Back to News & Commentary

Is Facebook Having Another Privacy Disconnect?

Chris Conley,
Policy Attorney,
ACLU of Northern California Technology and Civil Liberties Project
Share This Page
April 21, 2010

The very first sentence on Facebook’s privacy guide page states: “You should have control over what you share.”

That seems fairly simple, doesn’t it?

But many of Facebook’s recent actions, such as its much-criticized “privacy transition,” have made it harder for users to retain control over their information. Is this week more of the same?

Earlier this week, following up on its recent policy changes, Facebook announced its plans to create more dynamic profiles using “Connections.” What exactly counts as a connection wasn’t clearly defined either time, but seems to include things like friends lists, likes and interests, events, groups, and activities. (Today’s announcement of the Social Graph API includes News Feed, Wall, Notes, Photos, and Videos as “connections” too, but Facebook may be overusing the word to mean different things.)

More importantly, it also isn’t clear whether users will have real control over how their connections are shared. Both Facebook’s Monday announcement and its recent policy changes have suggested that users cannot prevent applications, pages, and other third parties from accessing these connections. (They may be able to “hide” them from other Facebook users, but not from the government, advertisers, or anyone else with the ability and incentive to create apps or pages.) However, today’s new documents for developers point to the Extended Permissions page that requires that applications and pages to explicitly ask the user before accessing various “connections,” including interests, events, groups, and location.

If Facebook believes that you “should have control over what you share,” it should resolve this by giving users real control over whether their connections can be accessed by apps and pages. Doing so still won’t resolve other issues, like the “app gap” that allows your friends’ applications to view your personal information without your knowledge or consent, but it would be one step in the right direction.

Otherwise, the only way you can keep control of your information is to refuse to use Facebook to share or connect at all. And that’s not what we mean by control.

So don’t let Facebook take away control over your personal information! Tell Facebook that you want to have control over your friends, groups, events, and interests so that you — and not Facebook, the government, or anyone else — choose how and when they are shared!

Demand control of your personal information — Demand Your dotRights!

Learn More About the Issues on This Page