Facebook & Privacy
Feb. 6th, 2008 08:45 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
hmmm_teaHaving got my new computer a couple of months ago, I've recently been spending quite a bit of time thinking setting it up and thinking about what I want on there and how I want it set up. Part of this is obviously transferring my email addressbook from my old machine.
So having this in mind and with the ever present messages from Facebook, the obvious thought occured to me that as a large number of my friends were on Facebook and have their contact details on there then perhaps I could just import these into my mail client. Apparently not, Facebook offers no export functionality and all the third party programs that offer this functionality break Facebook's terms of service. There even seems to have been one user banned for using a script to pull this data off, which is fair enough really as having signed up to the terms of service before putting your info up there, you'd expect it to be treated in accordance with this.
However, it has got me thinking about contact details shared on these sites and what that implies in terms of user privacy. As a Facebook user you have free choice how much of this information you want to enter into the site (with the proviso that you need an email address there, but you can make that private) and can set the privacy settings for these as you please (can prevent people seeing these details all together, make them only open to your "friends", etc). You can also restrict users to only seeing a limited profile (although I've never tried this out). With so much control over who can see this data, you would think this would be enough to allow them to use it in a reasonable away (eg adding contact information to personal address books or even contacting you with it)?
Personally, when I joined Facebook it seemed such a good way to share contact details with people I know that I put them all up there, but limited them all to my friends only. People on there are free to put them in there address books if they want to and to use them to contact me in any reasonable way. After all, a lot of them are already published to most of Croydon in the phone book and what's the point of contact details if you don't share them with people.
Given how difficult it is to pull contact details from Facebook, it seems strange that any Facebook application one of your friend's runs can have access to any of the other details you make visible to that Friend (eg Birthdays, Education Info, Work Info, etc) in fact you can apparently export all this data to CSV using the FriendCSV application. Surely this is the bigger worry for data security, as it's here that the answers to your security questions, etc may lie?
Add to that the fact that Facebook applications seem quite capable of spamming you anyway (unless you block them individually) and this seems fairly inconsistent and doesn't make a lot of sense to me.
To top all this off Facebook have now joined The DataPortability Workgroup which seems to imply they'll end up sharing this data in the end anyway, so maybe one day we'll be able to integrate the useful details of those friends who are willing to share them into the places they are most useful.
So having this in mind and with the ever present messages from Facebook, the obvious thought occured to me that as a large number of my friends were on Facebook and have their contact details on there then perhaps I could just import these into my mail client. Apparently not, Facebook offers no export functionality and all the third party programs that offer this functionality break Facebook's terms of service. There even seems to have been one user banned for using a script to pull this data off, which is fair enough really as having signed up to the terms of service before putting your info up there, you'd expect it to be treated in accordance with this.
However, it has got me thinking about contact details shared on these sites and what that implies in terms of user privacy. As a Facebook user you have free choice how much of this information you want to enter into the site (with the proviso that you need an email address there, but you can make that private) and can set the privacy settings for these as you please (can prevent people seeing these details all together, make them only open to your "friends", etc). You can also restrict users to only seeing a limited profile (although I've never tried this out). With so much control over who can see this data, you would think this would be enough to allow them to use it in a reasonable away (eg adding contact information to personal address books or even contacting you with it)?
Personally, when I joined Facebook it seemed such a good way to share contact details with people I know that I put them all up there, but limited them all to my friends only. People on there are free to put them in there address books if they want to and to use them to contact me in any reasonable way. After all, a lot of them are already published to most of Croydon in the phone book and what's the point of contact details if you don't share them with people.
Given how difficult it is to pull contact details from Facebook, it seems strange that any Facebook application one of your friend's runs can have access to any of the other details you make visible to that Friend (eg Birthdays, Education Info, Work Info, etc) in fact you can apparently export all this data to CSV using the FriendCSV application. Surely this is the bigger worry for data security, as it's here that the answers to your security questions, etc may lie?
Add to that the fact that Facebook applications seem quite capable of spamming you anyway (unless you block them individually) and this seems fairly inconsistent and doesn't make a lot of sense to me.
To top all this off Facebook have now joined The DataPortability Workgroup which seems to imply they'll end up sharing this data in the end anyway, so maybe one day we'll be able to integrate the useful details of those friends who are willing to share them into the places they are most useful.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2008-02-06 11:51 pm (UTC)[1] That is, it sounds weird, but sort of makes sense. A phone book is fine, a reverse phone book is something else (that is worrying in at least some contexts where a phone-book wasn't, although we may have come to accept them anyway). They contain the same data, sort of, but previously, technical limitations put a convenient social barrier on some uses. So I don't have any problem with any friend who wants my number scraping it from facebook. But admit feel *slighty* uncomfortable if they all did so automatically.
The same way I'm happy for friends to know something in person, and for them to share with friends of friends, but don't want all 2 and 3 removed friends to be able to stalk me automatically, I want some artificial filter to notice if they overdo it.
[2] Or, of course, maybe that's sometimes the case but mainly the terms of use are just stupid muppetry, designed to stop someone scraping public data (eg. email addresses of everyone who doesn't restrict them to friends/authenticated networks), and then randomly applied to someone who abstracted some perfectly acceptable tedium because a ban-hammer-sue-happy admit wasn't thinking. Or somewhere in-between.
no subject
Date: 2008-02-07 12:13 am (UTC)Not sure what Facebook's default privacy settings are, but if these were set to a sensibly restrictive level, surely there would be no issue with those that were willing to share these details letting them be shared.
Surely sharing contact details is a fundamental part of social networking? As it is you can find out addresses for any friends that have chosen to share this with you, but as they're images you need to type it out again - can't even cut and paste.
no subject
Date: 2008-02-07 01:18 am (UTC)no subject
Date: 2008-02-07 01:00 pm (UTC)1/ allow my (email, phone, bank) address to be included in an exportable csv file for
[ ] no one
[ ] specific friends → expanding ticky
[ ] all my friends
[ ] all my friends and all my networks
[ ] everyone evah, hell, why not just publish it on my website
2/ which information are you happy to publish in this way
[ ] email
[ ] snailmail
[ ] phone
[ ] date of birth
[ ] inny or outy
...
no subject
Date: 2008-02-07 05:41 pm (UTC)You can setup a limited profile and restrict certain friends to this, but you can't control who can see what to any greater degree then this. The Livejournal model of setting up friends groups seems a nice solution to doing the specific friends thing. Although that would be a bit more to implement then a simple tick box.
An obvious use of facebook to me would be to be able to integrate it into your mail client, so you could look up addresses of your friends. I was originally thinking of plugins for mail clients, but thinking about it, what might be most useful would be if you could login to your Facebook account via something like LDAP and access the information shared with you in your mail client that way.
Alas facebook doesn't seem to have any applications to share your inny/outy state at the moment...