Friday 21 December 2012

Facebook's new Privacy Settings: what's changed

Facebook has redesigned its site yet again; this time bringing privacy settings "up front" to try and make them easier to find.

It will still take a lot of getting used to as there are simply so many settings to contend with, so we'll be doing a series of tutorials over the next few days and weeks to help you figure it all out. Facebook has also summarised them.
Here are some highlights to expect:
Contextual tips: You will see some pop-up "information" boxes appear when you navigate these settings in Facebook for the first time.
Three privacy shortcuts:
Click the lock icon on the top right of the page to view a drop-down menu with three of Facebook's major privacy settings:

1. Who can see my stuff? Click this, and you'll be presented with three choices; in the graphic below you see my own settings. Under "Who can see my future posts?" you can select the default audience for your posts. Note that you can also tweak these on an individual basis.
The "Activity Log" shortcut will take you to the new-look area that lets you see exactly what you're tagged in (such as photos), along with all the activity you've conducted using various apps (such as all the songs you're guessing on SongPop) and who else can see this activity.
Under "What do other people see on my Timeline", click "view as". You can type in the name of a friend (or view as the public) and see exactly what information about you is accessible to them. In everyone's case, the cover photos will be public, along with the comments and Likes associated with them.

  • Who can see my future posts?
    Friends except acquaintances
    This is the same setting you find right where you post, and changing it there will update it here.
  • Where can I review all my posts and things I'm tagged in?
    Use Activity Log
What do other people see on my Timeline?
View As


2. Who can send me Facebook messages? Click this, and you'll see who can send you Facebook messages (or not).

3. How do I stop someone from bothering me? Click this, and you can type in the name or email address of someone who is harassing you and they'll be unfriended and blocked from sending you messages. Under "View All Blocked Users" you can see who you've blocked, if anyone. There are just the three main privacy shortcuts, but there are loads more. At the bottom of this menu, click "see more settings" and you'll be taken to the "Privacy Settings and Tools" page. (This is also accessible by clicking the cog icon on the top right of your page and selecting Privacy Settings from the menu.)


Privacy Settings and Tools:
On this page you will see a slightly different version of the privacy settings that were on previous Facebook versions. Most of these settings remain unchanged, apart from one major addition.

Under Timeline and Tagging on the left-hand side, there is a new setting called: "When you're tagged in a post, who do you want to add to the audience if they aren't already in it?"

This is a slightly confusing setting as it is meant to help restrict a photo of you from being spread around if you don't want it to, but people you don't know may still see it. For example if John tags you in one of his photos, and makes that photo accessible to his 700 friends, then those 700 friends will still see that photo and the tag. And if you haven't changed the tag settings on your own profile, then all of your friends will see it too, as the default sharing options for tagged photos if you is that all your friends will see it. You can change the tag settings in this section, so that all external photos that friends tag you in can only be seen by a selection of your own friends, (or even no one else except you if you like). However, that still doesn't prevent John from uploading a photo of you for his own friends to see.
The only way to solve that is to manage the photos you are tagged in and ask for the photo to be taken down. You can also untag yourself from the photo. The ability to do this is now available through the new-look Activity Log under Photos in the left-hand sidebar. Here, you can browse all the photos you are tagged in, and also view them according to who they are shared with. You can then request a removal of the photo, or simply untag yourself.

Activity log Photos of You



For now, this is just a brief overview of the changes. What do you think of them? Are they confusing or a welcome change? Does it make the site any slower or clunkier to use?

Wednesday 19 December 2012

Get rid of your Facebook search history (maybe)

Whenever you view someone's page on Facebook, there's a record of that visit. So, if you're in to viewing your ex's page over and over, Facebook knows this. (Your ex will not, no matter how many of the fake "Do you know who's viewing your profile?" apps he or she installs.)

The same goes for if you're searching for the Facebook page of that fantastic Mexican place you just visited. Your search history is recorded, just as it is if you use something like Google (when you are logged in to your Google account, then your searches can be linked to you as well).

On Google, you can choose not to have your search history accessible through your account (Google still holds search logs on its own servers, but they'll be deleted after 18 months). On Facebook, you have to manually delete your search history.

