Tag Archives: Criticism of Facebook

The Unfriending Wind of Unfriending

By Jeremy Wagstaff

(this is my weekly syndicated column, hence lack of links. BBC podcast is here.)

It’s an odd world where a word like “unfriending” becomes so common that we all know what it means. And we’re not thinking of unfriending in the old sense of hostile where Walter de la Mare would say

Sighed not the unfriending wind,

Chill with nocturnal dew,

‘Pause, pause, in thy haste,

O thou distraught! I too

Tryst with the Atlantic waste.

By Atlantic waste, here, he’s not referring to the stream of Facebook updates that come your way. But he might have been, because it transpires that Facebook–now one of the biggest nations on the planet, even if it is virtual–is full of unfriending people who will unfriend people for the most trivial of things. Like the cyber equivalent of talking too much.

To unfriend someone on Facebook, by the way, is to remove them from your contact list so they can no longer see what you’re up to. To ‘unfriend’ someone  is to banish them from your Facebook world: Where once they could see your photos, read your wall of musing and generally be part of your life, they will find only a blank space, accompanied by a message that says something like:

People who aren’t friends with Bob only see some of his profile information.

There is none of the fakery and social nuance of real life here: You once were in, and now you’re out. Unless of course you’re so embarrassed when the person complains that you pretend you didn’t unfriend them at all, but that Facebook deleted your account. Technology’s an easy whipping boy.

The New Oxford American English dictionary last year made ‘unfriend’ its word of the year. We like to think that our social networking world closely mirrors our offline world. But it doesn’t. There’s no real-world parallel for something like unfriending–excising someone from your real life isn’t as easy as clicking on a blue “remove from friends” button.

So why do people unfriend people? A survey by a student at University of Colorado Denver Business School has revealed that most people unfriend other people, not because they don’t like them, but because they give them bad information. After surveying more than 1,500 Facebookers, Christopher Sibona found the number-one reason for unfriending is frequent, unimportant posts.

In other words, you can be a good friend to someone on Facebook by giving them good, but not too much, information. Most people, Sibona found out, unfriend people, not because they’ve been nasty to them or because they stole their iPod, but because of the stream of consciousness they tend to throw onto Facebook. In short: I’ll be your friend if you don’t talk too much.

(I have a slight problem with this research: Sibona used Twitter, not Facebook, to reach his audience, which I suspect tilts his findings. Twitter is an information network, and while his questions are about Facebook the responses will inevitably be only from those Facebook users who are also Twitter users. While I’m sure many people use Twitter and Facebook differently, there’s an inevitable bias towards those people who use them similarly. The other problem I have is that Sibona does not appear to be a major user of Twitter–he follows only five people, nor of social networks in general: His LinkedIn page, for example, lists only 33 connections. For someone to research social networks to this degree, once needs to have extensive experience of them. I’m yet to be persuaded Sibona has these credentials.)

What’s interesting about all this is a point that I’ve been making for some time: all social networks use information as their currency. Joining Facebook is not enough: You need to be seen to be on Facebook, and, most importantly, to be seen to be useful on Facebook. This means, at the very least, that you provide entertainment for your friends.

If we believe this research it would seem to suggest that Facebook is not, actually, what it seems. We thought Facebook was a place where we were able to maintain, create and expand friendships. But instead it’s an information exchange. True, some of that information is about our lives, and so could be the stuff of letters we might in the past have stuffed in our end of year update cards to friends and family, but it’s also a place where we catch up on things.

Indeed, other research has shown that a lot of the time what we read online–in other words, where we get our news–is based on what people recommend we read. On places like Facebook.

So it makes absolute sense that some people on Facebook choose their friends the way we might in the past have chosen what newspapers to read: read the most informative; throw out the fluff.

This detachment, this pragmatism and ruthlessness can be seen in other surveys. A study by Nielsen found that half of 500 youngsters it surveyed didn’t personally know all of their Facebook friends. And kids, it turns out, don’t like being friends with their parents on Facebook: nearly a third of teens surveyed would prefer to unfriend their parents–particularly their mothers–if they could.

