Feeds

Facebook unveils simpler privacy controls to spur sharing

Privacy theatre aims to answer critics

SANS - Survey on application security programs

Facebook simplified privacy settings on Wednesday in response to sustained criticism over previous changes that has reached a crescendo in recent weeks.

The changes introduce a one-click control for content. Users can choose to share content on Facebook with friends, friends of friends, or everyone. The social network has retained granular controls for those who want to customise these settings, with controls moved over onto a single page.

Users can now restrict access to their personal connections (friends and pages, which are replacing lists of interests, universities attended etc.) on Facebook to a circle of friends, if they desire. A person's name and picture will always be available to everyone, as before, to aid searching. The social network also promised to carry over users presets when it introduces new products, something it conspicuously failed to do with the privacy roll-back it applied last December, the last time the social network made major privacy changes.

In response to criticism, Facebook has made it much simpler to turn off features that allow the sharing of data with third-party websites. Screenshots illustrating the new controls can be found here. All this seems well and good but the devil may well lie in the details.

Some security commentators have already criticised the opt-out approach to changes once again adopted by Facebook. Others have described the revised policy as seemingly impressive but low on actual protection, something Ed Felten describes as "privacy theatre".

A seemingly nervous Facebook chief exec Mark Zuckerberg announced the changes at a press conference on Wednesday. "We're simplifying controls and putting them all in one place," he explained.

The complexity of Facebook's privacy controls, previously featuring 50 privacy settings and 170 privacy options, as well as the gradual erosion of privacy safeguards on Facebook over the last years have featuring prominent in criticisms of the site by privacy activists, regulators, and in the media in recent weeks. Zuckerberg admitted there were far too many controls, arguing that this made people uncomfortable in sharing information with contacts. "When people have control over what they share, they want to share more," he said.

The escalating row over the privacy roll-back last December that witnessed previously shielded information becoming open by default was joined by a fresh barney over Facebook's plans to share user information automatically with "pre-approved" websites in recent weeks.

Zuckerberg restated his previous admission that errors were made with previous privacy changes. He repeatedly said that he wanted to encourage people to share more information but said this wasn't because it suited Facebook's commercial interests.

The line was that advertisers may target ads to people according to certain demographics, but they receive only anonymous data reports (except on the small number of occasions when things go wrong).

"It doesn't matter who you share information with it doesn't affect ads," Zuckerberg said. "In fact, by pushing data portability, we're doing the complete opposite and helping other websites to sell ads."

Zuckerberg concluded that the latest privacy overhaul would be the last for a long (unspecified) time.

Facebook has a long history of making changes to the site that irk the privacy sensitive, including its Beacon advertising system in 2007 and its earlier Newsfeed feature, which critics initially described as a gift for stalkers.

During a question and answer session with journalists, Zuckerberg said the uproar created by Newsfeed involved numerically fewer aggrieved parties but more aggressive opposition, featuring demonstrations outside Facebook's headquarters, than the latest protests.

Significantly, despite all the buzz in the blogsphere about quitting Facebook in protest at its privacy-eroding ways, Zuckerburg maintained the growth of the site had been unaffected by the latest protests.

Facebook's new privacy guide can be found here. The changes will be rolled out to to Facebook's 400 millions users starting on Wednesday in a process that is likely to take a few weeks. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.