Until a few weeks ago, there actually wasn't any way to view your previous search history at all. But I knew that Facebook was keeping a log of it. Just typing in the first letter of a cafe I frequent, whose Facebook page I'd visited several times previously, brings it up -- even though I have never actually Liked the page.

But now, there's a way to view your old search logs -- and delete them in one big go if you so desire.

The way to do it:

  • Go to your Timeline and click the Activity Log button.
  • Under Posts and Apps, scroll down to Search and click it.There, you see all the searches you have made, including the time you searched.
  • To clear all the searches, click Clear Searches.
  • After the warning message comes up, click Clear Searches again to confirm.(If for some reason you want to keep the searches and only delete a few, you can individually click on the lock symbol on the right-hand side next to the particular search you want to delete.)
Now although your search history is now cleared, I expect that Facebook still has a record of the search log somewhere - typical search engines will for legal purposes as much as anything. (Typing the first letter of that cafe still brings them up first in my search results, even though I've deleted the log.)

This clean-up is also something you need to manually do on a regular basis as you can't turn off the search history logs. So, put a recurrent reminder in your calendar and maybe combine it with your general web browser history clean-up session.

Instagram says it won't sell your pics; will amend terms

Facebook-owned photo sharing app Instagram is easing fears that it will sell people's photos on to other corporations.

Yesterday the company revised its terms of use and privacy policy, leading to assumptions that people's photos could be sold on to other companies and later used in their advertising material, with no compensation to the original copyright holder.

Instagram posted an urgent blog seeking to clarify the situation, saying that the wording in the terms was unclear.

Co-founder Kevin Systrom used the word "clear" six times in the blog post. He wrote: "To be clear: it is not our intention to sell your photos. We are working on updated language in the terms to make sure this is clear."

Systrom added that Instagram was a business. "We envision a future where both users and brands alike may promote their photos and accounts to increase engagement and to build a more meaningful following." He gave the example of a business seeking to promote itself on Instagram. "It would be helpful to see which of the people you follow also follow this business." This is similar to the sponsored stories that already happen on Facebook, but you're allowed to opt out from your name showing up next to these business associations. There does not seem to be a similar opt-out clause on Instagram.

It seems surprising that Instagram (that is, Facebook) was not prepared for the backlash to come -- and perhaps it was already bracing itself for it. Cynics may say the whole thing was a publicity stunt; designed to get the company back in the news. Certainly, Facebook has not been immune to this kind of behavior. Back in 2009 (see our article, "Facebook backtracks on terms of service"), The Consumerist blog posted about Facebook's revised terms which could have been interpreted to mean that Facebook had the right to all of your content, forever, even if you closed your account. After the public outcry, Facebook then reverted to its old terms of service while it sought to reword the terms and make things a little more unambiguous. (It also started a new group asking for input from users called the Facebook Bill of Rights and Responsibilities, which no longer exists.)


Tuesday 18 December 2012

Facebook-owned Instagram can sell your photos

Your photos could be sold and displayed for commercial purposes, if sweeping changes to photo-sharing site Instagram's terms and conditions go ahead.

The hugely popular photo app, which was acquired by Facebook earlier this year, has announced some major changes to its terms of use and privacy policy which come into effect on January 16.

The specific addition in the updated terms and conditions in regards to this is pretty straightforward. It reads:

"To help us deliver interesting paid or sponsored content or promotions, you agree that a business or other entity may pay us to display your username, likeness, photos (along with any associated metadata), and/or actions you take, in connection with paid or sponsored content or promotions, without any compensation to you."
Let's break that statement down a little.

Say you go on a trip and take photos of your hotel room, your meal or even yourself sunbathing by the poolside. Potentially, the hotel could pay Instagram/Facebook for the use of those photos, and display them on their own website or marketing material -- with no financial compensation to you.

Where the terms of service talks about metadata, this specifically means the information stored in the photograph that identify the time, the GPS co-ordinates (ie the exact location; unless location services are turned off), the phone used and more besides (like keywords used to tag the photo).

