10 Facebook Privacy Blunders

What Are We Going To Do With You, Facebook?

Facebook's ongoing privacy saga plays out like an episode of the classic cartoon, Tom and Jerry. Facebook drops the ball on users with a new privacy setting or policy that hits them like an anvil, only to be temporarily bulldozed by a backlash of angry legislators and irate users. Facebook furiously backpeddles, waits patiently while licking its wounds, and then once again emerges with another privacy surprise. And so it goes. From putting profile information up for grabs on Google to exposing friends' lists and publicizing live chats, here is a look at Facebook's privacy blunders.

Instant Personalization = Loss Of Privacy

Facebook once again pushed the limits with privacy, this time, when it thought no one was looking. The social networking giant added a new "instant personalization" feature, which replaces the previous "like." Nowadays, Facebook users can't just "like" something for the sake of "liking" it. It comes with a pricetag -- literally. Instant personalization -- in case you're wondering what that means -- entailed making previously private profile information, such as high schools, interests and hobbies, available to public searches and third party applications such as Yelp and Microsoft Docs. It also created default links connecting uses' personal information to related sites -- as if a user needed to be linked to a "salsa dancing" site if that was already one of their hobbies. The change occurred just days after Facebook pledged to the European Union during a meeting titled "Safe Networking Principles for the EU," regarding its stance on user privacy. However, users do have the option of de-linking their information -- once they realized it was already exposed without their consent.

No Entry

Facebook had to bite the bullet against the angry backlash. In an attempt to quiet the outpouring of privacy concerns following its "Instant Personalization" debacle, Facebook implemented a few privacy changes. (May we emphasize "few.") Facebook's new privacy settings included a feature that allowed users to approve devices used to log into the site, along with an alert notifying them whenever an account is accessed from an unapproved device.

In addition, Facebook built a new tool to block suspicious logins. Users trying to access an account from an unapproved device will be prompted with a series of verification questions to provide their online identity. (We're wondering if the answers might be able to be obtained from info exposed on their profile?)

While well intended, the updated privacy settings will likely do little to quell the firestorm of anger from irate privacy rights advocates and Facebook users.

'Everyone' Loves Facebook

You know how sometimes social networking sites might have an idea that is great in theory and then it turns out to be, well, not so great? Last summer 350 million Facebook users who logged into the site were treated to a prompt requesting that they review and update their privacy settings. Users had a choice of sharing their profile and status updates with "friends," "friends of friends" or "everyone."

Great! Right?

Well, no. Upon logging in, Facebook users were treated to a transition tool, which directed them to update old privacy settings, while offering suggested new settings. Ignoring the prompts automatically defaulted privacy settings to "everyone" mode -- meaning that everyone on the Internet could have access to information shared on the site.

Ostensibly, the idea behind the privacy changes was to give users direct control over what information they share and with whom. However, what wasn't made clear is what exactly the 'everyone' setting means. In actuality, "everyone" could mean the entirety of the Internet. The "everyone' setting makes users' Facebook information and status updates fair game for Google and other search engine pages, as well as some third-party Facebook-enhanced apps, which are not subjected to the site's privacy policy. Had that been made clearer, it's doubtful that more than 80 percent of users would have retained the default "everyone" setting.

No Peeking

Backpeddling time. Okay, well, sort of.

Facebook responded to the barrage of criticism about the "everyone" setting by eliminating the link to the Friends List on users' profiles, while also including an option for members who wish to block everyone from viewing their contact lists. Essentially, the Friends List block option prevents anyone, regardless of whether they're logged into Facebook or logged out, from viewing the user's list of friends.

Nice. Except that the information is still publicly available to Google and Bing searches, and can also be accessed by third-party applications -- just not within Facebook.

Meanwhile, the Electronic Privacy Information Center makes no bones about the fact that Facebook is speaking out of both sides of its mouth when it comes to users' privacy. The site was hounding members to update their privacy settings in November and December, but accompanied its prompts with "recommendations" that its members choose to disclose more information publicly, either with "everyone" or with "friends of friends."

Bada Bing

No one can deny that one of the biggest drivers for Facebook's privacy redesign was to make it more competitive with its biggest rival, micro-blogging site Twitter, which touts simplicity and ease of user as major assets.

So, when Microsoft recently announced a deal that would funnel some Twitter tweets onto the pages of its new search engine, Bing, it was not surprising that the software giant said that it was also currently negotiating a deal with Facebook that would allow status updates content to be incorporated on its search pages.

