Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy (UPDATED)

Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy (UPDATED)

Summary: If you're sick and tired of FaceBook's continual encroachment on your privacy, here's how to lock it down like a SuperMax prison or give it the Death Penalty.

SHARE:
36

If you're sick and tired of FaceBook's continual encroachment on your privacy, here's how to lock it down like a SuperMax prison or give it the Death Penalty.

[UPDATE: FaceBook has made a number of alterations to their Privacy Settings since this article was first published. I've updated the Gallery as well as the videos to reflect these new changes. Additionally, I have re-structured this article so that those of you with simpler profiles can ignore the Centralized Updates/Fan Page stuff which is posted towards the end of the article.]

I finally decided after all of FaceBook's continual invasions on my personal privacy by sharing data to people and services which I don't want -- and by being completely irresponsible and untrustworthy in terms of computer security -- that it was time to lock down my profile and minimize my exposure, while still allowing select people to interact with me on my User Profile.

With FaceBook, this is a very difficult thing to be able to balance, and I'm still not 100 percent sure that I wouldn't be served by destroying my profile and leaving the service altogether, but I believe that for the time being, I've been able to create some sort of "miserable medium" that I can tolerate.

Why I Put This Guide Together

FaceBook is an extremely complicated and confusing online service to use, with lots of settings that are needed to secure a profile and prevent undesired dissemination of information. Because I no longer trust the service whatsoever, I've created a "How-To" for the advanced user for locking down their profile and minimizing their risk

Keep in mind that this "Lockdown" I created is an extremely draconian method -- nobody will be able to share your information or your statuses, you will not have any personally identifying information unless you absolutely choose to, and only the most essential applications will be authorized.

Also Read: Contemplating FaceBook Hara-Kiri

Also See: Locking down your FaceBook account step-by-step (Gallery)

For those of you who only maintain a simple FaceBook profile, just go through Step 1 and Step 2.

If you're fed up with FaceBook altogether, go through Step 3 to remove your FaceBook profile completely.

For Advanced Users:

The user for which I have in mind for "Advanced" is someone who is extremely concerned about their personal privacy and security, but also may wish to have people contact them via a brand or a business or some other following they maintain.

In this case I created this "Secure FaceBook Systems Architecture" to suit my own personal needs, in order to be able to interact with essential friends and business contacts in my personal profile, but also to allow anyone to interact with me in relation to my two blogs, Tech Broiler and Off The Broiler.

This requires groups of people to be compartmentalized and thus two separate profiles have to be maintained: Your secure personal profile, and also a Public Fan Page.

Additionally, this method also provides the ability for centralized Status Updates to both the personal profile and the Fan Page via Twitter, using automatic RSS synchronization.

I have added optional "Advanced" sections at the end of this guide which show you how to do this.

Step 1: Kill Your Excess Friends

Here's the part of the exercise which might be most difficult for you. The only way we can control the spread of information is to reduce the number of people who have access to it. That means killing off FaceBook friends.

Before I started this exercise, I had over 1200 friends on FaceBook. Most of these people were folks who followed my blogs and magazine writing over the years, who didn't interact on my wall or never posted a reply to any of my status updates. So I felt no remorse about deleting all of these people off my profile.

In the hierarchy of who I believe one should retain as friends on FaceBook, I believe it starts with Family, then "Real Life" friends, then close personal contacts and acquaintances, and then POSSIBLY business associates.

However, in the case of business associates, unless they are also business friends, you should probably be using a different networking tool, such as LinkedIn, which is an excellent service for this purpose and I highly recommend it.

In my opinion, the total of people who should have access to your personal profile should not exceed 250-300 people on the high end, and if possible it should be smaller than that.

I'm still in the process of determining who should have access to my profile, so I don't know what my "sweet spot" is yet, but I suspect that the 302 friends I now have at the time of this writing will probably be reduced further.

To start removing friends you don't want, click on the upper right hand side on the Account menu and select "Edit Friends". You'll then see an alphabetical list of all the  people you have friended. To the right of the name of the person you want to eliminate, click on the "X" and choose "Remove Connection".

Step 2: Lockdown

Lockdown from my perspective means that we are going to set every single security option to the most restrictive level possible and giving people extremely limited visibility into your personal information.

You could certainly deviate from this, such as continuing to allow certain applications such as games to run, and opening up certain fields, but be aware that any hole you leave open could result in an unfortunate situation such as a personal embarrassment or even worse, stalking or identity theft.

