Facebook’s plans for making the web social by default is good but not at the cost of privacy
Facebook’s new social graph and other announcements today could tremendously change our interaction with webpages and sites… and i am generally excited about it .. but it turns out that it has serious privacy concerns ..
For example, the biggest problem is with their “auto-logging capabilities” on third-party sites. To illustrate, i happened to go to CNN.com and Yelp.com today - and i was really surprised to see that both the sites knew who i was and showed my friends on facebook who like that page or were on that site. Now that is fine but how did CNN know who i was? It happened to be that i was logged into Facebook.com at the same time. Facebook is sharing login session information with sites that are implementing its social widgets. But hey, i didnt say yelp.com or cnn.com should know my identify just because i am logged into FB. Tomorrow any random site can implement the social API and if i happen to visit that site, it will know who i am!
In fact this gets even worse!. If Facebook was just showing my identifiable information on the third party site through an iFrame or something which didnt let the third-party really have my data, it would still be okay. But third-parties are actually getting your profile information directly from FB. See example of Yelp above (i have smudged some of the profile info ..). If you see the javascript files they load, you will notice (see the blue highlighted text) that Yelp is actually getting all the data about me from FB without having any permission granted to access that data.
Third-party sites should not be given default Opt-IN by Facebook! And what is i happened to press the like button by mistake and that action gets transmitted to my entire friend network in an instant. Every technology should offer ways for users to correct any mistakes - there is non - once you press “like”, its gone to the activity black hole and you cant even retract. This has huge implications which only different users mishaps will illustrate in time
I am excited about the whole concept in general but the privacy issues are quite a barrier for now. Infact now i am going to be doubly careful to notice any facebook “like” widgets on sites - make sure i dont press anything by mistake - this is definitely going to make my experience weird to say the least.
Add comment April 22nd, 2010