Facebook's bad year: The beginning of the end?

Facebook was attacked by an exploit which perpetuated a wide array of out-of-control news stories on the News Feed, including violence, animal mutilation and in some cases, pseudo images of celebrities engaged in sexual activity. 

ZDNet's Violet Blue broke the story, which explains the problem users' were having.

There was outrage by Facebook users, some for which threatened to leave the site altogether, either until it was gone or for good.

Facebook said that it had control of the situation after more than 24 hours of battling the exploit, some thought to be a virus or some kind of malware. The hacking collective Anonymous was blamed at first after seeking to 'destroy' the site on Guy Fawkes Day (November 5th). But Facebook said that it had identified 'who was behind' the attack.

Since then, the web erupted with anger, and even Congress wanted answers over Facebook's responsibility to its users.

Facebook and other social networks, along with businesses that operate within the confines of Europe, or have European users and customers 'must adhere' to European law, European Commissioner Viviane Reding said earlier this month.

While Facebook said that it was 'already compliant' with European law, particularly with the new 'right to delete' or 'right to be forgotten' feature of the new Directive, one had to wonder how compliant the social networking giant actually was, or currently is.

The European bureaucrats already have it in for Facebook after a number of high-level privacy battles and data protection matters. Since Facebook opened up a datacenter on European soil in Dublin, Ireland, it has been a target for more focused criticism over the past couple of years. Europe's 'mission' against Facebook will not go away, seeing as it was the same Commissioner who said that Facebook had "nowhere to hide" over its data protection policies.

Ireland's data protection agency has launched its privacy audit into Facebook's activities, particularly to examine how data is retained and used for the company's benefit.

Companies for certain lengths of time should not hold data or when the data is no longer useful, European law says.

But Facebook appears to retain almost every shred of data that it has on its users, according to data access requests others' have published on the web, including pokes that were removed and postings that were deleted. Even friends you have removed from the site are retained in Facebook's vast data banks.

If Facebook is found to have broken European law, the social networking giant could be fined up to €100,000 ($135,000) for every breach. 

Facebook has more users in Europe than it does in the United States, meaning Facebook not only has more to lose in the confines of the European space, but the data protection rules are far more severe than the United States.

Facebook at one point had a hidden form allowing European users of the social network to request their data, a provision made under European law. 

But once Reddit got hold of it, this flooded the social network with requests, overwhelming Facebook's user operations team, forcing the team to hold back on any delivery of data due to the huge number of users' requests.

Facebook then decided to trim the response it would give to data requests, under Irish and European law, partly due to the 'Europe vs. Facebook' campaign's budding popularity. The 57 categories of data were pushed down to 22 data categories, which some claim that Facebook is holding back on 'vital' information that could cause damage to its data collecting practices.

Facebook also had to contend with a vast data breach, whereby 'socialbots' -- carefully engineered programs that act like real people on the social networking site -- managed to friend people, and download vast quantities of their data. This network of socialbots managed to infiltrate over 1 million profiles, partly because of the lax privacy choices made by end-users.

As CNET report, Facebook's cookie management system was 'defected' -- though since corrected, they were assured -- that meant the social networking giant was tracking the web histories' of users even though they were logged out of the social network.

To think that a social network one trusts with all of this data, but still wanted more, disgusted many users.

Germany, a world leading nation in data protection, accused Facebook of tracking users' cancelled and logged out accounts, and headed under increased pressure from the European privacy regulators. Germany's privacy watchdog made the claims in early November, and could fine the company up to €300,000 ($420,000) for each breach of their laws.

But closer to home, Facebook attracted senators' attention after the news erupted. Sen. Jay Rockefeller will "invite Facebook and others to explain how they are using personal information".

Users are increasingly finding that the vast array of privacy settings is difficult to not only manage, but to edit too.

Almost half (48 percent) surveyed by Which? Computing said that they struggled to keep track of all the security and privacy changes that have been made in the social network. Respondents changed most of their settings 'only twice', even though Facebook has issued a number of updates and fixes to its privacy platform. Many may find that their settings are still set to 'everyone' or 'public'.

If so many people are not changing their privacy settings, this alone could be why so many people's data is being harvested by socialbots or other socially-engineered attacks. 

Mark Zuckerberg came under fire for encouraging others to post more information about their lives under the new 'Timeline' feature.

Facebook finally, after a slew of privacy changes and amassing a great deal of anger from the users of the social networking site, for changing privacy settings or adding updates to the service without informing them.

What was worse is that some of these changes were automatically switched on, and users had to opt-out of the feature if they did not want it.

But the U.S. Federal Trade Commission is set to agree to new changes whereby Facebook would make these 'opt-in', giving users the choice of whether they want to use the feature or not. Not only will this suit the U.S. FTC, but also other governments around the world, like Germany, which deplored the move when Facebook rolled out facial recognition software.

Once again, Facebook gets itself in trouble with the government. That is never a good sign, and I speak from experience.

And, speaking of government controversy, let's explore the Germany 'facial recognition' saga more closely.

Facebook rolled out a tagging system that would recognise your friends' faces, and tag them on your behalf. A seemingly normal thing, with a touch of possible artificial intelligence, maybe? It seemed cool to some people, but Germany thought it was anything but.

Germany came out and said that Facebook has violated German privacy laws, for scanning the faces of its citizens who use the site, Germany’s top data protection official, Johannes Caspar, wrote to Facebook to demand that its facial recognition software does not infringe German users’ privacy, and to delete any related data.

Germany could impose fines of up to €300,000 ($430,000), but is looking also to sue Facebook to prevent it from doing it in future.

Another Facebook buster from ZDNet's Violet Blue, who reported the state of Facebook's 'pro-rape' culture, where users set up pages and seemingly joke about rape and sexual assault, and the degradation of women.

According to Blue, it took nearly 200,000 signatures on a petition and a Twitter campaign to get the pages removed. Facebook finally caved in.

But why did it take the social network so long to comply with the requests made? Facebook was not even abiding by its own Terms of Service, which expressly forbids this kind of behaviour on the social network. 

Not only did it look as though Facebook was endorsing these vile pages based on the fact they still remained, even after a series of calls to remove them, but it just looked like the social network didn't care. 

Facebook has previously come under fire for deleting pages that discuss female sexuality, and even labelled one page of a breast cancer survivor as 'pornography'. Sometimes there are just no words.

Facebook's new Timeline profile page replacement throws up a whole series of privacy related issues. Anyone will in the coming weeks and months be able to search all the very way back on a person's page all the things that were said say, on December 27th, 2008, or last month, or three years ago -- or even as far back as the day they joined.

Though many users will not remember half the things they posted on Facebook last year, let alone last week. But this new profile page replacement will allow any one of your friends to go back and search for posted content two or three years ago, or even further back. Who knows what kind of teenage 'angsty' things were said, and the embarrassment it will cause?

Not only were users not informed of these changes, and instead thrown into the fray of it, it once again shows that Facebook will just issue changes as part of its opt-out strategy. Even in this case, users will not be able to opt-out of the new Timeline feature at all.

Likened to a 'stalkers paradise', once this feature rolls into place -- which has already been delayed -- we could be seeing a lot of users leave the site. Will Facebook ever reach its holy-of-all-holy 1 billion-user milestone?