Feeds

Facebook simplifies controls but continues exposing users

Default settings flash entire internet

High performance access to file storage

Analysis Facebook was praised for simplifying its privacy controls on Wednesday, but critics say the moves fail to restore users' trust in the appropriate handling of their information.

The social network unveiled a greatly simplified interface for controlling user privacy settings, hosted on a single page. The previous set-up, featuring a bewildering array of 50 privacy settings and 170 privacy options, is to be phased out as the new controls are put in place.

Facebook has also backed away from insisting users need to share their friends list and pages with the world at large, effectively undoing controversial changes made last December.

Lastly there are new options to block all applications and websites, and opt-out of Instant Personalization. However users who opt-out of applications and the entire Facebook platform will be unable to play games, a major downside. Users are still being pushed to share information by default - the site still forces users to opt out of features they dislike rather than creating compelling reasons for users to opt in.

Privacy International reacted to the changes with "disappointment and frustration".

"While we acknowledge Facebook for putting right the mess that it created last December by deploying unusable settings, this latest action is only the first of many steps to be taken before the company can even hint that it understands the nature of privacy," it said.

Key to PI's concerns are that the default settings, which few users change, open up most of what a user posts on the site to the internet as a whole.

"The defaults - which Facebook unhelpfully describes as 'recommended settings' - are still set to for maximum disclosure to everyone. That means the vast majority of users will continue to operate on the site fully exposed. The company has done little to change this situation," PI said.

The privacy activists argue that Facebook's business model relies on monetising data harvested from customers. This runs counter to claims by chief exec Mark Zuckerberg at a press conference on Wednesday that the extent to which people shared or restricted data they posted on the site had little effect on ad revenue.

Chester Wisniewski, a researcher at anti-virus firm Sophos, argues that Facebook has changed its privacy controls without actually offering any increase in privacy:

"I welcome the simplified controls, but nothing has changed. Users are still defaulted to sharing too much information with the world, privacy itself has not really improved in any meaningful way, and the return of controls that were present previously simply addresses some of the most vocal complaints of their users," Wisniewsk said.

"I didn't see any hints of an apology, nor a solid acknowledgment that Facebook went too far."

Don Smith, VP of Engineering and Technology at web security firm SecureWorks agreed that the changes were an improvement but repeated the criticism that they do not go far enough, and will leave the majority of users sharing data to more people than they might suspect.

"The changes are definitely an improvement. However, they still do not go far enough in ensuring the default privacy settings minimise disclosure. For example, the new 'recommended' privacy settings expose data such as status updates to 'everyone' and photos and birthdates to 'friends of friends'.

“Looking at Facebook’s default settings over the last six years you can see that privacy eroded from initially sharing only a user’s name, gender and picture to a default stance of displaying all wall posts, photos, friends and networks to the entire Internet." ®

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Windows XP still has 27 per cent market share on its deathbed
Windows 7 making some gains on XP Death Day
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.