Your likeness, is of course, your photo. So who knows, a photo of yourself in your bikini drinking a particular beverage could be plastered on a billboard by the drink manufacturer. (This may well run foul of privacy laws, but there doesn't seem to be anything in the small print that suggests this kind of thing couldn't happen somewhere down the line.)

No doubt that as this story hits the news, disgruntled users will cry foul and Instagram/Facebook may well water down the terms and conditions -- they could at the very least, make this clause something you're able to opt-out of.

In another worrying development, Instagram also says:

"You acknowledge that we may not always identify paid services, sponsored content, or commercial communications as such."

This could be in breach of advertising codes of practice, which state that such content should clearly be identified as such.

Sources: For more on this, check out the Cnet article about the topic as well as the new Instagram terms of use and privacy policy.


Facebook's mobile syncing tool raises concerns

Facebook's new "Photo Sync" tool lets you automatically sync photos you take using your mobile phone to your Facebook account. Although these photos are first uploaded to a private album, it still means potentially embarrassing (or just plain pointless) photographs could potentially be shared with just the click of a button; raising privacy concerns.

Let's not forget that even if you're the only one with access to the photos, Facebook could potentially, behind the scenes, use the information from them to build a greater profile of you. Images taken with mobile phones may contain geo-location data, that is, the co-ordinates of where they were taken. Once Facebook is aware of your movements, it could potentially localise the advertisements that you see, and perhaps even show you advertisements from the exact places you've been visiting. This could well be handy, but you'd want to be aware they were doing it - or at least opt-into it.

Facebook also has facial recognition technology in place and (again, potentially) it could identify people in the photos you put into your private album without them even knowing.

While it's supposed to be a convenient addition to the app, it could end up as the complete opposite if you're the type of person to take photos that are only relevant to you, rather than the world at large.

And, if you're on a limited bandwidth plan, you have to make sure that you set your photos so they can only be uploaded when you're connected to a fixed internet connection, rather than a mobile one.

Monday 17 December 2012

Facebook to simplify privacy controls

Facebook is streamlining its privacy controls in a bid to make it easier for people to ask friends to remove photos of themselves from the site.

The changes, to be rolled out in the coming weeks, include:


  • A request and removal tool which lets you ask someone to remove multiple tagged photos photos of yourself from Facebook. (There is no way to prevent someone from tagging you altogether in the first place, though -- only the ability to avoid that tag from being shared with your friends via your timeline.)
  • Privacy shortcuts, so controls can be accessed from every page rather than in a sub-menu.
  • Permission for apps to access or post information will happen in two stages (for most apps).



  • Contextual messages that tell you what you're doing on Facebook. For example, if you hide a post on your timeline, Facebook may alert you to the fact that the post may still appear on people's news feeds or elsewhere on Facebook (say, if you posted a link that was publicly accessible and later shared by someone else on their own timeline).
The new privacy controls have been broadly welcomed, but there is some concern over the removal of one tool. Security firm Sophos says that the removal of the "who can look up my timeline by name" setting is a step in the wrong direction, as there should be a way to avoid being found on the site altogether.
In a blog outlining the changes, Samuel Lessin wrote that the feature was only used by a small percentage of people and "didn't prevent people from finding others in many other ways across the site". He wrote: "Because of the limited nature of the setting, we removed it for people who weren't using it, and have built new, contexual tools, along with education about how to use them."
Sophos says that the removal of the tool was a missed opportunity."If the original setting was limited in scope... why not rework it so as to actually protect people's privacy and give them the right to not be found?"

Tuesday 4 December 2012

The return of Facebook Privacy Watch!

It's been more than two years since I updated the blog - and obviously, a lot has happened in terms of Facebook privacy: new terms and conditions, a surge in mobile usage, Facebook's acquisition of the photo sharing service Instagram, the new(ish) Timeline feature, different privacy settings, more integration with apps like Spotify, more granular control over who can see posts, photos, and other content.

Because there's simply been too much development in the Facebook privacy arena, I don't plan to fill in all the gaps from the last couple of years. Rather, I will start compiling current information about Facebook and privacy that is useful to people today.

And as always, I welcome comments and discussions!