Facebook And The New Privacy Mess

The latest mess started last month, when the social network unveiled a program to let developers and third-party sites connect with user profiles. One part of the plan, called "instant personalization," will let three sites—Pandora, Yelp, and Microsoft Docs—look at your profile information so that you can have a "personalized" experience the first time you visit those pages (for example, Pandora will play music you like based on your Facebook profile). Every Facebook user automatically has instant personalization turned on—if you don't actively turn it off, your profile will get shared. (Facebook describes the project as an experiment; a spokeswoman told me that the company will inform users as new sites are added to the instant personalization program.

Facebook also pushed users to publicly declare their affiliations: employer, hometown, interests, and other biographical information. These changes followed December's "improvement" to Facebook's privacy settings page that encouraged people to make many parts of their pages public—the site's new settings page preselected loose controls over many categories of information. If you didn't want your posts made public by default, you had to check to keep your "old settings"; if you missed that part, you could have inadvertently made all your posts available to everyone online. Sure, Facebook offers lots and lots of ways for people to control these settings, but you'd need months of study to be able to understand all of the fine-grained tweaks.

Zuckerberg launched Facebook in 2004 as a social network for students at Harvard. The site's ambitions have steadily increased: In short order, it expanded to Stanford, Columbia, and Yale; then to the full Ivy League; then to colleges everywhere; then to everyone online; and finally, over the last few years, it's grown beyond Facebook.com, with Like and Connect buttons flooding sites across the Web. Over the same time, Facebook has added tools to let people share more stuff on the site, and it has loosened its policies governing the privacy of that information, making more of your information available to more people by default.

Each of these expansions was met with fierce grumbling, occasionally prompting a mea culpa letter from Zuckerberg. But never, in that time, did Zuckerberg backtrack from his general aim of pushing users to share more stuff more often, and Facebook never paid a price for it. Indeed, the numbers tell the opposite story—Facebook's gradual erosion of privacy correlates precisely with growing activity on the site. Facebook now has more than 400 million members, and it is the most-visited Web site in the country. The looser the rules, the more we use it. Facebook's executives naturally take this as confirmation that their changes were a good idea. And then, once we've become comfortable with the social network's latest settings, they decide to change their policies once again—and the same drama unfolds once more.

Some tech observers insist that Facebook has really done it this time. "You can only screw people for so long before it catches up to you," Web entrepreneur Jason Calacanis warned Zuckerberg in a recent blog post. "Facebook's Gone Rogue; It's Time for an Open Alternative,"Wired declared over the weekend. Both posts call for techies to come together to devise a new social network that will give people more control over their own information. Many have high hopes for a project called Diaspora*, which describes itself as "the privacy aware, personally controlled, do-it-all distributed open source social network." Diaspora* aims to tack against the centralized control of Facebook by letting people set up their own "nodes" to store their private information.