I never liked Facebook, and I still don’t, which is why I don’t use it much. My main gripe has always been its badly designed interface which always leaves me confused about where to look and what to do.
But now I have an even bigger gripe about Facebook: How it compromises your privacy via its application programming interface (API).
For example, I sort my Facebook friends into groups so I can selectively view and share Facebook content. I use Facebook notes to create private blog posts to share with people who are interested in my personal updates. That’s where I posted several updates on my progress with recovering from knee surgery and other recent events in my life.
When I post those notes, I specifically designate that they will only be shared with my “close friends & family” group of Facebook friends.
Then yesterday I saw this tweet from the Center for Innovation in College Media:
I checked that link, which (after you log in to Facebook) takes you to the Applications section of your Facebook account’s privacy settings. I was appalled to see that, by default, most kinds of Facebook content were checked off to be shared with my friends through Facebook applications that I do not use. This included Notes, Relationship Status, and almost everything else.
I unchecked almost everything. I’m a fairly public person and am not paranoid about privacy. But this really annoyed me, because it appears that even if I designate some content to be shared only with a select group of friends, Facebook will still share it via apps with all of my friends.
…Which just goes to show: If you REALLY want or need to keep something private, don’t ever post it online. Anywhere. Because most of the time you can’t really control how it will get discovered or shared. Especially on Facebook.
George Kelly often calls Facebook a “walled garden of FAIL,” and I agree. Every developer I know complains about the shoddy design, coding, and security of Facebook. Just because it’s hugely popular doesn’t mean it doesn’t have big problems. I think it’s fine to use — just don’t rely on it or trust it too much.
Now, I’m not 100% certain that Facebook was inappropriately sharing my content via its API. Deepquest posted some technical background on this issue. I’m not a programmer, and I understand only a little bit about SQL. But he indicates the bad programming problem isn’t just about Facebook, but app developers:
“The major problem is that Facebook doesnâ€™t control the apps and some code is really bad.”
For all I understand at this point, the Facebook API may indeed honor to your designations of friend groups when releasing your information via apps. I’d love for a developer to clarify this issue.
The problem as I see it is that the applications privacy settings page appears to indicate no awareness of friend group designations.
That sort of mixed message on privacy and sharing isn’t just annoying or confusing. It could actually put some people at risk. I don’t think it’s fair or reasonable to expect the millions of non-tech-savvy Facebook users to parse this issue out for themselves.
I don’t pretend to have the answers here, and some of what I’ve written may not be correct. I’d appreciation clarification of this issue in the comments below. Thanks.