Feeds

Facebook simplifies controls but continues exposing users

Default settings flash entire internet

Security for virtualized datacentres

Analysis Facebook was praised for simplifying its privacy controls on Wednesday, but critics say the moves fail to restore users' trust in the appropriate handling of their information.

The social network unveiled a greatly simplified interface for controlling user privacy settings, hosted on a single page. The previous set-up, featuring a bewildering array of 50 privacy settings and 170 privacy options, is to be phased out as the new controls are put in place.

Facebook has also backed away from insisting users need to share their friends list and pages with the world at large, effectively undoing controversial changes made last December.

Lastly there are new options to block all applications and websites, and opt-out of Instant Personalization. However users who opt-out of applications and the entire Facebook platform will be unable to play games, a major downside. Users are still being pushed to share information by default - the site still forces users to opt out of features they dislike rather than creating compelling reasons for users to opt in.

Privacy International reacted to the changes with "disappointment and frustration".

"While we acknowledge Facebook for putting right the mess that it created last December by deploying unusable settings, this latest action is only the first of many steps to be taken before the company can even hint that it understands the nature of privacy," it said.

Key to PI's concerns are that the default settings, which few users change, open up most of what a user posts on the site to the internet as a whole.

"The defaults - which Facebook unhelpfully describes as 'recommended settings' - are still set to for maximum disclosure to everyone. That means the vast majority of users will continue to operate on the site fully exposed. The company has done little to change this situation," PI said.

The privacy activists argue that Facebook's business model relies on monetising data harvested from customers. This runs counter to claims by chief exec Mark Zuckerberg at a press conference on Wednesday that the extent to which people shared or restricted data they posted on the site had little effect on ad revenue.

Chester Wisniewski, a researcher at anti-virus firm Sophos, argues that Facebook has changed its privacy controls without actually offering any increase in privacy:

"I welcome the simplified controls, but nothing has changed. Users are still defaulted to sharing too much information with the world, privacy itself has not really improved in any meaningful way, and the return of controls that were present previously simply addresses some of the most vocal complaints of their users," Wisniewsk said.

"I didn't see any hints of an apology, nor a solid acknowledgment that Facebook went too far."

Don Smith, VP of Engineering and Technology at web security firm SecureWorks agreed that the changes were an improvement but repeated the criticism that they do not go far enough, and will leave the majority of users sharing data to more people than they might suspect.

"The changes are definitely an improvement. However, they still do not go far enough in ensuring the default privacy settings minimise disclosure. For example, the new 'recommended' privacy settings expose data such as status updates to 'everyone' and photos and birthdates to 'friends of friends'.

“Looking at Facebook’s default settings over the last six years you can see that privacy eroded from initially sharing only a user’s name, gender and picture to a default stance of displaying all wall posts, photos, friends and networks to the entire Internet." ®

Internet Security Threat Report 2014

More from The Register

next story
ONE MILLION people already running Windows 10
A third of them are doing it in VMs, but early feedback focuses on frippery
Netscape Navigator - the browser that started it all - turns 20
It was 20 years ago today, Marc Andreeesen taught the band to play
Sway: Microsoft's new Office app doesn't have an Undo function
Content aggregation, meet the workplace ... oh
Sign off my IT project or I’ll PHONE your MUM
Honestly, it’s a piece of piss
Do Moan! MONSTER 6-day EMAIL OUTAGE hits Domain Monster
Customers freaked out by frightful service
Return of the Jedi – Apache reclaims web server crown
.london, .hamburg and .公司 - that's .com in Chinese - storm the web server charts
NetWare sales revive in China thanks to that man Snowden
If it ain't Microsoft, it's in fashion behind the Great Firewall
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.