base makes for a healthy company.

"The bigger lesson I learned is to not leave my wife home alone."

Did I push the button on the Way Back Machine, Sherman?

Look people, even the first big successes are liable to be failures in this Brave New World that is the equivalent of survivors in a plane crash: Only the strongest of those not burned alive first will survive.

So, like the wings of Daedalus, like - yes the dinosaur- and like the dirigible, some pretty good ideas that wreak of all datapoints successful are just not. And until we know what the measurements are for success - keeping in mind that winners write the history - let common sense prevail.

People have a reasonable expectation to privacy, even when using free services (like paying for them gives one any greater right -*RIGHT* mind you, something you cannot trade on or sell - than using a free service), and they can expect that any enterprise is going to want to make money, and challenge where the limits are to those rights.

Big surprise.

I am passionate about this conversation because my career has been in data driven marketing and now the data collection industry. I've been under the impression the whole time that the conflict of interest for a user generated media company was obvious. I've been watching Facebook loosen privacy since they started opening it past college students--many of whom deleted their accounts then in protest to the loss in privacy. I've seen that same disappointment from other changes in Facebook since. That's why this doesn't feel like an about face to me. It feels like another update in how much privacy is exchanged to pay for the service. An update that makes sense if the largest social network in the world is not making enough to be cash flow positive. With more users than anyone it's logical to try and make more pages public, which is why I say they have a conflict of interest with privacy. It's why they reserved the right to make changes to their privacy policy. That's why they didn't give you a contract that would hold them to the original terms. They knew this day might be necessary to hit revenue. And this latest adjustment feels inline with how things have been progressing with the company.

Now, I respect that the latest updates are at a point where you and others no longer find the exchange worth it. Facebook does have an obligation to make it easy for you to opt out content that you don't want to be public, such as easy methods for expunging in large batches. They should also make it easy to delete your account. I could even go with an argument for making them give you an option to export your data when you close your account.

And, if we're not comfortable with opening up more, then we need to cover the costs for providing the service. Facebook needs to pay it's staff to continue operating, which is a large expense. So much so that Facebook, the largest social network in history, is still working on being cash flow positive after selling advertising. Since people are expected to cough up money to pay for long distance, land lines, and cell phones to stay in touch with family and friends; I think it's reasonable to pay for social communication. Blackbox Republic is even doing it already. Their motivation for privacy is due to the nature of the site's content, but it is still privacy as the incentive to pay for the service. I could see a commodity priced version that could work for you and your family. Maybe something like Skype that could have a mix of free and paid services. Skype could replace your current phone bill, long distance minutes, photo printing, etc and provide Facebook like networking services that include VOIP and video.

I am sorry that it's not available now though and that means you're putting up with grief from the changes. For that reason I support you that we should change Facebook back!

Great post as usual. A bit of nitpicking from my side (since Facebook's privacy is quite a jigsaw puzzle needing nitpickers):

The sentence "Facebook users are no longer allowed to restrict access to their profile photos" is technically incorrect. In fact, before December, there was no way to hide your Profile pictures album from anyone. But, after the December changes, you *can* now restrict visibility of your profile pictures album. Only your *current* profile picture has public visibility.

The use of the plural "profile photos" makes it inaccurate. Remove the 's', and it's accurate. That's how fragile Facebook privacy has become.

Great article and thanks for the reference. You are doing the right thing by sticking with this story and my guess is it will ultimately result in a change. As a side note, my site is AllFacebook not InsideFacebook although I can't really take it as an insult ;)

Best,
Nick

Finally, how can you say to someone who's in difficult circumstances and communicating with friends and family in a way they've never been able to before that they have to cough up some money if they expect to stay safe in that communication channel. They've been told it was safe and private among trusted friends, they looked at ads, and now you're telling them they don't deserve to have that privacy maintained unless they pay for it? Please check out the two danah boyd quotes above.

Make no mistake, this is bigger than any single site's privacy policy. This is about living in a connected age. We can not expect free services to provide privacy. It's a personal responsibility to know what to do.

Take the scenario about a weirdo in the mall, for example. There are many more places that my wife's image can appear than Facebook. If I want to protect her, I have to think beyond Facebook's policies.

How many of us have actually thought about the implications of the data that is out there about us? How many have put thought into devising a strategy for controlling the flow and access to your data? How many have done the hard work of acknowledging where privacy doesn't exist and have figured out an alternate solution?

What this policy update has exposed is that most people didn't know what was going on. They didn't realize why Facebook was free, so the obvious conflict of interest to provide a free service in exchange for data wasn't clear.

It also exposed that by and large we don't understand how to apply privacy settings to our overall life. If Facebook's policy changes have any role in delivering privacy it has been as the catalyst that got so many people to acknowledge the implications of privacy.

The following greasemonkey script offers https login/browsing for Facebook: http://userscripts.org/scripts/show/49079

Google had to learn the hard way to enable https by default. Until I see the little lock icon every time I use FB, I have little use for the service.

As humans we tend to drive evolution by gathering around ideas and visions. The new possibility of global, instant and free (as in beer) communication has gotten a lot more than 350 million people to join together in "the social web". It's a dream of making the world a better place together. It was bound to succeed. And at the same time the notion of "privacy policy" rose. Everyone has heard the term. And everyone knew that a relation doesn't work if it is not founded on trust and respect, so it was easy to believe the nice words.

As humans we are young and stupid - all our lives. Our future depends on it.

