The requested privacy fixes were sent to Facebook CEO Mark Zuckerberg in an open letter signed by the American Civil Liberties Union of Northern California, Center for Democracy and Technology, Center for Digital Democracy, Consumer Action, Consumer Watchdog, Electronic Frontier Foundation, Electronic Privacy Information Center, Privacy Activism, Privacy Lives, and Privacy Rights Clearinghouse.
Here’s a breakdown of the new privacy requests.
App Gap
The ten groups are calling for Facebook to give you more control over which types of data a third-party application like Farmville or Quiz Monster can access. The biggest problem the groups see is that your publicly available information on Facebook can be fed to third parties whenever one of your Facebook friends signs up to use an application on Facebook.
While it’s true you can’t protect your basic information–such as your name, profile photo, gender, and networks–from third-party apps , you can control some of the information your friends can share about you.
To adjust your third-party privacy settings, go to Account>Privacy Settings> ‘Edit Settings’ (found under Applications and Websites) at the bottom of the privacy settings page. Then click on the Edit Settings tab next to ‘Info accessible through your friends’. This brings up a checklist that lets you block third-parties from accessing personal data like your bio, birthday, status updates, photos, and other information.
Instant Personalization
The adovcacy groups also ask Facebook to not automatically enroll users in the new Instant Personalization feature. Instant Personalization allows select partner Web sites, including Yelp, Pandora, and Microsoft Docs, to customize your site visits based on the information contained in your Facebook profile.
In fact, Instant Personalization switched to an opt-in program shortly after it launched, so users are no longer automatically enrolled in the program. If you want to check your Instant Personalization settings, go to Account>Privacy Settings> ‘Edit Settings’ (found under Applications and Websites) at the bottom of the privacy settings page. Then select the ‘Edit Settings’ button for Instant Personalization, scroll down to the bottom of the next page, and uncheck the Instant Personalization check box to block the feature.
Don’t Track Users
The advocacy groups say that Facebook is tracking the Web browsing activity of its users whenever they visit any site that has Facebook’s social plugins installed, such as the universal like button.
Even if you don’t click on the Facebook social plugin, the social network will still track you if you’re logged into Facebook, the letter claims. The groups call on Facebook to stop tracking people unless they interact with Facebook’s plugins and also calls on Facebook to make the logout button more prominent on a user’s Facebook homepage. Currently, the logout button is buried under the ‘Account’ drop down menu in the top left corner of your Facebook dashboard.
HTTPS, Full Control and Export Option
Facebook’s statement of Principles says users should “have the freedom to decide with whom they will share their information, and to set privacy controls to protect those choices.” In keeping with that statement, the advocacy groups are asking Facebook to allow users to lock down their profile data completely if they so choose. Currently, Facebook users have to make their profile photo, name, gender, and network affiliations public.
The groups also call on Facebook to provide a free export tool so you can easily take your data, such as your photos, with you if you choose to delete your Facebook account.
Finally, the groups call on Facebook to encrypt its user Web traffic through the HTTPS protocol, which is commonly used for online financial transactions. Earlier this year, Google made a similar move when it automatically used HTTPS when Gmail users login to their accounts.
A Facebook representative notified me that the social network has published a point-by-point response to the advocacy groups’ open letter. You can read it on Scribd.
Connect with Ian on Twitter (@ianpaul).