Students try to bring down Facebook
Facebook is a difficult one to judge in terms of privacy; most people see the word “privacy” and presume it’s about keeping yourself to yourself. In the computing world, it means “how much you are giving away about you”. The point of Facebook is to share information and details about yourself, connect with those you already know and sometimes with those you don’t. There has long been heated debate about privacy with social networking websites; MySpace, Facebook, Bebo, Live Spaces etc. This time, smartarse Canadian idiots law students decided to take on one of the biggest websites in the United States, probably to try and further their impending careers, and they are going to fail miserably no doubt. Spenser who wrote on the Neowin forums seems to agree:
"They're law students and now they think they can do whatever they want. It's like they think that these privacy concerns haven't been looked at or brought up by any real lawyers yet."
The BBC reported that the basis of the complaint “states that Facebook collects sensitive information about its users and shares it without their permission.” Again, the UK perspective but it’s one that I know well. Under the Regulation of Investigatory Powers Act 2000, this allows only the UK intelligence services (MI5, SIS, GCHQ) to intercept and monitor, collect and disseminate personal details and sensitive information, whether it is used in a court of law or not. A similar act(s) apply for the United States, but it only allows certain national security based Government departments to collect information on you.
Now, last time I checked, there address wasn't www.facebook.gov.*, so they are well and truly out of the Government's reach. But have you any idea what risks are involved in doing these things if you're a private company? There may only be 300 employees at Facebook, but I can guarantee that at least one of them will realise that something isn't right and get in touch with the relevant authorities if this was the case, but as they haven't, it leads me to believe that there is no misconduct on the part of Facebook.
Missing out parts of a privacy policy or withholding information about the data being collected is a criminal offence in most places in the world. An organisation as small but having an impact so large such as Facebook isn't likely to screw around with these technicalities and start missing bits out, because if it did then they'd be facing huge fines, lack of customer support and faith in the service and potential (and as a result, likely) bankruptcy.
I looked over the privacy policy with a couple of IT experts and bloggers and came to a sound conclusion. Facebook uses contextual advertising which picks out words from a web page and displays an advertisement in relation to that. If you were on a recipe website, you may well get recipe or ingredients advertisements being displayed. Even this website has a whole load of technology related advertisements using contextual advertising; it benefits the publisher and the advertising companies to display relevant content dependant on the content you are viewing. The Facebook privacy policy clearly states:
"Facebook may use information in your profile without identifying you as an individual to third parties. We do this for purposes such as aggregating how many people in a network like a band or movie and personalizing advertisements and promotions so that we can provide you Facebook. We believe this benefits you.
And it can do! Some people don't mind advertisements, and after all, this is how most of the Internet stays free. If Facebook didn't have advertisements on it, you'd have to pay an arm and a leg for the services and web sites you use. Just look at how Windows Live survives - it's the only real way of doing it without getting the people who use the service to pay for it.
"You can know more about the world around you and, where there are advertisements, they're more likely to be interesting to you. For example, if you put a favorite movie in your profile, we might serve you an advertisement highlighting a screening of a similar one in your town. But we don't tell the movie company who you are."
Just one more point on this privacy policy which should be noted:
"We share your information with third parties only in limited circumstances where we believe such sharing is 1) reasonably necessary to offer the service, 2) legally required or, 3) permitted by you."
If anything, you should be more concerned about the applications which are written for Facebook, as they seem to jeopardise your privacy on a whole new level.With a few clicks of the button, you can easily change your privacy settings; some argue this should be shown first before you use the service, and maybe so. But whenever you give out information on the Internet, even through a secure channel when buying something, you still run the risk of human error taking over and causing a slip up with your data. If you don't want to use the service for whatever reason, just stop using it.
With a few clicks of my mouse, I can alter even the more complicated privacy settings. I may want to show a photo gallery of me and my friends pulling pranks around campus, getting sloshed off our faces and getting up to general mischief - however I may not particularly want my parents finding out. I can open up my photo gallery to everyone on my friends list, or limit it to "friends and network" - so anyone on the Kent Uni. network can see my photos, but say my parents' cannot be part of (as they don't have a network specific email address to authenticate them) thus cannot see their son getting up to no good; nothing but a good thing considering they're paying around £8,000 ($16,000) a year for me to be here.
The ability to share and hide data is immensely easy to do, simple to understand and secure. From a brief look at some of the other social networking websites, in my expert opinion it is far more wide-ranging when it comes to users being in control of their own data.
I finish one word which sums all this up perfectly – “lawyers...”.