Even as he is being hailed as a billionaire genius akin to Microsoft founder Bill Gates, the empire Mark Zuckerberg has built is taking fire from critics on all sides over the way it handles private information. But is all of this criticism fair? Probably not.

The tension between Facebook and its users — and governments, and advocacy groups — over privacy is one of the biggest thorns in the company’s side right now, as it tries to balance the demands of the network (and of advertisers) with the desires of users, and with the law. And all of this is taking place in an environment where the very meaning of what is “private” and what is “public” is being redefined, by Facebook and other online giants such as Google, and even users themselves sometimes can’t decide what information they want to share with the world and what they don’t.

Over the past few weeks, the social network has been caught at the center of a privacy maelstrom, with consumer groups attacking it — 15 of them filed a formal letter of complaint with the Federal Trade Commission late yesterday — senators sending threatening letters, and growing numbers of users canceling or deactivating their accounts over privacy concerns. The company has been struggling to respond to security holes that expose private data such as chats, and a survey released yesterday by Consumer Reports says that more than 50 percent of people engage in what it calls “risky behavior” on the social network. Another survey of Facebook users finds that their use of the network is inherently shallow and largely unfulfilling.

Even as he is being hailed as a billionaire genius akin to Microsoft founder Bill Gates, the empire Mark Zuckerberg has built seems to be taking fire from critics on all sides. But is all of this criticism fair? Probably not. It’s true that Facebook’s launch of recent changes involving “instant personalization” and the creation of community pages related to users’ profile interests has been badly handled. And it doesn’t help that many people are confused by how to adjust their privacy settings, how to control what information is displayed, and how to disable applications (we put together a comprehensive guide to the new changes and how to disable them if you want to).

But it’s also true that Facebook exists, and has accumulated almost half a billion users worldwide, because it makes it easy for people to connect with their friends and family and to share things with them: photos, thoughts, social games, goofy gifts and yes, even birth dates. Plenty of people clearly want to do this, even after they have been repeatedly warned about the risks, because they believe the trade-off is worth it. And perhaps Facebook doesn’t make it as clear as it could what is involved, or how to fine-tune its privacy controls — but at the same time, some of the onus for doing these things has to fall to users.

The complaint filed by the 15 consumer advocacy groups states that:

Facebook now discloses personal information to the public that Facebook users previously restricted. Facebook now discloses personal information to third parties that Facebook users previously did not make available. These changes violate user expectations, diminish user privacy, and contradict Facebook’s own representations. These business practices are Unfair and Deceptive Trade Practices.

The complaint specifically mentions the “instant personalization” feature that allows Microsoft’s Doc.com, Yelp, and Pandora to personalize their services when a user is logged in to Facebook, and also refers to the fact that Facebook connects profile details such as hometown, movie and music preferences, etc. to public “community pages.”

Those criticisms are all well and good, and the “instant personalization” feature probably wouldn’t have drawn as much fire if it wasn’t turned on by default, but Facebook does allow people to turn it off, and it tells them that their interests will be connected to community pages and become public, and allows them to opt out. It’s not clear from the complaint what the 15 privacy groups would rather the social network do, except not share any of that information at all. But here’s the rub: personalization is a useful feature, and community pages might be as well (it’s still too early to tell).

The Consumer Reports survey, meanwhile, says 52 percent of people post risky information on Facebook. It looked at 2,000 online households in January and found that 9 percent of social network users had been the victim of some form of online abuse in the past year such as malware infections, scams, identity theft or harassment. The report warned about a number of different “risky” activities such as posting your address, when you are home, and so on. But it also mentioned posting photos of family members as a risky behavior (stalking), along with your birth date (potential for identity theft), and other fairly commonplace activities. Isn’t posting photos and names and birthdays part of what Facebook is about? It wouldn’t be much of a social network without them.

Another survey, done by a Dutch company, interviewed readers of Fast Company about Facebook, including asking questions designed to determine whether they were really getting what they wanted out of the social network. The study determined that many users were not really engaging in deep social relationships and therefore weren’t getting a lot out of being on the network. “Online social networks make it easy for people to accumulate friends rapidly and to make commitments easily,” the study said, concluding that “what define social networks most [is] a lack of depth in relationships.”

But even this supposes a false dichotomy, between the connections we make through a social network and “real” relationships, where we phone each other and talk about our personal problems or the death of a loved one. The idea behind social networks, as described by sociologists, is that they help to create an “ambient awareness” of significant people in our lives — friends, family, acquaintances, co-workers — and allow us to stay in touch with them in some small way, not that they replace or mimic real-world relationships. If anything, they should help strengthen them.

And privacy? That’s complicated in the real world, too — Facebook didn’t invent that, or even pioneer it online. People have been breaching each other’s privacy for decades. Just because Facebook is making some mistakes doesn’t mean it should become the lightning rod for all of our pent-up dissatisfaction with normal human behavior.

Related content from GigaOM Pro (sub req’d): How Facebook Should Fix Its Privacy Problem

Post and thumbnail photos courtesy of Flickr user Afroboof

You’re subscribed! If you like, you can update your settings

  1. facebook is creating a lot o problems it just not that it have privacy problem it has other problems too…

  2. “Just because Facebook is making some mistakes doesn’t mean it should become the lightning rod for all of our pent-up dissatisfaction with normal human behavior.”

    No, it should be a lightning rod because it is one of the largest publicly accessible database or personal informtation in existence, and constantly makes changes to expose that data and then telling its users. Do you really not get that?