But it’s also a reflection of the fact that we don’t yet quite understand what the reciprocal obligations are of accepting someone’s friendship on Facebook. It’s virtually impossible to reject an invitation to be buddies on Facebook if you’ve ever met that person, however long ago and however fleeting the connection. But now you’re friends, what’s expected of you?

I offer a case in point.

One evening I searched for some schoolyard chums on Facebook and connected to them. No harm done; after all, they’re probably thousands of miles away so the commitment is negligible. But one wasn’t: He makes frequent trips to my neck of the woods, and I occasionally to his. We failed to meet up a couple of times, until I realised that we never would.

One weekend I found myself in his town and he was enthusiastic about meeting up, but then blew me off three times pleading work–while openly organizing a poker game with his buddies on Facebook.

I decided enough was enough. So I hit the unfriend button. But from it I learned an important lesson: Just because people are your friends on Facebook doesn’t mean they’re your friends. Even if, once, they used to be.

Being Facebook friends was about all my friend was ready for. I don’t blame him, though I wish there had been a halfway house between removing him from Facebook and letting things go on as they were.

In real life we would just have not gotten in touch again. I suppose if we’re youngsters we would stop sharing our Snickers bars or something. But on Facebook there’s a finality there. No going back. Unless of course he realises I’ve unfriended him and asks what happened, in which case I’ll blame Facebook.

AboutFacebook

This is a copy of my weekly Loose Wire Service column for newspapers, hence the lack of links.

By Jeremy Wagstaff

A few weeks ago I talked about Facebook’s brave new world of connecting your profile to all the other bits and pieces you leave on websites. I erred, and I apologize.

I thought that people wouldn’t mind the reduction in privacy that this would involve. At least I didn’t think they’d mind as much as a couple of years ago, when Facebook tried something similar.

But people did. And Facebook has been forced to respond, simplifying the procedures that allow users to control who can see what of the stuff they put on Facebook.

So was I really wrong? Do people still care so deeply about privacy?

Hard to say. Back then I said that we have gone through something of a revolution in our attitudes to privacy, and I think I’m still right about that. But I hadn’t taken into account that just because our attitudes have gone through wrenching changes doesn’t mean we’re comfortable with them.

Social networking—itself only a few years old—has forced us to shift our approach. When the Internet was just about email, that was pretty simple. We might balk at giving our email address out to weirdoes at parties with hair growing out of their ears, but that was no different than handing out our phone numbers, or home address.

But social networking is different. By definition the barriers are down, at least partially, because the network demands it. Networks require nodes, and that means that Facebook and every network like it needs to make it easy for people to find other people—including your folically resplendent stalker.

So already we’re talking a question of degree of privacy. And of course, we insist on these services being free, so the relationship we have with the purveyor of the social network is an odd one: Our investment in it is one of time, not money.

But nowadays many of us value time more highly than money, so we feel oddly possessive about our social networks. It’s not, I hasten to add, that we wouldn’t take our business elsewhere, as we did with MySpace and Friendster, but Facebook is somewhat different.

For one thing, the numbers are astonishing. Facebook has more than 400,000 active users—half of them logging on at least once a day. In other words, for many people Facebook has become email.

This has forced changes in privacy, because it’s impossible not to be private and be an active Facebook user. Unlike email, most Facebook activity is visible to other people. So I can, if I want (and I don’t, but can’t really help it), find photos of my nephew caressing a female friend, something I would have been horrified to allow my uncle to see when I was his age.

In part it’s a generational thing. We adults have no idea what it must be like to surrounded by cameras, transmission devices, mass media—an all-embracing Net–from our early years.

But does that mean that younger people are just more relaxed about privacy, or that they just haven’t learned its value? Much of us older folks’ understanding of privacy comes from having lived under snooping governments, or knowing they exist on the other side of iron or bamboo curtains. Or we read and could imagine 1984.