You may ask, "Why so restrictive? Aren't these people that you're giving access to your profile your real friends?"

If indeed these people are your real friends, family and close acquaintances, they probably already know what your phone numbers are, where you live, what you like to watch on TV, what your favorite sports teams are, et cetera.

Who we're really concerned about is someone getting access to your information who we DON'T consider a friend, and that includes FaceBook's management who we have established are willing to expose your information to third parties and have maintained very loose and variable definitions of personal privacy, not to mention that its founder and CEO may very well lack basic ethical behavior.

FaceBook profiles contain a large amount of data, so for the purposes of brevity in the article text, we've included screenshots and the effective rights settings in a gallery that I think you should use in order to ensure your privacy and user security.

Also See: Lock Down Your FaceBook Profile in 20 Minutes (Videos)

However, here are the essential steps you need to take for the actual Lockdown:

Profile Data Elimination/Obfuscation

1) Edit your profile Basic Information tab to remove all identifying personal information,  Your Bio should contain only a very basic summary of who you are or what you absolutely feel safe and secure about being potentially exposed, and a URL link to your Fan Page. I used the following text:

I write technology articles for CBS Interactive's ZDNet Tech Broiler blog. I also write about food and technology for my personal blog, OffTheBroiler.com, which I started in 2006.

I am also known for founding the food website eGullet.com and I have been writing for various technology publications since the mid-1990s.

Please join my Fan Page if you are interested in following my exploits:

http://www.facebook.com/techbroiler

If you feel you have been de-friended in error, shoot me a message.

2) Remove all Relationships from your Profile data. That means your wife, your children, your parents, your other filial connections, et cetera. Your family already knows you're related to them and anyone close to you probably already knows already too.

3) Delete all Likes and Interests from your Profile data.

4) Delete all Education and Work entries from your Profile data.

5) Delete all Contact Information from your Profile data with the exception of email addresses and your web sites. For City/Town, use bogus data. I chose the Icelandic ice sheet where the Eyjafjallajokull volcano is.

Application Elimination

On the upper right of the screen, click on Account, select Application Settings, and filter under "Authorized". Remove every single non-essential 3rd-party application. If you've engaged in a lot of quizzes and games with your friends in the past, you may have a very large amount.

You will only need Ads and Pages, Events, Gifts, Groups. Links, Notes, Photos and  RSS Graffiti (if you are doing the advanced steps)

Additionally, you can permit any mobile clients that you use on your Smartphone or MID device to interact with FaceBook.

Privacy Settings Lockdown

This is where things get hairy, as there are a lot of settings and screens involved. Again, please look at the Gallery which shows the effective permission settings that we think give you the highest level of privacy and a minimal level of information exposure needed for basic social networking.

You could loosen some of these up, but you should make the assumption that if you loosen them,  FaceBook will expose the data generated from these fields to someone who you don't want to see them.

FaceBook Privacy is categorized under the following areas: Basic Directory Information, Sharing on Facebook, Applications and Websites, Blocklists. Most of these areas have multiple fields which you can set who gets to see what. The most restrictive level is to choose Custom for each of these fields and to set it to Only Me, which is how we set the majority of the fields.

Step 3: The Death Penalty

You may find all of this Lockdown is too much work for too little gain, and that FaceBook is too much of a time sink or a risk to your personal privacy. Fair enough, you want to kill your FaceBook account.

Consider me your Doctor Kevorkian.

Here's what you'll want to do with your personal profile:

1) Remove all groups and fan pages from your account.

2) Expunge all personal information from the profile, per the Profile Data Elimination/Obfuscation section.

3) Delete all of friends with the exception of the people who meet the "Real friend" criteria per the Kill Your Excess Friends section above.

4) Delete all your Wall messages. This could take some time, but the data contained in here could be potentially very damaging if FaceBook keeps it and exposes it without your consent.

4) Send out a farewell to your friends via the internal messaging system. Here's the text that a friend of mine used recently that deleted his account just a few weeks ago:

"After numerous privacy violations, constant spam, applications that try to take over my account, and continual unwanted changes in the service, I've decided to delete my Facebook account. I'm letting everyone know that if you still want to keep in touch, here's my information:"

He then gave out the following personal information: eMail Address, Phone Number and his  Instant Messenger IDs.

5) After sending out your farewell, deactivate the Wall, give it a few days to receive any remaining internal FaceBook messages, and then delete all of your remaining friends.

6) Follow these instructions on Wikihow.com on How to Permanently Delete a FaceBook Account.

