Facebook is a privacy nightmare

I don’t use Facebook, largely because I don’t like giving up control of who sees various pieces of personal data. Traditionally, an address book was a very private thing, kept securely at home. But now, with social networking sites such as Facebook, people seem happy to publish a list of their contacts on the internet. It has become some sort of vulgar popularity contest. One thing I certainly don’t want is anyone to have a list of my contacts. Just because I know person A and person B doesn’t mean that they should know each other, and whether or not it would be advantageous to them, it certainly wouldn’t be to me!

Facebook fans will be quick to point out that the site allows users a lot of control over who sees what on their profile. Well, I’m not certain it’s possible to hide your list of “friends” from other “friends”, which would be a requirement. But even if you could do that today, there’s no guarantee that Facebook wouldn’t change something tomorrow that suddenly revealed the full list of “friends”, and all sorts of other private details too. They have a track record of doing so, for example last December and in September 2007, just two instances of when changes to the site meant that people were suddenly revealing more than they bargained for. And the trouble with having such complex privacy settings is that it’s very difficult to figure out exactly who can see what – often, the only way to do this thoroughly would be to create several test accounts and try out various combinations of privacy settings and mutual “friendship”.

It isn’t just a list of contacts that’s at risk either. Dates of birth and family names can give fraudsters enough information to access a bank account. Status updates saying when you are on holiday can be useful to burglars. People may also upload content such as photos to their Facebook page in the belief that only their “friends” can view them. However, in many cases, if one of their “friends” comments on the photo, the comment appears on the “friend’s” “wall”, and if their wall is publicly visible, anyone can click on the link that says, “John has commented on James’s photo” and view the photo, and from there can view the entire album to which the photo belongs! In this way, many of a person’s “private” photos are actually publicly visible, and they have little control over it, as it depends on their “friend’s” privacy settings.

The social networking privacy site Social Hacking has an article containing a Javascript bookmarklet that allows people to see all of a Facebook user’s albums that are visible in this way, so there’s no need to search through the wall history of all their “friends”. As the author says, this in no way circumvents the privacy settings, it simply makes it more convenient to see photos that are already available. There may well be a method to protect albums from this, but a quick look at a some random profiles shows that few people use it. And even if everyone tightened up their privacy settings to prevent their photos being leaked, the next time Facebook decides to change the way privacy settings work, who knows which photos will be visible again?

Ultimately, Facebook is a proprietary site controlled by one company. It goes against the whole open principle of the world wide web. Why must people put something “on Facebook” rather than “on the web”? As it is a social network, Facebook coerces people into using the site because it’s the only way to see their friends’ updates if that happens to be what their friends are using (no quotes around “friends” this time as, in this instance, it refers to real friends!). If people hosted their own blogs, and kept their photos on their own website, they could be sure of controlling who was seeing what – and who would be able to see it in a month’s time. And if people published RSS feeds, rather than Facebook updates, their friends could use any reader to view them, not be tied to one website. Facebook could easily become the next Microsoft, but worse, as it is people’s privacy at stake instead of their pockets.

If you value your privacy – or your freedom to use an open internet as we currently know it – don’t use Facebook. Direct your contacts to your website where you can show them exactly the information you want to.

5 responses to “Facebook is a privacy nightmare”

  1. Sovi

    This post increased my knowledge… very interesting..thank you..

  2. JD

    I only visited to see some of your images but this is an excellent point.

    Facebook can move the goalposts at any time and people should be wary of how much information they divulge on their. Even if it is just to their ‘friends’.

  3. Annie

    I won’t use Facebook, being a bit obsessive about the need to keep personal information private on the web as a guard against identity theft. However, more and more companies now exort you to “visit our Facebook page” and this week I learnt that my local council now have a Facebook page too. You can’t access the content unless you register with the site. I refuse to do it but is this a glimpse of the future?

  4. Matt B

    The javascript hack doesn’t work any more.

    But it did for a while…

    😉

    On the list of friends, you can certainly hide your contact list from non-friends, but I would suggest that once you have allowed someone onto your profile, they can see your wall anyway and so will see who posts messages or comments on there and hence know they are also your contacts via natural usage of facebook.

    One or two of my friends have hidden their walls from me so I basically get them on my list of contacts but can’t see much at all in the way of information about them, its like being a semi-contact which may be useful for keeping people segregated between active friends (people you see regularly and meet with) and distant contacts who you may not know too well (like conference acquaintances, old school friends)

  5. Jonathan

    With the present set-up on Facebook, it’s possible even to hide your friends list from friends. What’s more, my tests seems to suggest that if you allow them to see your wall, they only see general posts and posts relating to themselves, and not to other friends. The trouble is, that’s how it works today, but what about next time Facebook move the goalposts? Who knows what will be revealed to whom? It’s safest to assume anything you upload is in the public domain, in which case it’s best instead to use that good old social networking technology called the world-wide web, which also has the advantage of being an open standard…

Leave a comment


By browsing this site, you agree to its use of cookies. More information. OK