Or, simply, that we’ve had something private exposed to the public. I once had some love poems I had written at school to two sisters read out in front of the school when I foolishly left them behind on a desk. Since then I lock up all my love poems to people related to each other under lock and key.

Younger people, it’s thought, don’t care so much about this. They grow up in a world of SMS, of camera phones recording every incident, of having one’s popularity, or lack of it, measured publicly via the number of friends one has on Facebook.

This is all true, of course. And while employers may still be Googling potential employees, and looking askance at images of them frolicking, this is going to get harder to do when all their potential employees are on Facebook, and all sport photos of them frolicking.

This is part of a new world where the notion of privacy is balanced by transparency: Online is no longer a mirror image of offline, in the way email was just a more efficient postal service.  It’s now a place that one shares with lots of other people, and to play a role in it entails a certain visibility.

This is both the price and the reward of being online. There are bound to be things we’d rather keep to ourselves but we also recognize an advantage in such public access. Just as people can discover things about us, so can we discover things about them. A rising tide, as they say, lifts all boats. If you have an Internet connection.

In some ways this is deeply subversive, since it undermines the traditional structures of society. A teacher or speaker can be subverted by a back channel of comments among the class or audience to which he is not privy. Reality gets distorted, and traditional dominance undermined.

I was sitting in a hearing the other day where those being grilled by the legislators were maintaining a quite noisy twitter presence that stood in contrast to their respectful tone in the session. Two channels, both of them public, but both of them trains running on parallel tracks. Which of them is real?

Technology is moving ahead, and we’re catching up. But we’re catching up at different rates.

If an employer can’t make a distinction between an employee’s office persona and their, for want of a better expression, their personal persona, then they’re probably not very good employers.

Still, there are limits. The British man who joined a rampaging mob in Thailand and yelled at a passing citizen journalist hadn’t considered the consequences should that video clip end up on YouTube. Which it did and he now faces a lengthy time in jail.

Adolescents who share racy photos of themselves by cellphone are discovering the limits to transparency when those photos spread like wildfire. And one can’t help but suspect that not all school kids feel comfortable with the intensity of digital interactivity.

Which brings us back to Facebook.

Facebook is the thin end of a big wedge. We’ll probably look back and wonder what all the fuss was about, but that doesn’t mean we’re wrong in questioning Facebook’s actions or its motives.

But we’d be smarter if instead of putting Mark Zuckerburg in the stocks, we took stock of what we really want out of these services, and what we really want to share and what we don’t. I suspect that we simply haven’t done that yet, and so we lash out when such moves force us to confront the new reality: that definitions of privacy and openness have changed, are changing, very radically and very quickly.

Facebook’s Internet of Sharing

(This is a copy of my Loose Wire Sevice column, produced for newspapers and other print publications.)

By Jeremy Wagstaff

Get ready for a world where everything is shared.

Readers of this column will already know that our notions of privacy have changed a lot in the past couple of years.

That has made it possible for Facebook to announce a new initiative this past week, pretty confident it won’t get rebuffed in the same way its Beacon program did a few years back.

Back then we didn’t like the idea of companies having access to the things we were doing on their websites and then posting it to our Facebook feed (“Jeremy’s just bought an Abba CD!”)

Now, with Facebook’s Open Graph, we’ll actually go quite a bit further than that. In effect, every web page will become part of your Facebook world, because whoever runs that web page will have access to your Facebook world—and, in a way, vice versa.

If you “like” something on a music website, then that “like” will be broadcast on your Facebook feed. So your friends will see it. But so will that music website have (at least some) access to your Facebook profile, your Facebook network, as will Facebook have access to your profile on that music website.

In short, Facebook will become a sort of repository of all the breadcrumbs you willingly leave around the Internet—what some are calling your “social metadata”. These are all the bits and pieces you leave on websites about songs, pictures, books, food, hotels that you like.

