As I referred to in a previous post, I believe that most users of Facebook do not appreciate the privacy issues regarding Facebook. I’m coming to the conclusion that Facebook may not appreciate the privacy issues regarding their own platform.
Maybe they just don’t care about these sorts of things.
Anecdote #1
A relative contacted me through a Facebook message. She is not a friend, friend of a friend, or near any social network of mine on Facebook. She could as easily have been a Nigerian man trying to steal my identity. When I was replying to her, Facebook put the following text underneath the “Send” button of my reply.
If you send <redacted> a message, you will give her permission to view your list of friends, as well as your Basic, Work and Education info for one month.
It was done so discretely that I barely realized it was there. This seems like an exceptionally casual way to notify Facebook users that they are about to disclose their personally identifiable information (PII). This statement also directly contradicts Facebook’s privacy settings.
Anecdote #2
When you click the “[?]” next to the “Friends” setting under “Profile” which is under “Privacy Settings” which is sometimes just labeled “Privacy” and is under “Settings”, you will see the following text.
Use this to control who can see the full list of your friends on Facebook.
Did you notice how hard that was to find? It’s not only hard to find, it’s also not true.
If you go to Settings, then click “manage” next to Privacy, then click “Search”, you may discover that complete strangers can view your friends list despite your profile privacy setting. I contacted Facebook about this and the body of their response was the following.
Our records indicate that your privacy settings are restricted to where only your friends can view your list of friends. Also, users will not be able to view your friend list with your search results. Sorry for any inconvenience. Let me know if you have any further questions.
This was from “Lauren” from “Facebook Operations”. But hold on a moment! Who is Lauren and how does she have access to my PII? Is she a senior support manager or a support person who also services KitchenAid support emails? Exactly how many people has Facebook authorized to see my PII? What policies do they have about how can and cannot access the main Facebook profile database?
In the end, I did get one response of “We appreciate your input…” from Facebook. I can only guess that the person who emailed that to me also has access to see my Facebook profile, despite my privacy settings.
Closing
I would be made most happy if I were wrong about this, but it seems to me that Facebook has not embraced trustworthy computing.
Facebook lives and dies based on its users’ trust. I have already witnessed multiple people leaving Facebook completely due to privacy issues. In the past few months, I have counseled an increasing number of friends on how to contain their PII on Facebook. As Facebook spreads to older, less tech-savvy, and to more international demographics they may face more scrutiny from potential users.
I would advise Facebook to clean up their privacy policies before they get into trouble or their growth stalls.
Post a Comment