Facebook and Privacy: What a Mess

Facebook has just unveiled a new set of user controls, but it isn’t likely to do much in the way of calming anger about the social network’s privacy policies.

The new controls, announced at the official Facebook blog on Thursday, revolve around Facebook security. One new setting allows you to receive login notifications anytime someone accesses your Facebook account from an unknown device; another provides supplemental security questions during “suspicious logins.”

Neither, however, does anything to fix the massive mess with how Facebook is handling your personal information.

Facebook Privacy: A Formal Warning

Facebook, suffice it to say, isn’t exactly feeling the universal “like” these days.

Amidst a brewing backlash against the social network and the privacy labyrinth it’s created, the company is now getting an unpleasant poke from European privacy protectors.

The Article 29 Working Party, a confusingly named division of the European Union’s Justice and Home Affairs’ Data Protection division, sent a letter to Facebook expressing its discontent over the social network’s slew of recent privacy changes. From the UJHADPA29WP, as it shall henceforth be known:

“The Article 29 Working Party, the group of European data protection authorities, told Facebook in a letter today that it is unacceptable that the company fundamentally changed the default settings on its social-networking platform to the detriment of a user.”

Or, in more succinct terms: “Oy.”

Facebook Privacy: The Bigger Picture

The EU’s warning echoes the general sentiment being expressed across the blogosphere these days: Facebook’s new privacy setup is simply out of control. I recently read that people who actually like Facebook’s privacy changes fall into three distinct groups: They (a) believe their personal lives are utterly fascinating; (2) are too busy playing Farmville to notice, or (d) are Robert Scoble. I don’t know how scientific the analysis is, but it sure seems about right.

Facebook, for its part, is hoping some carefully worded PR-speak can help ease the tension. Elliot Schrage, the company’s vice president for public policy, answered a handful of reader-submitted questions about Facebook privacy for The New York Times. His responses are enlightening. Provided that by “enlightening,” you mean “not at all helpful.”

For example:

Q: “It used to be that I could limit what strangers saw about me to almost nothing. I could not show my profile picture, not allow them to ‘poke’ or message me, certainly not allow them to view my profile page. Now, even my interests have to be public information. Why can’t I control my own information anymore?”

A: “Joining Facebook is a conscious choice by vast numbers of people who have stepped forward deliberately and intentionally to connect and share. We study user activity. We’ve found that a few fields of information need to be shared to facilitate the kind of experience people come to Facebook to have. That’s why we require the following fields to be public: name, profile photo (if people choose to have one), gender, connections (again, if people choose to make them), and user ID number. Facebook provides a less satisfying experience for people who choose not to post a photo or make connections with friends or interests. But, other than name and gender, nothing requires them to complete these fields or share information they do not want to share. If you’re not comfortable sharing, don’t.”

Or:

Q: “I love Facebook, but I am increasingly frustrated by the convoluted nature of the privacy settings. It’s clearly within Facebook’s ability to make the privacy settings clear and easy to use. Why hasn’t this been a focus?”

A: “Unfortunately, there are two opposing forces here: simplicity and granularity. By definition, if you make content sharing simpler, you lose granularity and vice versa. To date, we’ve been criticized for making things too complicated when we provide granular controls and for not providing enough control when we make things simple.”

“Too complicated” may be an understatement. The brave souls at The New York Times built a graphic showing just what it takes to achieve total privacy on Facebook these days. In short, you’ll need to navigate through 50 settings, more than 170 options, and a policy that’s 1,287 words longer than the United States Constitution — all just to keep info that was once private from being exposed to the world.

Facebook Privacy: How About Some Honesty?

You can say what you want about striving for granular this-that-or-the-other, but the truth is we all know what happens when you present people with a 5,830-word privacy policy and 80-gazillion intricate options: They say “screw it” and move on. Or adjust only a small handful of the now-defaulted-to-public-sharing options. And then, voila: Facebook gets to share their data with the world, opening new doors for advertising and profit.

If this is the direction the brains behind Facebook want to move in, hey, it’s their prerogative. But they need to stop trying to sell us on the idea that it’s being done in the interest of the users. What’s “a less satisfying experience” to Mark Zuckerberg is a “less invasive experience” to nearly everyone else.

Just ask the folks at “Evil Tech Idol.”

When not adjusting the privacy settings on his own Facebook page, JR Raphael relaxes on the satirical shores of his geek-humor getaway, eSarcasm.com.