Instead of all that stuff just being little fragments, all those websites that participate in Facebook’s Open Graph will collect it and create a much more complete picture of you than your Facebook stream currently does.

I’m not going to get into the privacy aspects here. Obviously there’s a lot that’s creepy about this. But then again, we willingly share much of this stuff with our friends, and all the applications that we use on Facebook, so maybe we have already made that choice.

Compare this with Google, which collects similar data but in a different way. Google collects your interests, intentions and preoccupations whenever you do a search, or access your email, or look at a map.

Google may be a search engine, and Facebook may be a social network, but they’re ultimately fighting for the same thing: Targeted advertising.

Facebook will do it through social metadata you intentionally leave behind; Google will do it through data you unintentionally leave behind.

I don’t know whether Facebook will win with this or not. But it’s an interesting move, and, if we continue to inhabit Facebook in the numbers we do, we’ll probably slide effortlessly into this world.

And, of course, as we get more mobile, this only becomes more powerful. A research company called Ground Truth found last week that U.S. mobile subscribers spent nearly 60% of their time on social networking sites; the next biggest category was less than 14%.

In other words, social networking is actually more compelling on a mobile phone than it is on a laptop or desktop. Kind of obvious really.

If you want to get futuristic about it, it’s possible to see how this coupling of mobile device and social networking is likely to give a big push to a new kind of device: wearable computing.

Expect to see more of the likes of Ping: a garment that its inventors say allows you to connect to your Facebook account wirelessly and update your status simply by lifting up the Ping’s hood, or tying a bow, or zipping up.

Heaven knows what our Facebook page is going to look like in the future. But it’s a natural succession to the basic principle of something like Facebook, which is that a life not shared is not worth living.

I know I have developed that instinct to share the absurdities of my day on Facebook, and I appreciate it when others do. I’m not talking about the average “my boss sucks” update, but ones which are funny, thoughtful, or both.

One day we’ll look back, as we did at email, and wonder how we lived without status updates.

By then we’ll be swishing our arms or doing up a button to update our page—nothing as archaic as actually tapping it out on a keypad.

I’m not quite sure how I feel about all this. Maybe I’ll update my Facebook status to reflect that.

Hundreds of Facebook Groups Hacked

 image

(Update UTC 2100: I’ve received a reply from Erik Hjort af Ornäs, the registrar of the site itself, and have included his statement below and in the comments, as well as that of Facebook. Both deny any hacking took place)

A hacker, or group of hackers, has found a back door into taking over Facebook groups, and is now doing so, claiming it to be a public service. It has taken over up to 300 different Facebook groups so far.

This is an example of one:

image

On each of them the group name is changed to Control Your Info, the group logo changed and its description is altered to

Hello, we hereby announce that we have officially hijacked your Facebook group.
This means we control a certain part of the information about you on Facebook. If we wanted we could make you appear in a bad way which could damage your image severly.
For example we could rename your group and call it something very inappropriate and nasty, like “I support pedophile’s rights”. But have no fear – we won’t. We just renamed it Control Your Info. Because this is really all we want:
Think about the safety in your social media life to the same extent you do in your real life.
Watch the videoclip for more information or check out www.controlyour.info for more tips soon!
We promise to restore your group name and leave the group by the end of next week. Don’t worry – we won’t mess anything up.
Best regards
/controlyour.info

A message is then sent to all members of that group.

The method is explained on the hackers’ website:

Facebook Groups suffer from a major flaw. If a administrator of a group leaves, anyone can register as a new admin. So, in order to take control of a Facebook group, all you really have to do is a quick search on Google.

When you’re admin of a group, you can basically do anything you want with it. You can change it’s name, and the groups members won’t even get a notification of it. You can send mails to all members and edit info. This is just one example that really shows the vulnerabilities of social media. If you chose to express yourself on the internet, make sure the expressions are your own and not a spammers. This isn’t some kind of scare tactics, nor is it a hack, it’s a feature that can be used, and is being used, in bad ways. Remember, control your info! Also, this project is strictly not for profit and done for a good cause.

