Facebook’s new privacy settings

Last week, Facebook just upgraded its privacy settings. I am sure by now many of you have gone through the new privacy setting wizard. But do you know all the ins and outs of the new settings and how to navigate them?

In general, the new Facebook privacy setting menu is easy to use and straightforward. Some of the new options Facebook provides are positive changes. For instance, you can now hide a wall post to specific individuals (or make them visible to specific individuals). This level of fine-grained control was not available before, which is a welcome change.

However, in the course of migrating to the new privacy settings, Facebook has made several categories of information visible by default to “Everyone”. If you didn’t actively manage your privacy settings through this new migration, some of your information, such as Family and Relationship, Education and work, and your posts will be left visible to everyone, regardless of what your previous privacy settings were.

Another puzzling thing is that Facebook apparently does not think the ability to control who can see your “Friends list” belongs in privacy settings. Moreover, they’ve made everybody’s Friends list visible to the world by default. To turn that off, you have to go to your profile page and click the little crayon icon next to your friends list to unselect the “Show Friend List to everyone” option. If you have previously hidden your Friend list from public view, they are now free for all to see unless you did the little trick with the crayon icon! Even worse, your Friend list will now show up in search engine results.

Speaking of indexing by search engines, Facebook’s privacy settings do provide an option via which you can prevent search engines from indexing your public Facebook information, which is information that you’ve elected to be viewable by everyone (or is it?). Despite the fact that I had strenuously set and checked all my privacy settings, including uncheck the “Show Friend List to everyone” option, Facebook is still showing a sample of my friends to search engines! And we know that once a search engine has indexed and cached your information, it’s virtually impossible to purge the info completely. 

The specific options and settings aside, this concept of PAI, short for publicly available information, is one that worth a bit of ink. Everyone has a different idea of what their PAI should be. However, Facebook has decided that certain categories of information, such as your profile picture, family and relationship info, education and work info, interest and activities, and group memberships, etc. should be PAI, and they’ve gone ahead and made these categories visible to everyone by default. You have to go through the entire privacy menu to change that.

In this age of search engines, content caching, and near-ubiquitous connectivity, have you really thought about what you should place (and not place) in your PAI? Do you really understand all the consequences of putting a specific piece of information in PAI? Do you know how long the information will be available long after Facebook has become yesterday’s news? Most of us don’t internalize the fact that every time you label something public, this “thing” will probably live in the public domain forever in some way, shape and form. Is this something you can live with? Will you still write that paragraph of “About me” and make it viewable by “Everyone”, if you know 50 years from now people can still find that? This is of course independent of Facebook or any social networking platforms in general, it is about fundamentally what information, as an individual, you want to expose to the world. Once we have a good grasp of PAI, we can then look at specific social networking or social media tools and demand them to give us the flexibility and controls to manage our PAI.


About Chenxi Wang

Dr. Chenxi Wang is a Principal Analyst with Forrester Research. She serves on the security and risk team, covering topics such as cloud security, application security, and content security. Previously Chenxi was Chief Scientist with KSR Inc. (now part of Neohapsis). Prior to that Chenxi was an Associate Professor at Carnegie Mellon University.
This entry was posted in Uncategorized. Bookmark the permalink.

1 Response to Facebook’s new privacy settings

  1. Saqib Ali says:

    (note: This comment was posted on Dr. Wang’s Forrester blog as well)

    Dr. Wang,

    I agree that Facebook and other SM sites in general haven’t done a good job of making the users aware of what information is available publicly. However, I don’t think it is entirely up to FB to provide this user awareness training. New cars come with an Operator’s Manual but not a Driving Manual. Driving proficiency is assumed with possession of a Driver’s License. And if the driver gets in an accident due to poor driving skills, the car manufacturer is not be blamed. I am not saying that we need to regulate Internet usage privileges to the point that we require licenses to connect to the internet, but at the same time we cannot hold SM sites accountable.

    In the end, it is up to us to join or not join Facebook.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s