This story was published in The Weekly, a supplement to The Daily Northwestern
Last Saturday, Meredith Baskies woke up early and deleted her Facebook. And just like that, the Communication senior said goodbye to more than 800 friends and countless hours of distraction. “I’m a really private person,” she says. “I didn’t want anyone knowing my business anymore.” Baskies was, in part, triggered by Facebook’s new privacy policy, which rolled out at the end of April. The new settings, which affect almost a half billion people, have more words than the U.S. Constitution (without the amendments) and more than 170 different options users must navigate through. While the new policy means a more personalized Web experience, it also means a more complex and convoluted one.
For Baskies, enough was enough. “I was sick of worrying about what people posted on my wall or what my profile pic was going to be,” she says. “And I was really sick of the creepers friending me.”
In response to the confusion over the site’s latest round of privacy changes, Facebook announced Monday they will soon offer simpler privacy settings. “Now we’ve heard from our users that we have gotten a little bit complex, I think we are going to work on that,” said Tim Sparapani, Facebook’s director of public policy, in a radio interview Tuesday. “We are going to be providing options for users who want simplistic bands of privacy that they can choose from, and I think we will see that in the next couple of weeks.
So what exactly does the new privacy policy entail?
For one thing, you’ll no longer be able to list obscure or specific phrases under your interests. Instead you are required to opt for generic terms because all interests must match a corresponding page, or a “Community Page” that brings together “people who like this” (the new term for “fans”). Previously, the pages users were a “fan” of were separate from their interests and “likes.” The integration now prevents users from listing interests under their activities, television shows, movies or other things they like that do not have a corresponding page. Take cooking, for example: Previously, you were able to list “cooking” as an activity you liked, but your name was not added to a “Cooking” page. (You also used to be able to become a “fan” of cooking.) But now, the new Cooking page will publicly display all users who list cooking as an activity.
Facebook’s new “Open Graph” aims to provide users with “instant personalization” by encouraging outside websites to exchange personal information. The site gives three “trusted” sites-Yelp.com, Pandora and Microsoft Docs-access to its “gated” network. If your personalization settings are left in default, visit Yelp.com and the site can find out which of your Facebook friends are on the site and then display recent reviews and photos they’ve uploaded. Additionally, sites used to be able to store information about Facebook users for up to 24 hours. Now, new laws give sites access indefinitely to such information.
The newest default settings are the least private in Facebook’s five-year history, says Canadian software developer Joe Dee. Previously the default setting was within networks and much more private. “It’s kind of like going and unlocking your door,” he says, “and anyone walking in and seeing your life. A lot of people don’t know their doors are open right now.”
Perhaps the biggest dilemma concerns the widespread lack of knowledge concerning privacy controls, says McCormick Prof. Noshir Contractor, who studies social networking.
“If someone knew enough, they would have the ability to put their privacy settings the way they want,” he says. “But most users are not educated enough. They’re smart people, but the system changes too rapidly. Unless we set aside time to constantly monitor the ever-changing nature of social networking sites, we run the risk of exposing our information simply because we were not informed.”
Of course, the progression of privacy controls is the nature of the beast, Contractor says. “Facebook has faced privacy issues from the time it started out,” he says. “Any social networking phenomena forces society to confront issues of privacy. It was the same case many years ago with Social Security cards.” But Facebook hasn’t made anything easier, says Matt Pizzementi, a software developer based in San Francisco.
“Facebook does provide a lot of these privacy settings, but it’s just too confusing to navigate,” Pizzementi says. “There are people who want everything to be public, but that should be a completely opt-in feature.”
The opt-in/opt-out debate is an old one, he says. Still the conversations continue, Contractor says. “For the vendors, opt-out is a better option because it allows them to build a larger network very quickly,” he says. “But from the users’ privacy point of view, opt-in allows a more controlled environment.”
Shortly after the new settings launched, the backlash began. Last week, the Electronic Privacy Information Center filed a complaint with the Federal Trade Commission in reference to “Open Graph.”
“The biggest problem is that Facebook collected personal information from individuals without any notice,” says John Verdi, EPIC senior counsel director. “Based on our technical analysis, at a minimum, Facebook released all users’ friend lists.”
The social networking site has not been transparent about what information it has released. “Was more information disclosed?” he says. “We don’t know.”
With Pandora, users who sign in can view their friends’ stations and music tastes. “It sounds like an interesting service that people might want to take advantage of if they had the option, but that’s not what Facebook did,” he says. “They just sent off all the data to Pandora so the next time people logged on, they saw all the information on all of their friends.”
