Facebook simplifies privacy settings, calls them too complex

The social-networking site is also getting ready to let members share content with anyone on the Internet

Facebook will simplify the way in which it offers privacy options to its users, as it gets ready to give its members for the first time the option to make the content they post on their profiles available to anyone on the Internet.

Right now, Facebook privacy controls are too scattered across multiple settings pages and they lack uniformity, creating confusion among members, Facebook Chief Privacy Officer Chris Kelly said Wednesday during a press conference.

This complexity prevents many members from taking full advantage of the very granular privacy controls that Facebook offers and that are one of the social-networking site's selling points.

"It's too complex at this point," Kelly said.

IDC analyst Caroline Dangson said that this is "absolutely true."

"The Facebook privacy settings aren't set up in an easy way for people to discover and understand their implications," she said.

If people don't feel they fully understand how to establish access settings to their profile content, they will not post and share as much as they would otherwise, Kelly said.

Consequently, Facebook will consolidate into one page all of its privacy settings and make the options more uniform, focused on five access levels: Everyone, which will eventually mean sharing with anyone, on or off Facebook; Friends and Networks, which means sharing with all friends on your list and with anyone on the same work or school network; Friends of Friends, which includes anyone who is a friend of one of your friends; only Friends; and Custom, in which a user manually hand-picks the people to share with.

Facebook will continue to allow members to set different privacy settings for specific sections of their profile and also for individual pieces of content, like a photograph, status updates, a Web link, a video clip or a text note.

The option to share with "Everyone" currently refers to anyone on Facebook, but will soon broaden its scope to anyone on the Internet, including people who aren't on the social-networking site. Facebook hasn't yet decided to what extent search engines like Google will be able to index the content tagged for "everyone."

This "Everyone" option is widely seen as Facebook's attempt to counter the popularity of Twitter, the micro-blogging site and social network that has experienced meteoric growth in the past year and which many see as a credible threat to Facebook.

Posts on Twitter are by default public to anyone on the Internet, and the service has been embraced by consumers wanting to provide real-time status updates publicly about their lives and work, and by businesses as a way to widely promote their products and services.

Twitter fulfilled that underserved need that Facebook hasn't been able to, because until now Facebook hasn't made it possible for its members to share their profile content, with the exception of bare-bones information in public search engines.

Facebook has been taking steps to give members more options to share their profile content more widely in recent months, including the start last week of a test for a new version of its Publisher, the tool that members can use to post notes, status updates, links, photos, videos and other content on their profile "wall" and share them with their friends.

This new Publisher version, now in limited beta, lets members determine the privacy settings of each individual post they make, and includes the option for members to share whatever they post with "Everyone" on the Internet, on or off Facebook.

In March, Facebook started giving members the option to share all or some parts of their profile with everyone on Facebook; previously, people could only do that with hand-picked "friends" or members of the same geographical, school or employer networks.

It's not a simple task for Facebook to modify its site to match up with Twitter in the area of real-time, public postings, IDC's Dangson said. "Facebook's culture is different from Twitter's. Facebook is more closed because there you have a more robust profile," she said. Since people post more content on Facebook, the stakes are much higher in terms of controlling access to that content, Dangson said.

It will also be important for Facebook to clearly explain how these changes impact the way in which third-party applications apply privacy controls to the members' information they access, Dangson said.

Asked for comment about how the new privacy changes will be reflected in third-party applications, a Facebook spokeswoman said via e-mail: "Currently, when a user publishes a story through the Publisher for a third party application, they do not have specific per-post privacy settings. This is something we're considering for the future, but developers currently do not have to 're-configure' their applications to accommodate these new settings. Additionally, nothing is changing with application privacy settings."

Dangson recognizes that the new per-post privacy settings would be difficult to require from third-party Facebook application developers, but said Facebook should strive to make the experience within those external applications as consistent with its main platform as possible.

"Unfortunately, consumers think of all activity within the Facebook platform as Facebook. If something goes awry with an application or consumers get confused about the different privacy standards, Facebook will take the blame," Dangson said.

Another change announced previously but discussed more in depth on Wednesday is Facebook's decision to do away with regional networks, in which people could opt to share their profile with anyone in their same geographic network.

This option has been traditionally confusing, which is why about half of Facebook's members have opted not to belong to a regional network, said Leah Pearlman, a Facebook product manager.

Some regional networks are too large, such as the case where people only have the option to sign up for the country they live in, and don't necessarily represent a group with a common bond for sharing, like schools or work networks do, she said.

"We're removing them entirely," Pearlman said.

These changes will be implemented in the coming days, the Facebook spokeswoman said.

During this process, Facebook will present members with what it calls "transition tools," in which it explains the changes and makes suggestions for how people might want to configure their settings.

It's important for Facebook to engage in this type of outreach and guidance because while people consider privacy important and they worry about misuse of their information, they don't always devote the necessary time to educate themselves about this topic, IDC's Dangson said.

Facebook officials on Wednesday acknowledged that the company will nudge members towards making more of their profiles open, as opposed to only visible to friends. Privacy settings that members have set will carry over as they are right now.

These changes don't affect how Facebook shares member information with advertisers, which will continue to only happen when users give Facebook permission to do so, officials said.

Join the CSO newsletter!

Error: Please check your email address.

Tags Facebookprivacy

More about FacebookGoogleIDC Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Juan Carlos Perez

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place