Facebook users to get more privacy; developers, less freedom

Facebook recently announced that it will make more changes to its privacy settings and set tighter control over what pieces of data third-party applications can access.

On Facebook, the struggle to figure out who owns and accesses our data remains years away from any resolution - if we ever reach one. Yesterday, Facebook announced that it would act to shore up some privacy concerns that were voiced a month ago by Jennifer Stoddart, the privacy commissioner of Canada.

At the time, Stoddart noted that Facebook's current privacy settings were unclear to users. Among her complaints: The fact that Facebook stores information even after users delete an account, a criticism privacy advocates had also leveled at the social network in the past.

Aside from the information in our profiles that we choose to make available to our friends, friends of friends, or everyone on Facebook, the biggest security and privacy loophole could be in third-party applications, another issue Facebook addressed yesterday.

These are those quizzes and games, where you decide what movie character you're most like or the team to which you mostly closely associate yourself. To date, when you choose to access the app, you're not only exposing all of your information in your profile to the third-party developer that created it, you're also surfacing your friends' data. As ReadWriteWeb reported, the northern California chapter of the American Civil Liberties Union (ACLU) put together a campaign to display just how fragile your privacy is on the social network when you access one of these applications.

As Sarah Perez of RWW writes, "The second question is even more disturbing. It informs you that everything on your profile is made available to the developers when your friends take a quiz. To drive this point home, the ACLU's Quiz loads up information pulled from your friends' profiles and displays that data below the answer for your perusal. Here, information on your friends is shown including hometowns, favorite books, political views, networks, birthdays, number of wall posts and even personal photos."

Finally, this troubling feature will change. It has to. According to Facebook, applications will have to be more transparent in showing users what pieces of data they hope to access. Ideally, users will have to sign off on what pieces of their Facebook data (and their friends') that developers are allowed to pull into the application.

What will this mean? Essentially, it will be a big blow to application developers on Facebook, but ultimately a win for users. For developers, it shows what fragile business models they have as they seek to make their money on the Facebook platform. These privacy changes aren't made with malice toward the developers on Facebook's part. In fact, the company is incredibly generous with the traffic and engagement it gives these third-party sites and apps, so far asking nothing in return.

But in the end, Facebook must protect their users.

For Facebook, privacy represents a huge business opportunity. Facebook Connect allows us to take our identities (as portrayed on Facebook) to other sites, streamlining registration and allowing us to find friends who also belong to those sites. As this happens, and if Facebook can become the trusted provider to manage our identities, it could quickly deliver a more powerful business advantage than any ad it sells on the site ever could.

C.G. Lynch covers consumer web and social technologies for CIO.com. He writes frequently on Twitter, Facebook and Google. You can follow him on Twitter: @cglynch.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityFacebookprivacy

More about etworkFacebookGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by C.G. Lynch

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts