So last week I ranted about the silliness of Facebook Groups allowing people to be added without their notice. Well … it appears yet another Facebook “privacy issue” has surfaced (although us tech guys have known about it for a while).
The Wall Street Journal on Monday the 18th ran an article Facebook in Privacy Breach talking about how the Top 10 Facebook applications share Facebook’s User ID’s to marketing firms. Not only was the User ID of the people using the applications distributed, but so were the User ID’s of their friends as well. This may not seem important until you realize you can get most of a person’s profile through the User ID.
Ok … before we start pulling out hair and scream “This is an invasion of our privacy” let’s break down some of the fundamentals:
- Facebook is a Sharing Network: Every piece of code written for Facebook is built upon this simple premise. Even the games people play is about a sharing experience rather than a solo experience. Anytime you “share” information that information can be consumed by the listening audience. You’ve probably been in a restaurant where you overhear a funny conversation. That is sharing being consumed by unintended ears. Please remember when you “share” information there are people who can overhear what you say. There is nothing “secure” about sharing information over a sharing network Hence the catch-22 of sharing: Once it’s out there … there is no bringing it back!
- Sharing NEEDS A Community: In order to “share” there needs to be another party. Sharing cannot exist in a solo environment. So … Facebook creates a community by this generic “friend” idea. However, we all have different degrees of friends. Unless you take the time to modify your individual friend’s settings (which you can do) so they can not see anything from you (which poses the question are they friends?) every friend has the same amount of information visible. It also means each friend’s information can be viewed exactly the same way. Because of the sharing concept the term “friend” is more of a data retrieval point instead of a true “relationship”.
- Sharing Applications Attempt to Unite the Communities: So each “application” (Facebook applications included) attempts to unite communities through the “shared” experience. This is a double edged sword. Knowing how your friends use the applications creates a unified experience between the parties. However, this does mean the application needs to know how your friends and you use the application. Conclusion: there is exposure open to the application of not just you, but your friends as well.
Generally we don’t think of these items as being a problem. It does come as a shock, for some, when we hear “Facebook is Sharing Your Information!” Truthfully it should be rewritten as “Facebook is Sharing Your Information You’ve Already Shared to People!” Or better yet, “Facebook is Sharing Your Information You Have Stored in a Virtual Account You Shared with Other Virtual Accounts that You Associate to People, Groups or Things that Don’t Really Exist Except as 1’s and 0’s Stored in a Database!” However that last one is a little too long and doesn’t roll as easily off the lounge.
Remember you’ve stored your information in a “Social Network” built around the principles of sharing. Even if Facebook is at fault, or you’re at fault for placing that ill advised photo of you at your last company Christmas party, You (or your “friends”) shared it with people and it’s that “online sharing” were the problem lies. If I read that you love music by Rush and Kool Aid! you can’t really fault me for giving you concert tickets and a year supply of “Oh Yeah!” because I read it on your profile. Some consider that “cyber-stalking”, while others consider it “great customer service”. It comes down to intent more than actions.
The Marketing Companies are constantly trying to understand the consumer mindset. It is that understanding of consumer thought that drives them to gather information by any means necessary. With the explosion of “Social Networks” (which I think is a horrible phrase, but I’ll write about that later), businesses are trying to harness the power of these large platforms. Heck … that is what “Facebook Ads” are all about. Taking your shared information and targeting advertising around what you say you like. It works great! Is it really any different then your grocery store giving you coupons based upon your purchases because you bought into “key-fob discount program?”
I guess when it comes down to it the Wall Street Journal article isn’t a shock. Of course these applications were sharing your IDs. Facebook doesn’t allow it, but these are 3rd party apps developed by other developers with their own set of standards. And even though Facebook is developing a strategy to combat these guys … there will always be someone who will work around the problem.
My solution: Don’t “share” things with your “friends” you don’t want the general public to know about. You can’t protect your friends, but you can protect yourself with that simple common sense rule. And I guess I’ve always known that there are other places on-line I can get information about you without Facebook. And really … isn’t that more frightening that I knew all about your obsession with karaoke before we became Facebook friends scarier? I would think so …