Microsoft failed to disclose exactly how Facebook posts and updates were to be incorporated into Bing, leaving users to worry about whether their status updates would end up on the pages of a major search engine. While not all Facebook updates are included, The New York Times reported that Bing would likely only publish updates users chose to make available to the public -- which could be a simple as enabling the default "everyone" privacy setting.

Publicly Chatty

It's not like Facebook hasn't had enough problems when it comes to privacy. As if its barrage of privacy issues and agency complaints weren't enough, the privacy concerns came to a head when Facebook accidentally exposed some users to others' private chats for a few embarrassing hours. Oops. But then again, it is social networking after all.

It's A Two Way Street

Facebook scored a lot of brownie points from users by making it abundantly clear that Google's social networking aggregator Friend Connect is not a welcome friend -- or entitled to any information -- arguing that the new service violates its own Terms of Service that prohibit the redistribution of Facebook’s user information to other developers without their knowledge or consent. (To clarify, that's prohibiting redistribution of user information without Facebook's knowledge or consent, not their users'.)

While Google itself doesn’t have its own domestic social networking site, Friend Connect aimed to serve as a two-way agent, intervening on behalf of other sites that might want access to the data contained in users’ profiles by allowing them to pull personal information out of Facebook and use it on other applications.

Facebook's maneuver seemed more than a little hypocritical, considering it came a week after the announcement of its own Facebook Connect, a service enabling the site’s users to integrate their identity, credentials and friends’ list seamlessly when using other Websites. Similar to Google’s service, Facebook Connect users have the same kind of control over applications as they have on the company’s site, and have the same ability to edit or update their profile and see the changes on other sites. It looks like there's only room for one ball player in the park.

Reconnecting With The Dearly Departed

In the spirit of innovation, the social networking giant released a Reconnect tool, which offers a service designed to "reconnect" members with old friends and contacts if they haven't communicated in a while. The Reconnect feature is an extension of the site's Suggestion service, which appears on the right hand side of the page, reminding users to get in touch with contacts possibly needing help on Facebook.

However, the new tool took reconnecting to a whole new level when it offered users a way to stay in touch with exes, current spouses and deceased Facebook contacts with existing profile pages.

Meanwhile, Facebook maintains in a company blog post where members could choose to memorialize a deceased loved one whose profiles remained intact by posting remembrances on their wall. Memorializing profiles begs one obvious question -- what if the person isn't really dead?

This Just In

Facebook created a stir among its user base by launching changes to its home page. The site launched an updated "News Feed" format resembling a Twitter-like interface that parallels the original Live Feed homepage interface, on which Facebook users could view a chronological list of their friends' status updates and postings. But instead, Facebook updated its format with a "top stories" feel by showcasing what it deemed as the most important, entertaining and interesting posts of the day.

One small misstep in many users' eyes -- Facebook essentially picked what it thought were users' top stories based on a variety of factors, including how many friends have liked and commented on the displayed posts, and how likely it thinks users will be to comment and interact with the Facebook contact. This of course is based on a metric that is not entirely understood by its user base.

Ultimately, what is designated an improvement, however, often results in friends' Facebook posts being accessible one minute and hidden the next, without a discernible reason why.

Help Us Help You

Ironically, before Facebook took some of its first steps on this privacy adventure, the social networking giant proposed to its users, "Hey, you get to help determine our guiding policies."

Yes, Facebook said a little over a year ago that its members would have the option to vote on future policies governing the service, including ones that governed privacy. Remember that?

Facebook founder CEO Mark Zuckerberg (pictured) said in February 2009 that users will have the opportunity to provide extensive feedback on the social networking site's governing policies, Facebook's Guiding Principles, which defines user rights and provides a framework for policy initiation, as well as its Statement of Rights and Responsibilities, which replaced the existing Terms of Use policy. Users were asked to review, comment and ultimately vote on revisions of the documents.

"Our main goal at Facebook is to help make the world more open and transparent. We believe that if we want to lead the world in this direction, then we must set an example by running our service this way," Zuckerberg said in company blog post. "I believe these steps are unprecedented in promoting understanding and enabling participation on the Web."

But despite the feedback and the updates, Facebook's privacy policy opens a hole that exposes users' personal information on public searches. And so, Facebook continues to be the man behind the curtain telling its users that they have more control over their privacy while not so subtly taking their privacy away.