In response to a firestorm of criticism from EFF and others ([1][2][3]), and after much internal debate, Facebook today announced a series of privacy changes to the social networking site as Facebook CEO Mark Zuckerberg promised on Monday.

We will be publishing instructions on how to best take advantage of the new settings shortly. For now, though, we wanted to quickly share our first impression:

The changes are pretty good, though more is needed.

All of the new settings are positive steps toward giving Facebook users more control over the privacy of their data, directly responding to several of EFF's criticisms and reversing some of the worst of Facebook's privacy missteps. However, we still have some fundamental concerns about the amount of user information being shared with third-party Facebook applications and web sites. So we hope that this is only Facebook's first step in a more privacy-conscious direction, rather than its last. Ultimately, Facebook must respect its own principles and users' privacy rights by giving users full control over how all their information is shared. (See EFF's Bill of Privacy Rights for social network users.)

To summarize, Facebook is announcing three big changes today:

  • Facebook will provide a new basic privacy settings page. It allows users to easily set a "default privacy level," which will apply across their individual privacy settings. That level can be one of the old options — Friends Only, Friends of Friends, etc — or a mix of privacy levels. Facebook has some recommended settings, but EFF recommends that users adopt stronger privacy settings than those recommended by Facebook.
  • Reversing one of the most controversial privacy changes it made in April, Facebook will restore true privacy controls for information about Facebook "Connections" that indicate your likes, interests, education, work history, hometown and current city, rather than requiring that all of your Connections be made public. However, your name, profile picture, gender and networks remain "public information," and "Your friend list is always available to applications."
  • Reversing one of the most controversial privacy changes it made last December, Facebook will restore users' ability to completely opt out of the sharing of their personal information with Facebook applications and connected web sites over the Facebook Platform, while also making it easier to opt out of information sharing with web sites participating in Facebook's Instant Personalization program. However, Instant Personalization was not made opt in.

A New Basic Privacy Settings Page

The first change is definitely a positive step, giving users an easy way to adjust many of their privacy settings with one click while still giving users the option to customize their individual privacy settings. This strikes a good balance between simplicity and granular control. These global settings will be "sticky" — that is, if you choose one of the global settings rather than customizing your individual settings, those settings will not be changed when Facebook rolls out new features. This is a substantive improvement, since it allows users to rein in sharing by future features. These new global settings will also apply retroactively to content you've already published on Facebook, so that if you previously published status messages or photos to Everybody but now choose to restrict that content to Friends Only, the new setting will control the visibility of your old content on the site. However, to the extent that content previously set to Everyone was already shared over the Facebook Platform with third-party apps or web sites, these new settings won't reverse that. Additionally, if you do customize, the default for new features will be the setting recommended by Facebook, which will vary from feature to feature.

We do have one warning about the new global privacy settings page, the same warning we gave in December: EFF does not recommend using Facebook's "recommended" set of settings, which would share a substantial amount of your information with Everyone. We think the much safer option for most users would be to set your general privacy default to a more restrictive level, like Friends Only, and then use the per-post privacy option introduced in December to publish to Everyone only those particular things that you're sure you want to share with the world.

Restoring True Privacy Settings for "Connections" Information

Last month, Facebook forced its users through a transition that we at EFF strongly criticized, requiring users to convert their likes and interests, their work and education history, and their hometowns and current cities into public "Connections" to other pages on Facebook. If users chose not to make that information public, it was simply deleted. And although "visibility" settings for that information remained, those settings only restricted who could see your Connections on your Facebook profile page, while they remained "public information" for other purposes. Thus, the settings did not prevent you from being identified on the pages you had "connected" to, and third-party apps and Facebook-connected web sites that you or your friends installed or interacted with were given access to all of your now-public "Connections" data.

Today, Facebook reversed course and restored true privacy settings for these categories of information, settings that not only restrict what's shown on your profile page but also restrict what information is shown on the pages you've connected to and what information is shared with third-party apps and web sites. Now, for example, if you set the privacy level for your interests or your activities to Friends Only, only your friends will see that information on your profile page or the connected page, and apps will have to ask for your permission before accessing it.

We still think that April's Connections transition was a bad turn for users, many of whom we expect made their information public out of confusion or because they simply didn't want to see it deleted. The restoration of privacy control over that data should help reverse much of the privacy damage for those users who revise their privacy settings. However, many users may not. We're disappointed that Facebook is not promoting these new privacy controls through the Facebook site as aggressively as it promoted the previous anti-privacy transition. Facebook should be giving users' a pop-up message explaining the new privacy option and asking users whether they want to take advantage of it, just like they forced users through a pop-up interface in April when it first took that option away.

Facebook is a site that many people joined because it was a more private alternative to sites like MySpace and Twitter. To keep in line with user expectations, no information should be required to be publicly available. Although we're pleased that Facebook has now narrowed the categories of information that are required to be public to your name, profile picture, gender, friend list, and the networks you've joined, we think that Facebook should follow its own stated principles and comply with EFF's Bill of Privacy Rights for Social Network Users by providing real privacy controls for all user information.

Restoring the Ability to Opt-Out of Information Sharing With Facebook Applications and Connected Web Sites

One of our biggest complaints about Facebook's privacy changes in December was the removal of users' ability to completely opt out of the sharing of their information with third-party applications and Facebook-connected web sites. Having this option was important because even if you choose not to use any Facebook applications or interact with connected web sites, any information that Facebook considers publicly available and anything you've published to Everyone is shared with any application or site that any of your friends use. Our friends at ACLU aptly named this privacy problem "the app gap" and did a great job publicizing it with their own Facebook quiz about Facebook quizzes.

Facebook has heard our complaints and has responded, giving back the ability to easily block all sharing of your information over the Facebook Platform with apps and web sites, including web sites participating in Facebook's Instant Personalization program.

However, the complete opt-out does not address the fundamental problem that has persisted for years: users should not have to forego using any and all apps in order to limit the distribution of their information to only the few apps and sites that they want to use. Many users will find at least one app that appeals to them, and the all or nothing opt-out may only be useful to the most privacy sensitive users.

Just because you may want to play the Scrabble app or build a Farmville farm, or may be interested in an instantly personalized experience on Pandora but are worried about the recent security problems at Yelp, doesn't mean that you want to share your information with any of the other tens of thousands of apps and web sites that your friends might use. Facebook should give users true control through a Platform opt-in list. An opt-in list would allow users to block information sharing with all apps and websites except for the ones with whom the user has affirmatively chosen to share. We will continue to push Facebook in this direction.

In Conclusion...

We appreciate that Facebook has taken the time to listen and respond to the public outcry over its latest privacy changes, and although today's changes don't address all of our concerns, they are a great first step in what will hopefully be a more privacy-driven direction for Facebook. We look forward to a continuing dialogue with Facebook on how to improve privacy on the site. In the meantime, stay tuned for more information from EFF on how to use these new options to maximize your privacy when you choose to share information with your friends and family on Facebook.

Related Issues