allfacebook - the unofficial facebook blog

Jay Meattle has a great post which includes the following image of traffic to the privacy settings within Facebook:

Jay suggests that the above chart illustrates that users need to be further educated about privacy on Facebook. For what many in the blogosphere and mainstream media have coined the “Beacon Fiasco” it appears that it may not have actually been as much of a fiasco for Facebook. Approximately half a percent of users visit their privacy settings each week. Following the announcement that Facebook profiles would be accessible to search engines privacy settings traffic doubled. This is in contrast to traffic following the Beacon Fiasco which was ultimately flat.

Do Facebook users care about privacy? According to Jay they definitely do and the spike in traffic following Facebook’s decision to grant search engine access to user profiles should illustrate users’ concern for their privacy. The lack of traffic growth during the Beacon Fiasco implies that users were not thoroughly educated on the issue. Honestly, who’s job is it to educate the user? Should users self-educate or should this be a role that Facebook plays?

My opinion is that the user should educate them self just as they do prior to signing a contract. What do you think?

Security on Facebook seems to be a constant concern for everyone. No where is this more important than in the business world. The idea is simple, if you create a private group for our employees you don’t want random people finding your network and joining it.

I ran across a business blog called SMUG that is putting some security aspects of Facebook to the test. SMUG has set up a private network and trying to see if anyone one can join it. You can visit the blog for all the details but the basic rundown is this pretty simple.

Basically SMUG will pay anyone 100 dollars if they can find information about its new network in the Facebook news feed. They are also providing 200 dollars for anyone that can join the network and upload an image. SMUG is giving you the name and location of the network and is actually hoping that you can break into their group.

It will be interesting to see if Facebook’s private security measures fail when money is on the line. I say give it a shot, read the SMUG blog and see if you can win a couple hundred dollars. Let me know how it works out. Happy hunting.

One thing about Facebook is they sure listen. When Facebook’s user base cries, like a bird coming to its chics, Facebook opens up and supplies an answer. The most recent uproar coming from the Facebook crowd was something we have been following for a few days. The reported problem of deleting user data from Facebook.

Facebook gave no concrete information on how or when these changes would take place, but in the perfect PR sense, Facebook is playing damage control. Facebook is trying to stop the flood of complaints before it becomes a true ocean of complaints. According to Mark Hawthorn, of The Age, nearly 10,000 people have joined the group called “How to permanently delete your Facebook account.”

Facebook is taking a page from the ‘Scrabulous’ page and trying to stop another Facebook movement before it gets out of hand. As we have seen in the past Facebook users tend to join groups and movements that directly effect them. Facebook should be commended for trying to fix a problem before it gets totally out of hand.

I am not letting Facebook off the hook, there should have been clear instructions on how best to delete your profile, but they did (in a round about way) tell users how to delete their account. At the same time privacy protection has to be on the forefront of every Facebook users mind.

Both users and Facebook should learn from this experience. Facebook shouldn’t assume that users are going to jump through hoops to try and delete profiles. Users shouldn’t assume that Facebook is going to spoon feed them solutions to every problem. As social networks grow and change there are going to be growing pains. We shouldn’t light the torches and grab the pitch forks every time we think a new monster is coming.

How do you think Facebook is handling the situation? Is Facebook taking the proper steps to protect user data? Are users expecting to much from Facebook? Let me know.

I’ve been having a back-and-forth with an acquaintance of mine over Facebook for a while now. Whenever I see him post pictures of his young grandchildren I send him a message warning him that his Facebook friends can see them, and that perhaps his privacy settings should be stronger.

Every time he asks me “can you see them now?” and every time I say “yep” a few times until he finally fixes it.

I also have a friend who bragged to me that she has very few contacts, and that nobody can see any of her pictures unless she adds them as friends. Well, she was right. At least, she was right about all of the pictures that hadn’t at one point been used as her profile picture (which happened to be virtually none of them). All a person would have to do to access them is message her and any response would open up her not-so-limited profile.

She certainly didn’t know that this was the case. Does she realize that applications encourage me to add her pictures to a public database, like the celebrity face matcher that I mentioned earlier today?

I’m not making any complaints about Facebook’s privacy settings. In fact, aside from the Beacon fiasco and the fact that applications can access my pictures through my friends’ profiles, I’m generally very impressed.

I’m merely suggesting that the average users may be overconfident in their sense of privacy. Is it Facebook’s responsibility to make sure we take the time to learn how to use the site’s were using properly? Also, is there really any legitimate expectation of privacy?

… and if not, and we’ve entered the public sphere by joining Facebook, will this have legal implications? People who enter the public sphere give up a ton of privacy rights.

Let me know what you think.

- Jonathan Kleiman

In a recent article published by News:lite, the GCHQ, England’s version of the NSA, has stated that they can not track communications through services like Facebook and Skype. While privacy advocates are probably praising this admission, security experts are really beginning to worry.

