Saturday, 28 February 2009

Facebook founder speaks to BBC

Facebook founder Mark Zuckerberg has spoken to the BBC in a rare video interview about the recent concerns surrounding the company's privacy issues.

He said: "The person who's putting the content on Facebook always owns the information... They want to share it with only a few people and it's important that the information only goes to those people."

He added: "We're not going to sell or share the information except with the people that they've asked it to be shared."

Zuckerberg said that the advertising on the site has grown quickly and that is how it will make its money. And would not sell people's information on in order to do so. But to a lesser degree, Facebook is providing demographic information - not personally identifiable, but still personal information nonetheless - to advertisers.

Online advertisements need to be targeted to relevant markets. Let's look at how GMail works, for instance. I know my information remains personal, but the site still scans my emails for keywords and displays relevant advertisements down the site of the page that relate to those keywords. Effectively, my information is still being used for profit. The same thing happens on Facebook but to a greater degree. I've used its ad service, and have managed to narrow down demographics in order to buy targeted ads, and narrow down the number of targeted users by interest, age, relationship status and more.

Like I said, this isn't personally identifiable. But it means that your information is still being used for advertising, whether you like it or not.

Wednesday, 25 February 2009

Facebook: privacy vs advertising

The kerfuffle over Facebook's privacy policy continues.

PC World magazine has a good summary of the whole saga, along with interviews with the Electronic Privacy Information Center, who was about to lodge a formal 25-page complaint with the Federal Trade Commission before Facebook said it would revert to its old terms. Excecutive director Marc Rotenberg said: "We've been in this situation before with other companies that have really dug in their heels and tried to fight it out in the courts and the media. I think Facebook did the right thing."

Another interesting point from Rotenberg is how Facebook is meant to make money. Of course, it's with our data.

One new concern already on the horizon comes with Facebook's updated advertising models. The site is now utilizing APIs [application program interfaces] to pull user data off of status updates, Rotenberg says, then use it within ads placed on the page.

"People ... who care about privacy on Facebook typically don’t install applications, because they know that applications are pulling down a lot of their data. But if you're not installing applications and you learn that the information that you're putting in your status updates is being provided for advertising, you might be a little upset," Rotenberg says.

Source: PC World


Couple that with the column from Reuters; where the author discusses how Facebook, a private company, needs to make money through advertising, which is possibly at odds with people's privacy expectations. MySpace is not as popular these days as Facebook, but its garish straight-up advertising (which it does not need to spell out) - and its profitability - make it a good model for social networks.

Sunday, 22 February 2009

Facebook's bill of rights and responsibilities

Facebook's new Bill of Rights and Responsibilities group (80k members and counting) which was set up to debate how it should communicate its terms of service to users is a positive step. On the group, Facebook has responded to the most common questions asked by members:

1. You own your information. Facebook does not. This includes your photos and all other content.

2. Facebook doesn't claim rights to any of your photos or other content. We need a license in order to help you share information with your friends, but we don't claim to own your information.

3. We won't use the information you share on Facebook for anything you haven't asked us to. We realize our current terms are too broad here and they make it seem like we might share information in ways you don't want, but this isn't what we're doing.

4. We will not share your information with anyone if you deactivate your account. If you've already sent a friend a message, they'll still have that message. However, when you deactivate your account, all of your photos and other content are removed.

5. We apologize for the confusion around these issues. We never intended to claim ownership over people's content even though that's what it seems like to many people. This was a mistake and we apologize for the confusion.

Your own worst enemy

The hysteria over Facebook's terms of service and what it can do with your content largely ignores the most obvious and important thing:

You and your friends are the ones with the capability to post information about you online, not Facebook. The trail of stuff that you leave behind on Facebook (like the 'random 25 things about me' meme going around at the moment), is left voluntarily. Do you trust your friends not to post embarrassing personal details on your Wall about what you got up to last night? Take a look at most of the archived entries in this blog: the vast majority of privacy issues have nothing to do with Facebook's terms of service. Privacy issues have all happened because people haven't understood how Facebook works. The dynamic of the online world is significantly different than the online world, in that a digital footprint remains and if you don't follow the rules, your content may be seen by people you don't want.

In addition to not opening your heart on to Facebook, use the privacy settings that are provided within Facebook - check out the 10 Privacy Settings Every Facebook User Should Know.

Wednesday, 18 February 2009

Facebook backtracks on Terms of Service

After a huge community backlash about the fuzzy nature of Facebook's terms of service, the social networking website has reverted to its old Terms of Service while it figures out what to do.

While Facebook is hardly going to use your data any which way it pleases, it's certainly a step forward to try and make its Terms of Service clear.

Upon logging in, the following message appears:

Terms of Use Update

Over the past few days, we have received a lot of feedback about the new terms we posted two weeks ago. Because of this response, we have decided to return to our previous Terms of Use while we resolve the issues that people have raised. For more information, visit the Facebook Blog.

If you want to share your thoughts on what should be in the new terms, check out our group Facebook Bill of Rights and Responsibilities.


Tuesday, 17 February 2009

Does Facebook 'own' your data?

Facebook quietly updated its terms of service last week, sparking outcry among consumer advocates who interpreted the changes as meaning that Facebook can do what it wants with your data at any time. Forever. Even when you leave the service.

The Consumerist weblog (it's part of the non-profit conusmer rights publication Consumer Reports) cited some pretty scary changes that Facebook made to its terms, which are the conditions you agree to when you use it. The Consumerist wrote:

'Facebook's terms of service used to say that when you closed an account on their network, any rights they claimed to the original content you uploaded would expire. Not anymore.

'Now, anything you upload to Facebook can be used by Facebook in any way they deem fit, forever, no matter what you do later. Want to close your account? Good for you, but Facebook still has the right to do whatever it wants with your old content. They can even sublicense it if they want.'

Facebook has since responded and defended itself, saying that the changes don't, apparently, give it carte blanche to do what it likes with your content, and if you deactivate your account, it will respect the privacy settings you had put in place prior.

What it does mean though is that your content won't be deleted from, say, a friend's Wall when you delete your Facebook account, in the same way that an email you send a friend won't be deleted when you delete your email account. A representative from Facebook told The Industry Standard:

'We are not claiming and have never claimed ownership of material that users upload. The new Terms were clarified to be more consistent with the behavior of the site. That is, if you send a message to another user (or post to their wall, etc...), that content might not be removed by Facebook if you delete your account (but can be deleted by your friend). Furthermore, it is important to note that this license is made subject to the user's privacy settings. So any limitations that a user puts on display of the relevant content (e.g. To specific friends) are respected by Facebook. Also, the license only allows us to use the info "in connection with the Facebook Service or the promotion thereof." Users generally expect and understand this behavior as it has been a common practice for web services since the advent of webmail. For example, if you send a message to a friend on a webmail service, that service will not delete that message from your friend's inbox if you delete your account.'
After the outcry from Facebook users, who set up protest groups such as 'FACEBOOK OWNS YOU: Protest the new changes to the TOS!', founder Mark Zuckenberg responded on the official company blog, clarifying that the terms were changed to make it clearer that information may appear in two places, such as when a person sends a message to a friend.

'We think this is the right way for Facebook to work, and it is consistent with how other services like email work,' he wrote, adding that 'in reality, we wouldn't share your information in a way you wouldn't want. The trust you place in us as a safe place to share information is the most important part of what makes Facebook work. Our goal is to build great products and to communicate clearly to help people share more information in this trusted environment.'

What Zuckenberg acknowledged was that, 'We're at an interesting point in the development of the open online world where these issues are being worked out. It's difficult terrain to navigate and we're going to make some missteps, but as the leading service for sharing information we take these issues and our responsibility to help resolve them very seriously.'

The interesting thing about all this is that Facebook hasn't amended the terms of service to make it clearer to users. Why doesn't it just give an example like the one they mentioned about about how your content might still stay on their system? Why does the fine print have to include so much legalese? Google has a privacy page that gives examples in plain English about how your data is used, and why.

Also, the way Facebook works isn't just like someone's inbox - it has public parts, semi-public parts, photos and applications. It's a completely different dynamic. All very interesting stuff!

Monday, 16 February 2009

Facebook vigilantes publish alleged arsonist's image

This is one of the more interesting days when it comes to privacy and Facebook, as it opens whole new areas - that of internet publishing, the law, the right to a fair trial, free speech and people taking the law into their own hands.

Australia has had its worst bushfires for some time - 200 people have been killed, countless homes destroyed. The country's citizens are angry, particularly because some of the fires were deliberately lit. Who on earth could be responsible for such a horrific act?

Well, Victorian Police have arrested and named one man who is alleged to have been involved in the arson, Brendan Sokaluk. Australian publications are not allowed to publish his photo, in conjunction with court suppression orders. If they do, they could be deemed in sub judice contempt. And an 'Australian' publication means anything that is published in Australia, so it therefore extends to foreign-hosted websites.

However, as soon as he was named, vigilantes trawled his MySpace and found his photograph - a photo of a bulky, nondescript man with a small keyring digital camera aimed at a mirror. They copied the image, mirrored the page, sent it around and began setting up groups on Facebook all showing his image and sporting names such as:

"Brendan Sokaluk, the Victoian [sic] Bushfires Arsonist, must burn in hell." (Arguably such a knee-jerk reaction that they couldn't even spell Victorian correctly.)
"TOURTURE [sic] AND KILL Brendan Sokaluk GIPSLAND ARSONIST!!!" (Again, another typo as the fuming vigilante sweats over the keyboard, with caps lock down.)
"make it know [sic] Brendan Sokaluk is the man who was arrested for arson."

Some of these groups are attracting 3,000 or more members, and the descriptions of what they want to do to the alleged arsonist are quite vile. What the 'vigilantes' fail to realise is that by venting their anger in this way they could actually stop Sokaluk from receiving a trial altogether, because it would arguably mean they could not find any objective jurors. In a worst-case scenario, Sokaluk may not even go to trial, if his defence lawyers apply for a trial to be stopped for this reason.

Individuals may also be in contempt of court; as the law does not necessarily apply just to publishing companies.

The other issue the existence of these groups raise is what Facebook should be doing in terms of the content it allows on its site. As it is important to encourage free speech and debate where does one draw the line when it comes to inciting violence? At the moment Facebook is keeping quiet and the groups remain online.

Friday, 6 February 2009

Wife finds out about divorce on Facebook

"Neil Brady has ended his marriage to Emma Brady," read the Facebook update, broadcast to all of Neil's friends.

Neil, filing for divorce from Emma, had changed his relationship status in his Facebook settings.

Public humiliation? Or a misjudged privacy setting? We may never know, but Emma Brady only found out what was happening to her marriage when a friend told her!

Someone in Canada had even commented on Neil's status update, saying he was 'better off out of it'.

Emma said she was 'shell-shocked' at the revelation.

Source: Daily Mail

Sunday, 1 February 2009

How your private photos Facebook can be made public

A few months back we discussed Facebook photo album privacy settings and how you can make sure your bosses don't see those Christmas party shots, for instance. And a few days ago we explained what content is viewable when you are logged out, including photos.

But there are still a couple of ways in which your photo albums - and your friends' pics - can be seen by people outside your immediate circle (including ones who refuse to join Facebook) regardless of privacy settings. You would think that if you set your album to be viewed only by 'friends' that no one else could see them.

This isn't necessarily true.

Unique album URL method:
When logged in and viewing your photos, there's a special album URL (web address) displayed at the bottom of the screen. It takes the form (where the Xs represent random numbers/letters):

http://www.facebook.com/album.php?aid=xxxxx&l=xxxxxx&id=YOURFACEBOOKIDNUMBER

This is a unique URL and if people don't know it they won't be able to access your album (there was a loophole last year, now fixed, that allowed people to easily circumvent this by guessing the string of characters the Xs represented). However, anyone who has the URL will be able to view the album even if they aren't on Facebook -- yes, even if you only wanted friends to view the album. So, if you email an album's address to 20 mates and they send it to all their friends, a lot more people than you intended could be viewing the album.

So, before we send that unique URL to our friends, we will consider who else might be told about it and the implications not only for ourselves, but for our friends.

Image URL method:
Go to anyone's album and click on an image thumbnail. Right-click the image and choose to copy the image's URL. You can paste the address (ctrl+V) into the address bar and view it even when logged out. You can also embed the image so it appears on other websites.

Oh, and here's a little 'Easter egg' - delete everything up to any forward slash in the image's URL, and you get this guy wearing a "Little Celtics Fan" bib. Now what's all that about?

Deleting my own content from Facebook

What irritates me about Facebook is there's:

1) no easy way to delete my own content apart from clicking Edit > Delete on every post. When you have literally hundreds and possibly thousands of posts, this is more than a chore. You might be tempted to recruit professional Facebook Deleters to do the job for you.

2) no way to track the reams of content I've posted beyond my own profile. If I make a comment on Dave's profile or on the Muppets message board that I later think is inaccurate, how can I find a list of messages I've written and delete them? And what if someone is an impressionistic 16-year-old who forms some dangerous opinions which, in hindsight, they realise are ignorant and detrimental to future employment prospects? How can they find out where they posted the content so it won't be tied to their profile?

Facebook makes it so hard to do, and there is barely any information on deleting posts. So what can we do? Any suggestions on easy ways to manage where our own content is going and where?