So what is the privacy issue with Facebook this week? I’ll give you a hint — it once again relies on its seemingly standard policy of “ask forgiveness, not permission.”
Once more, it was the implementation of a new “improvement” that changed the permission dialogue you see when allowing a third-party application access to your profile. Now, in addition to the usual permission to post on your profile and access your data, there was another twist — “Access my contact information.” In plain English that means that the app developer gets your address and phone info if you click it. I’m sure that there are many users out there who never even noticed.
What makes this so important? It’s simple. Unlike Apple, Facebook does not curate the apps that run on its platform. This means that there is a huge potential for rogue apps — data harvesters and the like. Your info, once given to that cute little game that all your friends are playing, stands a distinct possibility of being sold to spammers or identity thieves. Don’t kid yourself, lists of personal data are a highly lucrative commodity in both the legitimate and the black markets. Suddenly you’re getting phone-call spam when all you wanted was to kill a few minutes online playing a game. As much as I hate to say it, this does make Apple’s “walled garden” approach to apps seem like a better route to take.
This is something that did not affect me directly since I have never put either of those pieces of data on my personal profile. Even though Facebook has pulled that function (for now), I still advise everyone to take their address and phone number off of their profile. With Facebook’s rather protean approach to user data, your private information can easily become public through someone else’s profile, so this has always been my preferred approach. I am far from alone in taking this stance, as reported by the Daily Mail:
Graham Cluley, of IT security firm Sophos, said: ‘The ability to access users’ home addresses will also open up more opportunities for identity theft, combined with the other data that can already be extracted from Facebook users’ profiles.
‘You have to ask yourself — is Facebook putting the safety of its 500-plus million users as a top priority with this move?’
I think the answer is an obvious “no,” an answer that has been constant throughout Facebook’s existence. There is no pressure, from the market or otherwise, on Zuckerberg and company to do so. Despite a veritable rainstorm of privacy issues, they have still maintained both dominance and growth in the social media arena. With a $50 billion valuation from Goldman Sachs, they don’t have a lot to fear from market backlash until a truly stupendous failure presents itself.
While the urge to grow and nurture their company is fundamental, there are both good and bad ways to do so. It amazes me constantly how Facebook ignores the easiest way to defuse this bad press — make all changes to privacy and data communication opt-in. At present, it just changes the API, and it’s up to the end user to opt out. As a matter of fact, this is part of what the FTC and the Commerce Department were suggesting a few short weeks ago (see Online Privacy “Bill of Rights” Encouraged by Feds on this blog for details).
Jemima Kiss, reporting for the The Guardian, takes a look at Facebook’s approach from a business standpoint. I’ll add my own commentary point by point:
Facebook’s ‘seek forgiveness not permission’ strategy is a risky but ultimately successful one. On one hand, it means a steady stream of what could be perceived as ‘controversies’ as some of the more privacy-related features are rolled out, reacted to, retracted and rolled out again in some modified form.
I must say that I disagree with how one point is phrased here. These are actual controversies, and vital ones to address, as we hurtle headlong down the path of ubiquitous connectivity. This sort of wording puts a spin on things to the effect that this is merely the perception of a few people. CNET alone has covered major issues of concern to lawmakers, privacy advocates, and the open source community:
But that’s the nature of iterating in an innovative business. That strategy also means that in relation to the total number of features being rolled out, the number of problematic launches is very small.
The relative number is small, but the implications are huge — both from personal privacy and from marketing standpoints. We are dealing with an incredible amount of info here, possibly the most detailed database of personal information on the planet. That is enough to make any marketer drool, identity thieves even more so. Quite simply, at this point Facebook knows more about us that any government ever has. From CNET:
Facebook’s incredibly rapid development and growth has much to do with this process, and these kind of ‘adjustments’ are a sign of a company continually pushing its own business forward. The tension arises where that business overlaps with our sense of what is public and what is private — an area where Facebook is on the front line, redefining what privacy means to us.
And it is that issue which is the most vital aspect of this ongoing saga — redefining privacy in the Facebook age. I think it wise to ask whether we want a for-profit venture to have that much control over our privacy. What happens when disposing of that privacy becomes profitable?
And here’s the rub — Facebook, like Gmail and other services that have become the regular backbeat of our lives, is free. Server space is not. Neither are developers. One cannot blame them for exploring potential revenue streams, but one can object to their methodology. I would be one of Facebook’s biggest fans if it would just alter its stance. It really does deliver an amazing amount of connectivity and versatility. Its ease of use for computer novices, the iPhone and Droid apps, and many other things, are quite wonderful.
I’d also like to advise checking out this great roundup of Facebook news done by the team at Search Engine Watch, Facebook Praise Up, Advertising Up, Scams Up, Privacy Gone. It gives a good, wholistic perspective on recent events.
These days are not like the ones that preceded them. Your diary used to remain locked in a desk drawer — now it resides online, and Facebook often has the backup.
Source: “Facebook suspends developer access to users’ phone numbers and addresses after widespread criticism,” The Daily Mail, 01/19/11
Source: “Facebook tweak reveals addresses, phone numbers,” CNET, 01/17/11
Source: “Facebook retracts address and phone number API,” The Guardian, 01/18/11
Source: “Facebook Praise Up, Value Up, Advertising Up, Scams Up, Privacy Gone,” Search Engine Watch, 01/18/11
Source: “Online Privacy ‘Bill of Rights’ Encouraged by Feds,” SixEstate Communications blog, 12/21/10
Image by _Max-B, used under its Creative Commons license.