It’s not clear to me how they search on Google for recently departed admins, but I’m sure it’s relatively easy.

Neither is it clear who is behind the website itself. The site is registered to one Erik Hjort af Ornas of Stockholm. I’m emailing him to seek more information. Here is his statement:

Our main goal is to draw attention to questions concerning online privacy awareness.

We have seen too many examples where friends and relatives of ours have suffered from their lack of in-depth knowledge concerning their online presence. After some research we discovered  this is a wide spread problem. People have even lost their jobs over Facebook content. So we wanted to do something about this.

Our method of choice only serves the purpose to prove our point and put emphasis on how easy it is to lose track of a part of your online presence. If we wouldn’t have communicated this way, our message would probably have fallen into oblivion the moment it got out.

So, what exactly did we do and how?

We discovered that many groups on Facebook are left without an administrator. All we needed to find these groups was one quick Google search. The search results also revealed many groups that already had been hijacked by various people. Their intentions remain unclear.

So we simply joined 289 open groups and made ourselves administrators. We did not hack anything. Once we were administrators we owned the groups and could have changed any setting. We chose to change the picture, the name and the description of every group. Our intention was and is to restore these groups to their original form and find a suitable admin among the members. To be able to do this, we first backed up all the data we wanted to replace.

During the process we broke the terms of service, as defined in the Statement of Rights and Responsibilities of Facebook, and were rightfully banned:

§ 4.1  “You will not provide any false personal information on Facebook, or create an account for anyone other than yourself without permission”.

We created fictive accounts for one reason: we wanted to put focus on our message rather than our persons. It also eased the process of joining and administrating this large number of groups.

Facebook is apparently not aware of this bug in their software. In response to an emailed query, .Facebook claims there is no bug in their software, that any hacking took place, nor, apparently, that there was any mass takeover of groups. According to a spokesperson:

There has been no hacking and there is no confidential information at risk.  The groups in question have been abandoned by their previous owners, which means any group member has the option to make themselves an administrator in order to continue communication to the group.  Group administrators have no access to confidential information and group members can leave a group at any time.  For small groups, administrators can simply edit a group name or info, moderate discussion, and message group members.  The names of large groups cannot be changed nor can anyone message all members.  In the rare instances when we find that a group has been changed inappropriately, we will disable the group, which is the action we plan for these groups.

My comment on this: 300-odd Facebook accounts hacked—or usurped, or hijacked, or whatever you want to call it—is not a ‘rare instance’. What’s more, the groups I checked were very much still active. I frankly don’t find the Facebook response particularly helpful or reassuring.

It’s hard to see how this public service helps—the group, or individual, should be approaching Facebook and helping them plug the hole. This tactic is likely to sow confusion and fear among the Facebook populace, and possibly lead to the erasure of some treasured data on those defaced groups.

Another Facebook Hole?

(Update: Facebook have confirmed the flaw—although it’s not as serious as it looks—and have fixed it. See comments.)

The complexity of Facebook makes it likely there are holes in its privacy. But this one, if I’m right, seems to suggest that it’s possible to access someone’s private data by a social engineering trick outside Facebook.

Today I received an email invite to join Facebook from someone I’ve never heard of. Weird, firstly, because this was not someone I think I’d have known. Weird, also, because I’m already on Facebook.

image

Just to make sure, I clicked on the link to sign up for Facebook and took the option there to sign in with my existing account.

That took me to my usual Facebook page. No more mention of the dude wanting to be my friend. At no point was I given any option to let this person into my life or not.

So I Googled the guy’s name and, lo and behold, I find I’m already on his list of friends:

image

Slightly freaked out, I went back to my account to see if this person was included in my list of friends. He wasn’t.

In other words, this guy can now see all my account details, and I can’t see his. Moreover, at no point have I accepted anything. All I’ve done is click on a link that said: To sign up for Facebook, follow the link below.