Advanced: Centralized Updates via Twitter

Because some of us have the need to propagate updates to two different sets of people, you will need to maintain a secure profile of "Core" friends and business contacts, and also your "Public" Fan Page.

To do this, you'll need a Twitter account. Obviously, anything entered in Twitter is going to be a public update, so you should never use Twitter for anything that is of a private nature or something you don't want forwarded on.

My attitude towards this is if it isn't game for Twitter, I probably also don't want it posted in my private FaceBook profile or my Fan Page. If something is really important and of a sensitive nature, I expect people to have common sense and to call people individually on the phone, or use traditional forms of electronic communication, such as an e-Mail or a private FaceBook message.

If you think that you've got something to say that doesn't belong on Twitter but can stay within your "Inner Circle" on FaceBook on your profile status, you can enter it into FaceBook directly. Got it? Great.

If you have a Twitter account already, good. If not, go to Twitter.com, sign up, and get one.  Once you've signed up, you'll need the RSS feed for your update stream.

In my case, mine is located on http://www.twitter.com/jperlow, and if I click on the "RSS feed of jperlow's tweets" link on the middle-right hand side of the page, I get this URL:

http://twitter.com/statuses/user_timeline/4400681.rss

Your unique RSS feed will have a different number at the end, but copy this into a text file and save this for later, you'll need it.

If you're new to Twitter, you can enter status updates directly from the Twitter website, or you can use any number of Twitter clients for your smartphone, mobile Internet device or or your PC.

On the PC for Windows/Mac/Linux, I recommend TweetDeck or Seesmic. On the iPhone and iPad, I like to use Twittelator. On Android, my preference is for Twidroid. On RIM devices I used to use Twitter for BlackBerry.

Advanced: Collect your Blog RSS Feeds

If you don't blog or have a website that issues updates, you can ignore this step. However, I suspect many people who do blog or maintain a website with dynamic content are looking to send their  web updates to their FaceBook profile and/or Fan Page will want to follow along.

I maintain two separate blogs, Off The Broiler, which is my food website, and Tech Broiler, which is the blog you are currently reading. Each of these blogs has its own RSS feed which contains the links and story summary for each entry in a serialized, syndicated format.

Depending on which blog and web browser software you use, your RSS icon will either show up directly to the right of the URL of the web browser when you're viewing your blog's home page or it will be in your administrative settings.

For WordPress.com blogs, the URL is

http://blogname.wordpress.com/feed

For Blogspot, use

http://blogname.blogspot.com/rss.xml

and for TypePad.com use

http://blogname.typepad.com/blogname/rss.xml

Once you've collected your RSS feel URLs for each of your blogs or web sites that you want to send into your status updates, paste them into your text file along with your Twitter RSS feed.

Advanced: Twitter Publish via Google FeedBurner

Now that you have your RSS feeds collected, you'll want to create secondary feeds on Google's free Feedburner service for "pushing" those updates to Twitter.

As in the illustration above, you'll need to create a new feed using the copied RSS URL for each blog that you captured earlier.

After you create each feed, you'll want to enable the "Socializer" service on Feedburner for each feed you want to push out to Twitter.

As in the screen shot above, for each feed that you'll be sending to Twitter, you'll want to click on "Publicize" on the top navigation bar and select "Socialize" from the left hand menu. You'll need to enter your Twitter credentials. Once this has been completed, every time you publish a new blog post, the status including the title and the link to the post will be sent into Twitter.

Google will automatically use its http://goo.gl URL shortening in each Tweet, so this is completely "Set it and forget it".

Advanced: Create your Fan Page on FaceBook and activate RSS Twitter Syndication

Log into FaceBook, and enter the following URL into your browser:

http://www.facebook.com/pages/create.php

You see a landing page similar to the one above. Here you'll be asked for what type of page this is. In my case, I chose Website and typed in the name in which I'd like the fan page to appear in FaceBook's search index. Click on "Create Official" page, and then you're done. More detailed levels of how you can set Wall permissions for your Fan Page can be found in the Gallery accompanying this post.

Next, you'll need to edit your fan page and add at least one application to it, RSS Graffiti, as per the above screen shot. This is what will be used to pull all of your consolidated Status Updates out of Twitter. On my fan page I've also added Discussion Boards so that anyone can have a topic-based discussion thread in addition to commenting on the statuses.

In the RSS Graffiti configuration screen, you'll want to set it so that it points to the RSS feed from Twitter that you captured earlier, for both your personal profile as well as for your fan page, and to use "Status Update" format. Additionally, in lieu of a Fan Page, you could also use this to dump your status reports to a Group which you maintain.

