informa
Security Insights

New Facebook Privacy Settings Under Fire

Facebook is making major changes to its privacy settings, giving you the opportunity to share your personal information with "everyone" on the Internet. But is that wise?
Facebook is making major changes to its privacy settings, giving you the opportunity to share your personal information with "everyone" on the Internet. But is that wise?Facebook's huge user base is signing onto their favorite social network today, and viewing an important message.

They're being encouraged to review their privacy settings, as Facebook effectively encourages its 350 million users to share more information with everybody on the Internet.

The worry is, of course, that Facebook's recommendations may be in the best interests of Facebook -- but they may not necessarily be in the best interests of all of its users.

After all, do you really want your posts to be viewable to anyone in the outside world, or would you feel safer if only your approved friends could view them?

And do you feel comfortable with Facebook's recommendation that third-party search engines and external Websites be allowed to harvest some of your details, effectively making them available for anyone on the Internet to view?

What Facebook is actually saying is that if you make your information available to "everyone," then you'll actually be making it available to "everyone, forever."

Even if you change your mind later, you'll find it's too late. Even though Facebook may remove the details from your Facebook profile, it will have no control about how it is used outside of its corner of the Internet.

It's not as though Facebook has hidden this information. If you read its revised privacy policy, you'll discover exactly what it means when it recommends you share your information with "everyone":


"Information set to 'everyone' is publicly available information, may be accessed by everyone on the Internet (including people not logged into Facebook), is subject to indexing by third party search engines, may be associated with you outside of Facebook (such as when you visit other sites on the internet), and may be imported and exported by us and others without privacy limitations."

"The default privacy setting for certain types of information you post on Facebook is set to 'everyone.' You can review and change the default settings in your privacy settings. If you delete 'everyone' content that you posted on Facebook, we will remove it from your Facebook profile, but have no control over its use outside of Facebook."

My concern is that many people will give a thumb's up to Facebook's recommendations without carefully considering the possible consequences.

Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his award-winning blog on the Sophos website, you can find him on Twitter at @gcluley. Special to Dark Reading.

Recommended Reading: