What’s All the Fuss About Facebook’s Open Graph and Privacy Policies?

Remember when Facebook was a closed network, open only to college students? Then Facebook went mainstream and everyone could create a profile. But even back then, Facebook remained a closed network: you had to have a Facebook profile to see other profiles and connect with friends.  Facebook was closed to Google and other search engines, which meant Facebook profiles and pages never showed up on search results.

Back in 2005, Facebook’s privacy policy clearly stated the following:

No personal information that you submit to Facebook will be available to any user of the Web Site who does not belong to at least one of the groups specified by you in your privacy settings.

The Evolution of Facebook’s Privacy Policies

But then, slowly and over time, Facebook’s privacy policies changed.

• In 2007, Facebook made your name, school name and profile photo available to the search engines unless you specifically prohibited this in your privacy settings
• In 2009, Facebook revamped its privacy settings and gave users more control over who gets to see which aspects of their profile.  Trouble was, the default gave “everyone” access to information.
• In April 2010, Facebook made the decision to make specific elements of all profiles public (name, hometown, school, interests and fan pages), and eliminate the ability to limit access to these fields.  If you didn’t want those elements to be public, Facebook recommended that you delete the information from your profile.
• In April 2010, Facebook also launched the Open Graph, which shares user profiles with third party sites so that visits to those third party sites can be personalized based on a person’s Facebook interests.  On the flip side, Facebook opened up its API (application programming interface) so that third party sites can add a Facebook “Like” button to their pages; when clicked, the information would be saved back to a user’s profile.

The Electronic Frontier Foundation has a great timeline of Facebook’s privacy policies, including links to archived versions of Facebook’s policies.

These changes to Facebook’s related to privacy and sharing data have prompted public outcry and scrutiny.  Gizmodo published of Top 10 Reasons to Quit Facebook.  On May 5, the Electronic Privacy Information Center and 14 privacy and consumer protection organizations “filed a complaint with the Federal Trade Commission, charging that Facebook has engaged in unfair and deceptive trade practices in violation of consumer protection law.”  Wired says Facebook’s Gone Rogue and calls for an open alternative to Facebook’s convoluted privacy policies and settings.

Take Back Control of Your Facebook Data and Privacy Settings

Okay, now that you’re totally freaked out, what should you do?  Here are my top recommendations:

1. Go to your Facebook page and edit your Privacy Settings.  Go to Account -> Privacy Settings.  Click on every link and update your defaults.  For example, under Personal Information and Posts, I set my default to Friends Only.  If I ever want a status update or a photo album to be available to Everyone, I can change the access level when I submit a specific update.
2. Delete sensitive information about yourself. For example, I don’t see any reason for my birthday to be on Facebook.  My family and friends know when my birthday is, I don’t really care if my family and friends don’t remember my birthday and who the heck needs to know how old I am?
3. Under Account -> Privacy Settings, I limited Activity on Applications and Games Dashboards to Friends Only and under Instant Personalization Pilot Program, I opted out of Facebook sharing my data with third party applications.
4. Go to ReclaimPrivacy.org and use their Facebook privacy scanner tool to audit your privacy settings.  I did it and it identified a couple of areas that needed shoring up.  Turns out that friends could share information about my Online Presence so I turned that off.  I did decide to keep some settings turned on, including the ability for friends to share my links and Web site.  I am in the Web business, after all, and I want people to be able to find me.
5. Remember that if you post a comment on a company Fan page, remember that your comment will be public since company pages are designed to be public.  If you don’t want your comment to be public, don’t post a comment; there is NO WAY to make it private.
6. If you don’t people to know about your interests, don’t click on Like buttons all over the Web. Clicking the Like button is like commenting on an article or blog post.  That action is meant to be public.  If you don’t want it to be public, just say No and don’t click.

Am I quitting Facebook?  Nope.  But I am keeping a close eye on the company’s ever-changing privacy policies, I’m auditing my settings regularly, and I remember the golden rule: if you don’t want specific information to be public, don’t share it anywhere.  Period.  End of story.

How about you?  What do you think of Facebook’s privacy policies?  Are the new policies making you think twice about joining or staying on Facebook?  Have you audited your privacy settings recently?

P.S.  Today, May 19, news organizations reported that Facebook is considering an about face on some of its recent privacy policy changes.  I guess we’ll have to stay tuned.