February 6th, 2008

computer, internet, blogging

Facebook & Privacy

Having got my new computer a couple of months ago, I've recently been spending quite a bit of time thinking setting it up and thinking about what I want on there and how I want it set up. Part of this is obviously transferring my email addressbook from my old machine.

So having this in mind and with the ever present messages from Facebook, the obvious thought occured to me that as a large number of my friends were on Facebook and have their contact details on there then perhaps I could just import these into my mail client. Apparently not, Facebook offers no export functionality and all the third party programs that offer this functionality break Facebook's terms of service. There even seems to have been one user banned for using a script to pull this data off, which is fair enough really as having signed up to the terms of service before putting your info up there, you'd expect it to be treated in accordance with this.

However, it has got me thinking about contact details shared on these sites and what that implies in terms of user privacy. As a Facebook user you have free choice how much of this information you want to enter into the site (with the proviso that you need an email address there, but you can make that private) and can set the privacy settings for these as you please (can prevent people seeing these details all together, make them only open to your "friends", etc). You can also restrict users to only seeing a limited profile (although I've never tried this out). With so much control over who can see this data, you would think this would be enough to allow them to use it in a reasonable away (eg adding contact information to personal address books or even contacting you with it)?

Personally, when I joined Facebook it seemed such a good way to share contact details with people I know that I put them all up there, but limited them all to my friends only. People on there are free to put them in there address books if they want to and to use them to contact me in any reasonable way. After all, a lot of them are already published to most of Croydon in the phone book and what's the point of contact details if you don't share them with people.

Given how difficult it is to pull contact details from Facebook, it seems strange that any Facebook application one of your friend's runs can have access to any of the other details you make visible to that Friend (eg Birthdays, Education Info, Work Info, etc) in fact you can apparently export all this data to CSV using the FriendCSV application. Surely this is the bigger worry for data security, as it's here that the answers to your security questions, etc may lie?

Add to that the fact that Facebook applications seem quite capable of spamming you anyway (unless you block them individually) and this seems fairly inconsistent and doesn't make a lot of sense to me.

To top all this off Facebook have now joined The DataPortability Workgroup which seems to imply they'll end up sharing this data in the end anyway, so maybe one day we'll be able to integrate the useful details of those friends who are willing to share them into the places they are most useful.