During last month’s f8 Conference, Facebook developers said “Open Graph” partners were trustworthy, and they were confident in their decision. “But what’s particularly problematic is that Yelp has already encountered several security problems, and Facebook has had to yank data,” Verdi says. “Obviously, those three trusted partners turned out not to be so trustworthy.”
While Verdi doesn’t know how long it will take to investigate, he says the FTC must decide if Facebook deserves fines, penalties or must restructure some of their policies.
“At this point there’s a real question with what Facebook can do and what it ought to do to treat users fairly,” Verdi says. “It’s a complete mess, and it’s going to be a difficult thing to fix.”
Dee says he’s tired of trying to fix Facebook’s privacy controls. While he’s worked in the “interactive space” for 13 years with the goal of creating an engaging online experience for the corporate world, he recently left “to impact society with a more hands-on approach.”
“With these new privacy settings, Facebook didn’t really seem to be too concerned with how we felt as individuals when it came to privacy,” Dee says.
So Dee collaborated with software developer Matt Milan to develop Quitfacebookday.com, a new site that encourages Facebook users to delete their profiles on May 31. It currently has almost 6,000 “committed Facebook quitters,” but Dee says there have been many more visits to the site.
Of course, Quitfacebookday.com isn’t alone. Nearly a dozen other websites, including FacebookProtest.com and YourOpenBook.org have jumped on the bandwagon persuading Facebook users to delete their accounts or be more mindful of their privacy settings. YourOpenBook.org allows anyone on the Web to type in a keyword and search all semi-open Facebook status updates. Users are presented with a list of Facebook profile pictures, names and the status containing the keyword.
“As far as I can tell, it allows people to search Facebook status updates the same way you can search Twitter,” Pizzementi says. “It’s highlighting the fact that people talk on Facebook differently. On Twitter, they know
they’re doing something very public, but on Facebook, they’re a little more confused and revealing more information than they would because they think it’s private.”
Pizzementi launched ReclaimPrivacy.org, a program which checks major Facebook settings, on Friday afternoon and circulated it to a few of his closest friends. This website provides a tool for scanning your Facebook privacy settings by simply dragging the site to your bookmarks bar, opening Facebook and clicking on the bookmark icon. “When Facebook released their new changes last month, I went back and checked my privacy settings,” he says. “I wasn’t really happy with the new defaults, but I knew it was too complicated to explain to the less techy population. I wanted an easy way for people to see what they’re exposing and fix that if they want to.”
By Monday, Lifehacker, a popular technology blog, had picked it up, and soon the site was circulating faster than Pizzementi could keep track of. Massive traffic eventually caused the site to crash.
“I had to enable billing,” Pizzementi says. “Originally, I had just used a free hosting account, but because so many people were logging on, I couldn’t maintain a free site anymore.” Pizzementi estimates at least 200,000 people have now used the privacy scan, and the number is growing every hour.
“A site like ReclaimPrivacy.org is very simple for someone to install,” Dee says. “If they can do that, why isn’t Facebook taking a similar approach?”
While the site makes it easy to check your Facebook’s privacy settings, it’s important to note that it’s not perfect. Pizzementi says he has yet to add a privacy check for photo albums, though he hopes to release it in a few days.
Contractor doesn’t see the controversy slowing anytime soon. “It will eventually get better,” he says. “But this technology is in a stage of flux because Facebook is at the frontier.” The key is to tune the knobs with relative ease, he says. “Society is debating the trade-off between the benefits that might accrue by having access to information and the potential liability of that information being abused by someone else.”
It’s based on a dual-effects hypothesis, Contractor says. “Any technological change has to be good and bad at the same time,” he says. “The role of society is not to say it’s bad, but to encourage a debate that allows us to come to some agreement of where to draw the line the next time we revisit issues of privacy.”
While the privacy debate rages on, there are those like Baskies who believe completely opting out is the only answer. But it’s important to note the difference between deactivation and deletion. Deactivating means you can still be tagged in photos and be spammed by Facebook (make sure you opt-out of receiving e-mails as part of the deactivation). And as soon as you log back on, your old page will resume as if you never left. To actually delete the account, you have to find a link buried in the on-line help. Contractor isn’t even sure that’s safe. “No one can really commit Facebook suicide because the site still owns all the information,” he says.
But when it came down to it, it wasn’t only privacy policy that motivated Baskies decision. Sooner or later we have to grow up, she says.
“I’m about to graduate, I’m getting a new job and a new apartment,” Baskies says. “Deleting Facebook was the last chapter. It was so high school, so college, and it’s so over.”