January 29, 2013 | By Adi Kamdar

Facebook Graph Search: Privacy Control You Still Don't Have

Facebook's Graph Search has certainly caused quite a stir since it was first announced two weeks ago. We wrote earlier about how Graph Search, still in beta, presents new privacy problems by making shared information discoverable when previously it was hard—if not impossible—to find at a large scale. We also put out a call to action—and even created a handy how-to guide—urging people to reassess their privacy settings.  

By locking down your privacy settings, you can help prevent your information from appearing in searches run by strangers and protect your friends from showing up in results. (We've updated the how-to accordingly.) But even when you've set all your settings to "Friends" only, it turns out you can still appear in strangers' search results.

Some unwanted search results are through your associations with—and are therefore solely controlled by—your friends and family. This violates the principle of control of the Bill of Privacy Rights for social network users, and we urge Facebook to fix the problem by letting people opt out.

Actual Facebook Graph Searches

One notable blog that has been making rounds on the Internet is Tom Scott's Actual Facebook Graph Searches. Scott has compiled a number of unnerving—and in some cases, humorous—examples of Graph Searches.

A few stood out to us:

  • Family members of people who live in China and like Falun Gong
  • Mothers of Catholics from Italy who like Durex
  • Spouses of married people who like Ashley Madison
  • Mothers of Jews who like Bacon

These Graph Search results provide, as security expert Bruce Schneier has labeled, "incidental data"—data about or associated with you that other people post. The issue lies in the fact that the people who show up in such search results have no setting to control when they appear. As Facebook explained in a recent blog post, "You control who can see your friend lists, [but] your friends control who can see their friend lists." 

Facebook's answer to this dilemma is for you to take it up with your friends. On Facebook's Graph Search privacy FAQ, it says, "If you're concerned about people searching for info about your friends, you can ask your friends to limit who can see their friends list as well."  

This is no solution. First, you have no way of knowing your friend's settings—whether they publicly share their Likes, Friend lists, or any other of the myriad pieces of information on a Facebook profile. Second, you have no easy way of dissociating with your friends and relationships. No way, that is, except to unfriend them, and that hardly seems like the solution to this problem.

Tom Scott's Falun Gong example is a good hypothetical. Let's say you and your family live in China, and you have your sister listed under your "Relationships." You have the ability to make that relationship status as private as you'd like (e.g., visible only to friends); however, your sister could make it visible to the public. You may never know that sometime down the line she decides to publicly "Like" Falun Gong—and never have the opportunity to "ask your friends to limit who can see their friends list." The first notice that your friends' setting are too public should not be a knock on the door by the Chinese secret police. 

This is a fundamental privacy issue. Before Graph Search, it would be extremely impractical to look through profile after profile to find the people who meet certain criteria—even if the information were set to public. If you tried to automate the search, you would run afoul of Facebook's anti-scraping defenses. Now that the search functionality is so easy, there is nothing you alone can do to stop it.

Fixing the Problem

So how do you fix this problem? Well, the immediately obvious solution is to allow users to opt out of Graph Search results. There is no way of telling what search queries lead to you as a result; honing in your or your friends' privacy settings becomes an exercise in futility.

And perhaps Facebook should also let you choose whose search results you show up in. Already you have fine control over individual pieces of information about you—your phone number could be visible to only your friends, but your listed websites could be made public. Why not extend this control to search results? Facebook's privacy settings already has a "Who can look me up?" section. Unfortunately the offered settings don't quite answer this question the way you think they might.

Graph Search is currently in beta, so only a small percentage of users can conduct searches. But everyone can end up in the results. We urge Facebook to address these issues before the feature is rolled out more widely.

Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Backdoors have been discovered in Arris cable modems. This is why we need a security research exemption to the DMCA. http://w00tsec.blogspot.com/2...

Nov 27 @ 2:15pm

Censorship powers, data retention, and vague hacking crimes: Pakistan's terrible cybercrime bill has it all: https://www.eff.org/deeplinks...

Nov 25 @ 5:11pm

While Bangladesh blocks social messaging apps, locals are turning to Tor and Twitter: https://globalvoices.org/2015...

Nov 25 @ 3:50pm
JavaScript license information