After you've set up your Twitter status update syndication, you should claim a short URL for your Fan Page so you can post it on your main User Profile and anywhere else you'd like to display it. Once Fans "Like" your page, they'll get Status Updates on their news feed from you just as if they had friended you.

My new Jason Perlow fanpage will allow me to interact with my Blog readers without having to go though any friending overhead.

I hope this tutorial is helpful to everyone, and if I left out any other steps or settings/changes that might be useful, Talk Back and Let Me Know.

Topic: Social Enterprise

About

Jason Perlow, Sr. Technology Editor at ZDNet, is a technologist with over two decades of experience integrating large heterogeneous multi-vendor computing environments in Fortune 500 companies. Jason is currently a Partner Technology Strategist with Microsoft Corp. His expressed views do not necessarily represent those of his employer.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

36 comments
Log in or register to join the discussion
  • Might be easier to deploy a website with a CMS and Forum

    and do away with Facebook. Less security worries.
    Dietrich T. Schmitz,Your Linux Advocate
    • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

      @Dietrich T. Schmitz,Your Linux Advocate

      Yeah, well as WOPR from WarGames says, the only winning move is not to play. :)
      jperlow
      • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

        @jperlow

        Exactly, so just sell your computers and delete your Facebook account, you're obviously not tech savvy enough to be trusted with either.
        brichter
      • Thanks, Jason, for your article

        And Dietrich's suggestion also had merit although I don't have need for a private website now or in the foreseeable future. But I do have a "FB newbie account". I think I have some work to do. As they say, forewarned is forearmed.
        kenosha77a
      • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

        @jperlow

        Totally agree with go.. Go do some real socializing guys.. with ppl of flesh and blood.. not typing away at your systems to God-Knows-Who
        yazhisai
  • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

    Wow, you believe Windows was hit by malware, with no proof, and you drop it like a bad habit. You talk about dropping FB, but then go thru all the steps you mention. If it is that much of a problem to you, just cancel your FB account. I use FB to stay in contact with friends and family, and use it for fun. It is obvious it isnt fun for you. Why not just drop it all together?
    tiderulz
    • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

      @tiderulz
      His way of thinking is rather comedic due to the reasons you just pointed out. The dropping windows thing was nothing more than a publicity stunt for him to make some $$.
      Loverock Davidson
      • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

        Jason's latest antics are now well beyond a joke.

        Sadly, his credibility has now taken that final step off the edge of a cliff.
        de-void-21165590650301806002836337787023
  • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

    Instead of going through all those gyrations ; Isn't it more sensible just to NOT send anything to FB that the FBI wants to know about you ? 99 percent of the crap on there now is so useless and trivial that it would take the proverbial 15,000 agents to find out your secrets (sic) ! My reasons for partial lockdown ( of sorts ) is to sidestep the spam that FB might be sending my way. Until they let me know WHO gets that info - it's none of their business.
    curiousgeorge1940
    • Keep FBI from FB posts????

      @curiousgeorge13@... People aren't locking down facebook because they're trying to keep the FBI from knowing something? I don't even know what law enforcement has to do with this topic. The main reason people lock down their profiles is because they want to restrict who they share what with. I might take some funny vegas pictures that I'm going to share with my friends and we can joke about, but I'm not going to take those same photos in and show my coworkers or future employers.
      ngtwolf
  • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

    Lock down Facebook? Why do that when we can just virtualize all of our Microsoft Windows sessions and put the blame squarely on that instead of Facebook? We both know Windows has nothing to do it with it but its the ONLY solution to all your problems!
    Loverock Davidson
  • Thanks for the Options

    Jason,

    As many have already chided, "if it's this much trouble, why bother?" And I agree with them. However, as a fellow reluctant FaceBook user, I appreciate this outline of how to continue to use FaceBook while locking down personal information as much as possible. I, too, have crazy reasons for continuing to use FB, but I also want to keep things as safe as possible.

    Someday soon I may decide to just "delete it" -- but until then, you've given me a good overview of how to protect myself.

    Nice writeup.
    amicalola
  • Security

    I just cannot believe this all started by blaming systems.

    Major rule in security - if you don??????t manage it - Don't trust it.

    I mean come on probably 10000 people told that already - you are using someone else computer to access the Facebook???!!!!!