For years intelligence agencies have relied on traditional forms of communication breaking to hack into suspected wrong doers lives. As more and more bad guys are turning to the internet to communicate spy agencies are having a tough time keeping up.

Britons head code breaker, Sir David Pepper, went on record as saying: “The Internet uses a very different approach to communications in that, rather than having any sense of fixed lines like that, there is big network with a number of nodes.” I have no fear that intelligence agencies will find a way to track those who don’t want to be track, but I find it ironic that Facebook is being mentioned as being too secure.

It seems Facebook can’t quite catch a break when it comes to the issue of security. If they are not getting hounded for giving away users data they are getting called out by spies for keeping too much data secret. What I really think is going on here is basically the name game, on all sides of the argument.

Facebook is providing a service, a service that people are unsure of at times. Instead of finding solutions to security problems people are finding scape goats. I know we have asked this before, but how do you feel about Facebook’s security level? Do you think evil doers could use it to communicate with fellow evil doers? Let me know.

I recently posted a story out of Canada discussing the legal issues of posting the names of youths who have been accused with a crime in Canada. As I am an American my education in the realm of Communication Law has only extends to the laws of the United States where I helm my professional career. That being said I am forever interested in legal cases that pertain to Comm. Law anywhere in the world.

Jodie Sinnema, out of the CanWest News Service, just posted an article in the Canadian daily Times Colonist about three teens being charged with a crime after malicious Facebook profiles were created about them detailing acts of cruelty against cats. According to the article police were able to investigate and then charge these teens with animal cruelty based on information obtained from the Facebook profile.

Sadly the website that posted the names of the teens also posted hate words and promised acts of violence against the accused teens. This brings a legal dilemma for the police: if the Facebook profiles are used as evidence in court, the accused can counter sue the original posters. Also, since the original Facebook postings promised violence and bodily harm, the original poster can be charged with a crime as well.

While this is not the first case of Facebook being used to help fight crime, it does bring to light the duality of committing a crime to help fight crime. As law enforcement officials begin to use new media more and more to help fight crime, laws will be constantly challenged and reevaluated.

Should Facebook begin monitoring profiles for illegal activity on any level? Should the authorities actively pursue ALL illegal actives found on Facebook? Is committing a crime to stop a crime morally permissible?

Let me know how you feel about any of these questions, I would love to hear your opinion on this subject.

I would have thought that the Facebook drama would have ceased by now but it has instead continued to drag on. Will this drama kill Facebook Beacon? I’m not quite sure but what I do know is that bloggers have suddenly become obsessed with the topic. Erick Schonfeld has called Facebook’s policy of sending data from Beacon partners to their site whether you are signed in or not unacceptable. I couldn’t agree more. I have a funny feeling that Beacon is going to get shelved until they can redesign the service.

Passing personal data between sites is an extremely risky procedure. Additionally, any site that embeds Facebook Beacon is forced to provide personal data anytime a Beacon enabled page is loaded. There is no way around this currently unless Facebook were to develop a Beacon development library to the participating site. Perhaps that is what will have to happen in the end: a Facebook Beacon API. If a user isn’t logged into Facebook, the participating company doesn’t send data to Facebook and vice versa.

I honestly can’t think up any other solution. This whole Beacon experience has brought to light the larger issue of individual privacy rights on the web. I have to wonder if the same critics of Facebook Beacon have held other services such as Google Adsense and Google Analytics to the same type of scrutiny. I know that I haven’t and I don’t have the technical capacity to do so either. This is not to suggest that Beacon has not crossed into new territory but I don’t recall other services being held under the microscope.

The practice of thoroughly analyzing each of these products is a great one and I only hope that the same level of scrutiny is held for all other services. Additionally, I am beginning to wonder if Beacon is the primary service that Mark Zuckerberg believes will justify Facebook’s ridiculous valuation. If so, they may want to reconsider their business model. There are a number of other services that Facebook could begin to offer that would truly begin to provide value for the users rather than simply serving their commercial interests.

Do you think Beacon was supposed to be Facebook’s future source for revenue or simply an experiment with horrible results?

Nick has written a lot about Beacon and seems keen on a global opt-out. That would help the user experience, but to the privacy campaigners the ability to turn it off is not crucial - having it turned on in the first place, without being properly notified, is what really riles them. And quite right too.

Some commentators have unhelpfully suggested that if you don’t want to use Beacon, just don’t use Facebook. That works… but in the arrogant aftermath of “there’s no opting out of advertising”, users weren’t given any warning to make a run for it.

If Facebook insists that the cost of using the service is full participation in Beacon, then that’s fine. But give us more than 40 seconds of screen-corner popup to make up our minds. Anyway - whoever heard of a form that disappears? You were always supposed to visit the bathroom while Overstock streams your credit card across the internet, but you can’t risk that anymore.