    1. I’m not saying it shouldn’t be criticized at all, Bryan, or that we shouldn’t point out mistakes it is making. Just trying to keep things in perspective.

  3. I think the overall theme here from privacy advocates etc is “You changed the rules by default – that’s not very nice” and the response by facebook is essentially “but you can turn it off”.

    The issue here then is not only one of privacy but one of trust. Substantial changes to the direction a platform is going in are understandably of concern to some portion of the users who feel ill at ease perhaps not just for what facebook is doing now, but what it might do in the future.

    Facebook does understand this. At f8, all announcements about this were heavily couched in terms to make this as appealing as possible to developers, without sounding scary to the general public.

    But I think the response by Facebook is still insufficient. When you see how Google reacted (albeit belatedly) after the fracas over Buzz, It might seem more appropriate for Facebook to at least have offered an option across the network to explicitly turn it on or off – rather than engaging it by default.

    On a more technical front, the recent private chat exploit seems not to engender much faith in their ability to keep things together in that respect either.

    1. I agree that the opt-in nature of some of the new features was a bad move, and that Facebook needs to be careful about losing trust.

  4. Sorry, I’m not giving Facebook a break in this regard.

    FB accumulated 400 million users on the premise that “what happened on the Facebook stayed on the Facebook”. Now Facebook is changing tack and is FORCING users to publicize sensitive personal information that can be easily abused. Choices are being obliterated.

    There’s no choice where Pages are concerned. Either you link your profile to public Pages, or you have a blank profile. Only a double bind would be worse.

    RE: Instant Personalization. There is no doubt in my mind that Facebook has deliberately made it hard to opt-out. One SINGLE click should do the trick. But it takes clicking 5 different settings to plug the holes (for now, based on only 3 partners), and even that’s not a done deal??

    And if you want out altogether? Ha! Deactivation versus deletion. That’s a joke. If you don’t already know the URL for the REAL delete your account page, it takes what? 8 clicks to get there?? It’s an obstacle course, and Zuckerberg’s no dumb bunny. He knows full well that people give up half-way through the process.

    Zuckerberg does not deserve the benefit of the doubt you so generously give him.

    Facebook makes a huge deal of how many locks they allow you to have on the front door, and all the while it’s shipping your belongings out the windows and the back door.

    I don’t know why people put up with this nonsense. I won’t.

  5. Interesting article. In fact Electronic Frontier Foundation came out with time line on the changes over privacy controls over time in FB. Here the link, you might want to check it out Facebook’s Eroding Privacy Policy: A Timeline http://eff.org/n/10206

    1. Mathew Ingram ghosh Friday, May 7, 2010

      Thanks for the link, Ghosh.

  6. M. Edward (Ed) Borasky Thursday, May 6, 2010

    Actually, Om, it’s really not complicated at all. The first few times Facebook started making more stuff public, there was a lot of noise from the blogosphere, but ordinary people weren’t frightened and even the rabid naysayers were still maintaining a presence on Facebook.

    This time it’s different. The US Senate is involved. Attorneys are involved. Defects have caused privacy breaches beyond even what was intended by Facebook. And executives of Facebook are saying, “Are we perfect? No.” The question they aren’t asking is “Are we competent?” And sadly, I think the answer to that one is “Hell, No!”

    Do I think Facebook will survive? Probably. But they are going to need a serious competence transplant, and fast! It’s really not complicated at all – they’re simply a bunch of incompetent managers who’ve stumbled onto something that’s taken the world by storm and can’t manage it.

    And yes, I still have a Facebook account. But I don’t think I will for long – it’s not giving me any value.

  7. ya, it’s complicated, Facebook does understand this. At f8, all announcements about this were heavily couched in terms to make this as appealing as possible to developers, without sounding scary to the general public.

    1. awesome spam that copies bits from my previous comment. Clever ;)

      “all announcements about this were heavily couched in terms to make this as appealing as possible to developers, without sounding scary to the general public”

  8. More than half a billion accounts which includes companies,events … and such.

  9. I agree w/ MacSmiley. I can’t give FB a break on this. The general issue of privacy may be complicated, but here’s something that isn’t: People hate default opt-ins. FB surely knows this (especially considering its prior experience with Beacon), but went ahead and did it anyway with Instant Personalization and didn’t tell you how to opt out. We all know that it’s more profitable for FB if its users share more personal info. It’s also secure in the knowledge that barring some catastrophic breach of privacy, its users aren’t likely to defect en masse. So in the absence of a financial motive for the company to really protect its users’ private info, you have to rely on the company’s ethical standards to protecting privacy. That’s why FB’s “ask for forgiveness rather than permission” approach is a cause for concern. The eff.org link someone provided below is an excellent analysis of how FB’s attitude on privacy has changed over its existence.

  10. Facebook Big Mac Attack – Not For Me, Thanks. Top 10 Reasons to … | CloudAve Friday, May 7, 2010

    [...] The Relationship Between Facebook and Privacy: It’s Really Complicated says Mathew Ingram @ GigaOM this morning, and I strongly disagree.  There is nothing complicated about it.  Facebook does not give a *** about privacy: it’s a concept CEO Mark Zuckerberg finds obsolete, simply does not believe in at all. Now, in reality, even Facebook caves in  to demands of privacy, but they are either careless or incompetent, or both, plugging one security hole after another. [...]

Comments have been disabled for this post