    Did you ever connected with the networks or wireless networks other than your own??? Again you don't control it the SSL session may be decrypted and checked - everything is visible - it may be legitimate (but bored admin) or rouge and you will lose everything
    In this case OS does not matter, and I don??????t care if you are an "Architect" - and you don't deal with the "Mainstream" part - as you are lacking the basic logic to provide those system security wise.

    There is plenty of people who deliver the service - but how many of them deliver them SECURE???? This is why we have so many DATA BREACHES!!!!

    I??????m tired of EXPERTS with IM THE GREATES attitude that are clearly lacking the basics which are REQUIRED to deliver.

    I??????m mean you work with HIGH END systems right and you use Ubuntu??? ?????? which is great as for the OS for the people trying the Linux but clearly does not need EXPERT knowledge of working with DEFERENT systems ?????? it would be REDHAT SUSE from Linux or UNIX system.

    Plus whatever you have described I would say it was someone you know well as the cooking and diet match ?????? I bet you have offended someone and that was a revenge.

    Stop acting like a baby ?????? tough guy from Queens ?????? I bet it was Jamaica or LIC Projects? ??????

    I have downloaded ZDNET app on my BlackBerry to look at the TECHNOLOGY news not the DRAMA of the SOAP channel :/ -

    Note to the editor ?????? first was the Climate Change posts :/ then Yahoo giving up contacts to Chinese government
    I would appreciate if we could stay on the technology and have more Professional opinion not the Harlequin drama ??????
    ALisowski
  • I've started up with my FB account with very restrictive controls.

    At first, with all the privacy woes, I've set most of the settings in my privacy management to "only me." With all that said, it will take a very long time to establish my trust with Facebook and I will have to put in a lot of time for researching about friends that they've requested before I add them to my friends list. I do the same thing with Instant Messenger, be it Windows Live Messenger, Yahoo Instant Messenger, AOL Instant Messenger, or GoogleTalk. Friends management system can be abused and I don't like to look for friends that I'd like to invite unless they are friends who reside on where I live. I don't have anything in my Facebook Privacy Settings that says "Friends of Friends."

    With that said, I'm very strict. I might start out by having a max of 3 friends. I might increase my allowance little by little for every two to three months. I really don't like to receive invitations to add mine to their friends list so they can see my profile.
    Grayson Peddie
  • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to

    Thank you Jason for reminding me to erase all those entries (data) before terminating the account (because they can and will retain and use said data if you simply terminate the account.
    GpaKen
    • Erase data

      @GpaKen Yup, that was a good point I didn't think of either. It's probably overkill, but its the only way to be truly thorough.
      ngtwolf
  • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

    Thanks to ZDnet updates I sawthis train coming and decided to JUMP FB ship all together. I contemplated going back on after this "How to" but too much bother. FB WAS a good thing and lazy persons are not getting the invasive nature of what FB is doing. Person's I have warned feel they "have nothing to hide". That is not the point, it is INVASION, but so much for the general public. Also, at some point it seems as if FB may be mandatory to communicate online...very strange, and scary. Thanks for your post.
    reslyn
    • FB for communcation

      @reslyn Actually I can see the use of Facebook even if you have the privacy concerns. Basically, create a facebook page and don't add or post anything. The one great feature of facebook is to keep in touch with your friends and have a spam free way to communicate with them. You can still do that without providing facebook with any information. I see lots of facebook profiles out there that don't have any posts, photos or details but lots of friends. They probably just do the same thing.
      ngtwolf
  • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

    If you don't know them, don't add them. You wouldn't call a stranger in real life a friend, so why is Facebook any different?

    And puh-lease, a fan page... egotistical or what?
    LeeC
  • RE: Lockdown or Death for your FaceBook Profile: An Advanced User Guide to Social Networking Privacy

    An honorable attempt to help those who need help with these privacy issues , but the truth is you're all screwed! Fortunately, I am one of the few who saw this coming before the emergence of social networks. The writing (pertaining to privacy on the internet) was already all over the walls for years.

    Thanks Jason (and everyone else) for your attempts to help but I continue to enjoy every day life not having ever signed up for any of the social network services.

    I have plenty of friends which I speak to when there is something to be spoken about. Oh, I use a telephone, landline. They still work very well.

    You see, I am not a part of this new "immediate gratification" crowd. Yes. That's you. I kind of like my privacy too so the big question that comes to mind is:

    Why the hell would you sign up to any social networking site if you were concerned or cared about your privacy?

    BTW - for those who are not concerned or care, yet.

    You will, sooner than later!
    Redeye Dog