Facebook's Ever-Changing Policies

Facebook's Ever-Changing Policies

A long time ago in a magical land faraway,  Facebook and other budding social networks were simple. You shared your interests and information with a small network of chosen friends and everyone was to live happily ever after. Facebook’s privacy policy was promising that “No personal information that you submit to Facebook will be available to any user of the Web Site who does not belong to at least one of the groups specified by you in your privacy settings.”

But now we live in a world where everyone can know your business and get into your once enchanted life simply by knowing someone who knows someone who knows someone you know.

Last week we reported briefly, not realizing the hubbub it would create, that  Facebook removed its users’ ability to control who can see their own interests and personal information. Certain parts of users’ profiles, “including your current city, hometown, education and work, and likes and interests” will now be transformed into “connections,” meaning that they will be shared publicly. If you don’t want these parts of your profile to be made public, your only option is to delete them.

Here is Facebook’s explanation of their changes:

What’s changed?

We launched a number of changes to Facebook Platform at our f8 developer conference on April 21, 2010. These changes aim to simplify our platform and make it easier for new developers to get started. While the changes are broad in scope, none of them impact backwards compatibility: all of your existing code will continue to work.

The most important changes are:

  • Graph API – The new Graph API is replacing the old REST API as our primary server-side API. Despite our focus on this new API, the REST API will continue to work. Furthermore, all the work we are doing to improve the performance and stability of the Graph API will benefit the REST API equally: both are built on the same foundation and infrastructure.

  • Data Permissions – As documented in the authentication guide, we are moving to a model where applications must list all the pieces of data they need to access from a user’s profile rather than having all that data available automatically. We are also moving to an authentication model where all permissions are granted in a single dialog rather than a sequence of many dialogs. These two changes together should improve your sign-up rate and simultaneously increase transparency for users. See the upgrade guide below for details on how to update your app to ask for these new permissions.

  • OAuth 2.0 – We are transitioning from using our own authentication system to OAuth 2.0, an open standard Facebook co-authored with a number of other companies, including Yahoo, Google and Twitter. All of our existing APIs now support OAuth, including the old REST API, and will continue to support our old authorization scheme as well. We have a simple process for you to upgrade your session keys to OAuth access tokens if you want to start experimenting with OAuth in your existing application.

  • New SDKs – We’ve launched a new JavaScript SDK as well as new Python and PHP SDKs. The JavaScript SDK is slimmer and faster and is required to use our new features like social plugins and the Graph API. Be sure to stop using the old JavaScript library in order to properly migrate to the new JavaScript SDK. Get started by reading the JavaScript SDK reference documentation and readme.

    Note: The new SDK and client libraries exclusively use the updated cookie format — combinations of old and new cookies won’t work. They all include the OAuth access_token which allows for making API calls to both the new Graph API and the old REST API.

  • Facebook Connect Branding – Facebook Connect was our initiative to help developers integrate Facebook Platform beyond Facebook.com. Given that the underlying technologies are the same whether you are building applications, websites or devices, we’re transitioning away from the Facebook Connect brand to reflect that there is one platform behind any integration with Facebook. This change has no impact for developers using Connect; everything is still part of Facebook Platform. You can optionally use the “Login with Facebook” button or our new button with faces, which have seen higher conversion rates. Learn more about integrating Facebook on your websitewhich includes many components we promoted as Facebook Connect.

Below are more details on a couple of these changes. The change that will most impact existing applications is our update to data permissions. If you only have time to read one section in this guide, read that.

Here is the main argument against as expressed by the Electronic Frontier Foundation:

The example Facebook uses in its announcement is a page for “Cooking.” Previously, you could list “cooking” as an activity you liked on your profile, but your name would not be added to any formal “Cooking” page. (Under the old system, you could become a “fan” of cooking if you wanted). But now, the new Cooking page will publicly display all of the millions of people who list cooking as an activity.

Cooking is not very controversial or privacy-sensitive, and thus makes for a good example from Facebook’s perspective. Who would want to conceal their interest in cooking? Of course, the new program will also create public lists for controversial issues, such as an interest in abortion rights, gay marriage, marijuana, tea parties and so on.

But even for an innocuous interest like cooking, it’s not clear how this change is meant to benefit Facebook’s users. An ordinary human is not going to look through the list of Facebook’s millions of cooking fans. It’s far too large. Only data miners and targeted advertisers have the time and inclination to delve that deeply.

There is one loophole — tell Facebook you’re under 18. Under Facebook’s policy for minors, your interests would only be visible for friends and family and verified networks. You would not be publicly listed on these new connection pages. However, this only works as you set up a new account.

The new connections features benefit Facebook and its business partners, with little benefit to you. But what are you going to do about it? Facebook has consistently ignored demands from its users to create an easy “exit plan” for migrating their personal data to another social networking website, even as it has continued — one small privacy policy update after another — to reduce its users’ control over their information.

The issue with Facebook’s latest change is not that they force you to link your interests without permission, but rather that they remove an option to express yourself on the profile without links. As we noted, Facebook users now face a Hobson’s choice between the new Connections and no listed interests at all. As Facebook explains, “If you didn’t connect to any of the suggestions, the sections of your profile to which those suggestions corresponded will now be empty.” (The transition tool also allows you to delay the choice by saying ‘Ask Me Later’). Previously, you could list interests in your profile without linking; after the transition, you cannot. You do have options to adjust visibility on the profile page, for which we commend Facebook, but nevertheless, this is not a true opt-out because the all the “Facebook Pages you connect to are public.”

Facebook users would be better off and better able to express themselves if they could choose whether or not to link their interests and activities to a community, if they decide to list them

The Eff, no matter how harsh they may seem, also offer us a way to opt out of the “instant Optimization” Scheme that Facebook has given us. This is something that is hard to find how to do through Facebook itself. Go to http://go.cosmicthings.com/opt-out

And let us know if you opted put or if you actually like the like.


  1. Tweets that mention Facebook’s Ever-Changing Policies | Tech Talk -- Topsy.com - [...] This post was mentioned on Twitter by Jamie and Nancy Raskauskas, Nancy Raskauskas. Nancy Raskauskas said: Facebook’s Ever-Changing Policies:…

Leave a Reply