Feeds

Facebook simplifies controls but continues exposing users

Default settings flash entire internet

Choosing a cloud hosting partner with confidence

Analysis Facebook was praised for simplifying its privacy controls on Wednesday, but critics say the moves fail to restore users' trust in the appropriate handling of their information.

The social network unveiled a greatly simplified interface for controlling user privacy settings, hosted on a single page. The previous set-up, featuring a bewildering array of 50 privacy settings and 170 privacy options, is to be phased out as the new controls are put in place.

Facebook has also backed away from insisting users need to share their friends list and pages with the world at large, effectively undoing controversial changes made last December.

Lastly there are new options to block all applications and websites, and opt-out of Instant Personalization. However users who opt-out of applications and the entire Facebook platform will be unable to play games, a major downside. Users are still being pushed to share information by default - the site still forces users to opt out of features they dislike rather than creating compelling reasons for users to opt in.

Privacy International reacted to the changes with "disappointment and frustration".

"While we acknowledge Facebook for putting right the mess that it created last December by deploying unusable settings, this latest action is only the first of many steps to be taken before the company can even hint that it understands the nature of privacy," it said.

Key to PI's concerns are that the default settings, which few users change, open up most of what a user posts on the site to the internet as a whole.

"The defaults - which Facebook unhelpfully describes as 'recommended settings' - are still set to for maximum disclosure to everyone. That means the vast majority of users will continue to operate on the site fully exposed. The company has done little to change this situation," PI said.

The privacy activists argue that Facebook's business model relies on monetising data harvested from customers. This runs counter to claims by chief exec Mark Zuckerberg at a press conference on Wednesday that the extent to which people shared or restricted data they posted on the site had little effect on ad revenue.

Chester Wisniewski, a researcher at anti-virus firm Sophos, argues that Facebook has changed its privacy controls without actually offering any increase in privacy:

"I welcome the simplified controls, but nothing has changed. Users are still defaulted to sharing too much information with the world, privacy itself has not really improved in any meaningful way, and the return of controls that were present previously simply addresses some of the most vocal complaints of their users," Wisniewsk said.

"I didn't see any hints of an apology, nor a solid acknowledgment that Facebook went too far."

Don Smith, VP of Engineering and Technology at web security firm SecureWorks agreed that the changes were an improvement but repeated the criticism that they do not go far enough, and will leave the majority of users sharing data to more people than they might suspect.

"The changes are definitely an improvement. However, they still do not go far enough in ensuring the default privacy settings minimise disclosure. For example, the new 'recommended' privacy settings expose data such as status updates to 'everyone' and photos and birthdates to 'friends of friends'.

“Looking at Facebook’s default settings over the last six years you can see that privacy eroded from initially sharing only a user’s name, gender and picture to a default stance of displaying all wall posts, photos, friends and networks to the entire Internet." ®

Beginner's guide to SSL certificates

More from The Register

next story
Nexus 7 fandroids tell of salty taste after sucking on Google's Lollipop
Web giant looking into why version 5.0 of Android is crippling older slabs
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.