Are they afraid that users might not be interested in using it? Maybe so, and they should feel free to insist that their users participate. Just don’t blink after 40 seconds. Designing the system to trip users into it is unfriendly.

Now we know what Facebook want to charge users for their site, how should they go about collecting their dues? Ever pragmatic, might I suggest a possible user interface component, that Facebook could display when you visit the site following a Beaconed purchase:

I’d be clicking “Yes”, by the way. But thank you for asking.

On Monday I argued that Facebook would soon change Beacon to provide a global opt-out feature. According to Business Week, “Executives of the three-year-old company were in deep talks over proposed changes late into the afternoon on Nov. 28, according to a person familiar with the matter. At issue is the Beacon program, which alerts members’ Facebook ‘friends’ to purchases and other activities on third-party Web sites.”

Following the rumored discussions last night, Paul Janzer of Facebook, posted on the MoveOn.org Facebook group that is petitioning against Facebook Beacon privacy violations:

Thanks for your feedback about Facebook Beacon, it has definitely helped us make some changes to the product that we hope will provide you with a better experience on Facebook. Beacon was designed to help you share all the interesting things that you are doing outside of Facebook with your friends. Just like you have full control over your information on Facebook, you decide whether or not you want Beacon stories to be published and from which site.

Your feedback has made it clear that Beacon can be kind of confusing. To fix this, we are clarifying the way we inform you about a Beacon story before you decide whether or not you’d like to publish it on Facebook. We’re also working on making the sites that offer Beacon more visible to you, both on Facebook and through visual cues, so you can determine which specific sites you can publish stories from. Also, we’re providing more information on how Beacon works through a new tutorial and expanded help pages.

We’re sorry if we spoiled some of your holiday gift-giving plans. We are really trying to provide you with new meaningful ways, like Beacon, to help you connect and share information with your friends. Thanks for taking the time to express your opinions about our products. Please keep the feedback coming as we continuously work to improve your Facebook experience.

The response by Janzer fails to mention anything regarding a global opt-out feature that many have been calling for. While Facebook may argue that users have agreed to the Beacon service by becoming members of Facebook, opting-in users by default is not only controversial but it’s wrong. It sounds as though Facebook will be changing the design of the Beacon alerts so that they are more obvious. I think this is a great first step but Facebook needs to suck it up and add the global opt-out feature. What do you think about Janzer’s comments?

Caroline McCarthy has posted about a second offensive being launched by MoveOn.org. Apparently their statements last week were not enough. After Caroline wrote about MoveOn.org’s post, Facebook posted a response stating:

Facebook is listening to feedback from its users and committed to evolving Beacon so users have even more control over the actions shared from participating sites with their friends on Facebook. Facebook already has made changes to ensure that no information is shared unless a user receives notifications both on a participating website and on Facebook.

What this sounds like is that Facebook will soon respond by making changes to Beacon. MoveOn.org immediately responded stating that Facebook has not actually changed anything to Beacon. While they haven’t, I’d be willing to bet that Facebook is going to add the global opt-out option that was present on early screenshots of Facebook Beacon.

While most users haven’t been overly vocal about the Facebook Beacon service, bloggers definitely have. I can guarantee that the bloggers are not going to shut up until Facebook either makes Beacon an opt-in service or adds a global opt-out option. Do you think Facebook should change their Beacon system?

• Is a drunken poke as bad as a drunken grope?
• Digg Overtakes Facebook with 1400% Growth, 22.6 Million Uniques
• Facebook Generation: Will Social Networks Change the Nature of Philanthropy?
• Facebook Developers Meetup part 2 - Cruxy demo
• Facebook PHP Api Performance by Elliott Back
• Facebook's app feeding frenzy
• Analyzing the Facebook Platform, three weeks in
• Facebook term paper - an Ethnography of Communication
• AllFacebook.com - The Unofficial Facebook Blog
• Joe Green on Project Agape and Online Democracy
• FaceBook as an Institutional Repository?
• Did Facebook Play Favorites with Obama?
• Facebook's 105 Most Popular Applications Ranked
• Growing Up in Public
• Building Your Brand In Facebook
• Facebook Watch 2.0
• Facebook.com Song
• Break.com Facebook Application
• How To Leverage The New Facebook Platform
• Facebook Movie
• Does what happens in the Facebook stay in the Facebook?
• TravelPod
• The New Portals: It?s the Bread, Not the Peanut Butter
• Facebook Spreadflock App at spatialviews
• Facebook shows vast increase from UK users - Internet - BizReport
• RED HERRING | Betting on Facebook
• Facebook Podcast Player
• Anything to Keep That Traffic Coming In, Eh Zuckerberg?
• Facebook grows while MySpace slows
• Mosoto
• Tech Crunch
• The Webpreneur
• Mashable
• Del.icio.us
• Facebook
• Google