Now some people are buying the place with beads (again).

By eroding our privacy they leave us unprotected from new dictators, from people hating gays, righties/lefties, heretics of all kinds - you name it. They can use todays social graph for generations to come.

This is not acceptable. Of course every individual shall have the right to control his/her privacy (and data) by default.

Facebook is my focus on vulnerabilities of privacy I guess because my kids and even my 75 year old mother use it.

What I think is a huge flaw in the entire basis for Facebook's service is they are publishing unverified identities of real people. Back when it was college only users, the .edu email was a fairly reasonable identity verification. Now it is wide open for anyone to become any person's pseudo identity they chose. By just making the Name, Photo and Fan pages public, they open incredible opportunities for harm to both Facebook users and those not on Facebook if an impostor profile is created with embarrassing fan page tags to someone that may have no clue their identity has a fake presence on Facebook.

I believe it should be illegal to publish the representation of a person with their real name and photo without proper verification. If you can see where I am going with this, you can imagine the exposures. There are also opportunities with this authenticity flaw to clone users and sneak behind the walls of their social groups with a simple Add Friend request. Privacy controls obliterated..

If the unverified identity was not published publicly for search engine retrieval, this would not be such a serious issue.

If I made up a profile using your name and snagged your picture, how many of your friends would reject my Friend request with the attached note: Hey, Facebook messed up my account.. add me again.. thx?'

Current blabber about social "norms" are not considering new technologies like Google Goggles when they get facial recognition rolling. You want some weirdo at the mall to snap a cell pic of your wife, start the photo hunt, get her name from public Facebook pic match then google away for more info on her? Excuse me if I make this personal, but it is.

I am married and I use social media as part of my job. I've already had to think about sharing when I'm traveling or about to travel as it reveals when my wife is home alone. Even if I choose not to use Foursquare or Twitter, someone could see me at a conference and tweet that. So, when thinking about my wife's safety, I have two routes:

1. Stop the world from interacting and put the social media genie back in the bottle, or
2. Learn to live in a connected culture.

My desire to keep my travel plans private is based on not wanting people to know when my wife is home alone. But, it's not realistic for me to keep that information private given the public nature of my job. I'd have to regulate all social networks, not just Facebook, and other people's content, not just my own.

The bigger lesson I learned is to not leave my wife home alone. Instead, we have family stay with us when I'm gone and plan to have family live with us soon. That way if people know I'm gone from the house, it's not a problem.

I'm glad we're talking about privacy. It's important for people to know how to live in a connected culture. But, trusting Facebook to control your privacy not only shirks personal responsibility, but is also like trusting your health to pharmaceutical companies. It's a natural conflict of interest.

I'd love to see more discussion about privacy and how to live in a connected world, but focusing on Facebook's privacy policy is a distraction from the real issues that we must address as a culture.

For example, what information about us is sensitive when shared publicly? Is there sensitive information we can't keep private that require behavioral changes from us to address? We should teach our kids those lessons and not to expect ad supported services to be their privacy safeguard.

I have no issue with Facebook changing their terms of service, as long as they are very clear about how those changes will affect the way in which information, I currently have on there, will be presented to others after their policy changes.

Privacy on the internet goes way beyond dumb things people might publish. There are security issues. Do you really think its a good idea for Facebook to chose to put your sister's (if you have one) name, picture and enough other info out there so some nut job can search her using Facebook info and find her home address from the property transfer publications of the local newspaper? Some sex offender down the street getting lots of personal info on your daughter, her school, her schedule from status updates? Do you consider making a public post of a vacation trip and the idea you might be giving someone that wants to rob you great news? A friend of friend?

I see the privilege issue a factor because they can afford the high tech alarm systems, fences and/or body guards if the weirdo shows up at their house.

"8. Other Terms

Changes. We may change this Privacy Policy pursuant to the procedures outlined in the Facebook Statement of Rights and Responsibilities. Unless stated otherwise, our current privacy policy applies to all information that we have about you and your account. If we make changes to this Privacy Policy we will notify you by publication here and on the Facebook Site Governance Page."

Again, the underlying issue here is the lack of motivation or obligation to keep things private. It's foolish that people would put sensitive content on a free service that warned them ahead of time that changes could come at any time. That is compounded by the fact that Facebook has a vested interest in profiting off of the contributed content, which is a conflict of interest with privacy and should have been a red flag before using the service. Given that we don't pay for the service, there's no ground for a user to stand on and demand privacy.

Bertil, the immediate impact is that public content can be indexed by search engines and shared as links through Twitter and other sites. That brings more traffic to the site. This also lays the groundwork to add more advertising as well as to mine the public content to improve targeting for ads on Facebook.

I refer you to the points raised by Adam, especially in light of Facebooks very own Privacy Policy, which states:

"Facebook is designed to make it easy for you to share your information with anyone you want. You decide how much information you feel comfortable sharing on Facebook and you control how it is distributed through your privacy settings....."

http://www.facebook.com/policy.php

I would be inclined to believe, with the above statement ringing in my ears, that it would be encumbant on Facebook to, at the very least, inform it's users of its intention to ignore its own policies.

I think the ensuing debate about privacy *is* interesting. Personal privacy is an individual's responsibility. It's mostly addressed by showing good discretion. And now people are starting to think about what they've done by publishing their content to be another company's media. I wonder how many people are now willing to start paying for valuable services like social networking in order to maintain privacy...