The Federal Trade Commission recently reined in Facebook for its numerous privacy gaffes, but the social network has a long way to go to prove it's worthy of user trust. People are tired of dealing with indirect data leaks, being forced to accept new information-leaking features, and an ever changing set of privacy controls.
Even though Facebook's membership numbers have been exploding during the worst of its privacy criticisms--growing from about 175 million in early 2009 to more than 800 million as of November--users are commonly frustrated with the social network's habit of changing its privacy policies.
I've seen complaints about Facebook's privacy settings among my friends, comments on news items about Facebook and elsewhere. People love to use Facebook, but they also love to complain about Facebook's ever changing privacy standards.
It's not hard to see why people would feel that way. Here are just a few of the more recent examples of Facebook's privacy problems:
In April 2010, Facebook unveiled Instant Personalization and automatically opted in all users to the new service. Instant Personalization would automatically feed some of your profile information to partner sites such as Yelp and Pandora to try and tailor site visits to your personal tastes. It was also extremely difficult to opt-out of Instant Personalization.
Facebook currently lets your friends leak your information to third-party apps including your status updates, photos, links, biographical information, and whether you're online or not. Facebook has an extensive privacy control that lets you opt-out of this indirect privacy leak, but good luck finding it (hint--Go to: Privacy Settings > Apps and Websites > How people bring your info to apps they use).
In January, Facebook announced a new feature that would allow third-party apps to access your home address and phone number if you had posted that information to your profile. Facebook revealed the new feature on its developer blog the Friday before a long weekend. The following Tuesday, the social network was forced to retract home-address sharing after public outrage and widespread criticism. Facebook has yet to resurrect this feature.
The Straight And Narrow
Under the FTC's settlement with Facebook, the social network will be constrained from causing privacy gaffes and loopholes in the future. Facebook, for example, will now have to let users opt in instead of opting out of new features; data from deleted user accounts will have to be inaccessible within 30 days; and new products have to undergo an internal privacy review.
Facebook will also submit to a third-party privacy review within the next six months and then again every 24 months for at least the next twenty years.
Now that Facebook is required to comply with some basic privacy concerns, the social network has a chance to reshape its image over how it treats privacy. One way the social network could do that is to take a cue from its developer blog. Just more than a year ago, Facebook instituted a program it calls "Operation Developer Love." ODL is designed to improve the company's development tools and improve communication between Facebook and its third-party developer community.
In light of the FTC settlement, maybe it's time for "Operation User Love," a program targeted for improving communication about privacy with Facebook's users.