What I guess has happened is what happens if you click on the profile of someone who is not a friend but has sent you a message, or asked you to be a friend. In either case, I believe, that person then gets a week’s access to your profile.

I think this is dumb. But I think it’s dangerous that anyone can email me and, if I then click on a link to check out who they are, I now cede access to my information without being able to block it, or to be able to access his Facebook profile to see what kind of person can now access my data.

The Toolbar Community

image

I’m really intrigued by the return of the toolbar. Only now it’s not a toolbar. It’s more of a ribbon that appears in your browser on certain sites. Facebook started it but have oddly put it at the bottom of the screen:

image

Facebook Connect, which I was so rude about yesterday, extends this idea.

NYT has just launched its own TimesPeople (above) which allows you to see what friends who are also registered with the service are recommending.

The whole idea, of course, is to keep eyeballs on the site in question by building a community around it. If I get suggestions from people I like/trust then I’m more likely to read them than if the NYT recommends them.

Facebook Connect takes this a stage further. Instead of the community being within the site itself, it’s an external community—on Facebook—that moves with the user. In essence it leverages the Facebook community you already have so third party sites can profit from that: If I like something on a Facebook Connect site, then my Facebook buddies will all trot along and read it.

All this is a good idea if you are a website. Media sites like NYT are fighting the mobility of information—the fact that it’s just as likely I’ll read a NYT piece off their website as on it. (Either through an RSS reader, or because someone has cross-posted it or part of it.) What all websites want to do is to keep their readers within the site, and building a community is a good way to do that.

The toolbar is a useful way to do this, since the technology now is available to do this pretty well (TimesPeople’s bugginess aside) without the user having to install anything. If you don’t want the toolbar you can get rid of it easily.

Facebook’s own toolbar is also pretty unobtrusive. Facebook Connect is more intrusive, at least in its introduction, but has received mostly positive reviews. Once signed in you’ll be able to see your friends who are on the same site, and their friends, and hook up with other Facebook users who are on the site. Privacy is an issue here: Do you want your boss to see you pop up on a celebrity site in the middle of the workday?

That aside, a pattern for the future emerges pretty clearly: media companies believe they’ve found a way to differentiate themselves from smaller outfits—blogs, basically—and to build on their volume of content by encouraging communities within their walled gardens. NYT may be big enough to do this: If I visit the NYT site to read a story, I would consider it a useful service to see a list of stories recommended by my NYT buddies.

But it’s still a pain to have to build yet another community around you for each site that offers the service. This is where Facebook Connect comes in. Don’t build a new community; just bring your Facebook community with you.

Community companies lke Facebook are happy to help them build that because they are not creating content themselves, and they have found there’s not enough within their sites to monetise sufficiently. So they have something media companies want to buy—readymade communities of shared interest who can act as recommendation engines to make their websites more sticky.

Facebook etc are so much more powerful and monetisable, in short, if they’re not wedded to the website. That for now means other websites, but of course down the road it could mean physical space too. Think Facebook on your location-aware iPhone able to find books in a shop recommended by your friends, perhaps?

Whether my Facebook community is quite as transferable as it may seem is the question. I have a lot of good friends on Facebook, but I’m not sure our interests overlap that much. In fact, I’d say I’ve got several overlapping online communities of friends and acquaintances, some better suited to others for this kind of thing. My twitter community is little different to my plurk community, to my LinkedIn community and my Facebook community.

Still, TimesPeople is an interesting start.

Reblog this post [with Zemanta]

Facebook’s Trapdoor

I’m puzzled.

I can’t understand this quirk in Facebook that means I can’t politely brush off someone requesting my friendship without giving them access to all my friends and a lot of my info. 

Receive a friend request and you get this message:

image

I have a rule that I don’t make buddies with people I’ve not actually met, or know online. Instead I divert them to LinkedIn, a sort of frat house for networking. Facebook is for friends. So I usually try to brush them off with a message.

Only you can’t do that anymore.

Click on the Send message button, and you get this text at the bottom of the message window:

image

It says:

If you send xxxx a message, you will give them permission to view your list of friends, as well as your Basic, Work and Education info for one month.

In other words, you can confirm someone, you can ignore someone, but you can’t send them a message that says “do I know you?” or “not sure we’ve met, how about you email me on LinkedIn?” Well you can, but you’ve got to give them some of the biggest keys to your little Facebook kingdom first.

Why? What is the point of that? What possible benefit is it to me to allow that to happen? Why would I let someone I haven’t met, and who I have no friends in common with, have access to that kind of information? And, more importantly, shouldn’t I be a little bit worried that my Facebook friends are allowing this to happen? How many of us actually read those little notes?

I am trying to think of a logical reason for this. Why would Facebook make it impossible for someone to reply to a request with a message that does not commit them to giving access to their information?

The only reason I can assume, perhaps because of my conspiracy-addled mind and limited brain power, is this: If the person requesting the connection has access to that information, so do most of the applications he is using. Facebook doesn’t care how long the connections last between users; all it cares is that it has access to the data. Who cares if it’s only for one month? That information only needs to be grabbed once. In other words, my theory goes, that data is valuable enough for Facebook to create a sort of trapdoor through which unsuspecting folk might allow their data to be compromised.

Or am I missing something? I must be.

Technorati Tags: ,

Who Needs Enemies When You Have Facebook Friends?

It might be time to remove a) all your data and b) all third party apps from your Facebook profile. Here’s why.

Add a Facebook app — SuperPoke, all that kind of stuff — and you’re required to agree to “allow this application to…know who I am and access my information.” Disagree and you can’t install it.

Now this may be fine for you. But what the application doesn’t say is that the application is also now able to access the private data of your friends. To be clear about this, I’m not talking about friends who also agree to install the app; I’m talking about all your friends, period.

And most applications do access this data, without really needing to, according to research by the University of Virginia. In other words, by accepting someone’s friendship on Facebook, you’re agreeing to allow all the third party apps they install to access your private data.

What is private data? Well, think your name, your profile picture, your gender, your birthday, your hometown location…your current location…your political view, your activities, your interests…your relationship status, your dating interests, your relationship interests, your summer plans, your Facebook user network affiliations, your education history, your work history,…copies of photos in your Facebook Site photo albums…a list of user IDs mapped to your Facebook friends. (from Facebook’s Application Terms of Service, via Webware.)

This is not good. Especially when you consider that this data is stored, not on Facebook’s computers where you and they might be able to keep an eye on it, but on the computers of the third party apps. And this is where it gets tricky.

Facebook’s response to these revelations, detailed and explored by Chris Soghoian over at Webware, is that it’s basically up to us users to gauge whether a Facebook app is kosher and going to be careful with our data. But who are these third party developers?

I explored this a bit last November, when I tried to find out who was behind one app called ATTACK! I eventually was able to, but it wasn’t easy, and it definitely wasn’t just a question of visiting their homepage (they didn’t have one, although the developers have since posted a comment there saying they hadn’t had time to set one up, and have changed certain features. It still doesn’t have a link to any webpage that might give a user any insight about who is behind the app, though the developers do provide links to their Facebook pages.)

The points are twofold:

  • Our data is vulnerable to the weakest link in the chain, which will be a friend we’ve given full access to who installs every third party app there is. Do you know who all your friends are, and can you trust them not to install every app they come across?
  • We’re endangering our friends’ security by installing third party apps.

For me the bigger issue is this. Facebook is already facing investigation in the UK for making it too hard to delete one’s personal data. So, if these third party apps are storing our data without our knowledge on their own computers, what happens to that data if we decide to delete our private data from our Facebook account, or our Facebook account entirely? How do we know what is deleted and what isn’t?

Exclusive: The next Facebook privacy scandal | Webware : Cool Web apps for everyone