4 things Facebook doesn't tell you about your privacy and security

Experts say read between the lines of the Facebook experience and you may still discover some unsettling factors

By , Senior Editor

May 12, 2010CSO

Let us be perfectly clear: While Facebook has received a lot of criticism lately about its new privacy policies and Open Graph concept, which allows them to partner with other sites which will also have access to some Facebook user data, Facebook isn't explicitly keeping secrets from you. But some security professionals and users continually knock the site for what they say are less-than-clear explanations about where your data is going, and how secure the site really is.

Also see Social Media Risks: The Basics


Joey Tyson, a social media security expert who maintains the site Social Hacking, says there are important data security and privacy issues happening under the radar of the Facebook experience. This is what Facebook isn't saying outright to members.

We don't want you to change your privacy settings
Facebook's privacy policies have evolved dramatically in the last few years since the site launched—see the Electronic Freedom Foundation's timeline of Facebook's privacy policies. At Facebook's inception, privacy was tightly controlled by the users. Today, there are some parts of the profile that the user cannot make private. Other parts can be made private, but not without a lot of work figuring it out. Changing your privacy settings on Facebook has recently been called "today's version of programming the VCR," by some security professionals.

"Facebook has shown they have been pushing users to share more and share more openly," said Tyson. "And while they offer the user controls, what they seem to WANT people to do is share openly and share publicly." Tyson notes that it is important not to think Facebook doesn't offer privacy. Facebook wants members to use the site, even if it is in a private fashion. But that is not their preference. As a result, if you engage many of the privacy controls, you will be asked if you really want to do it.

Leaving your information public can make you a target for Facebook scams. Read 5 Facebook, Twitter scams to avoid and 5 More Facebook, Twitter scams to avoid)


"Some of the explanations that they'll have on the web site describing what a certain thing does can just be very confusing. (For an example, log into your Facebook account and go here, to adjust your privacy settings) It's almost as if they don't want to come out and say "This is what is going to happen to your data," because they don't want to scare people. They want to provide the control to people who value privacy and want to limit access. But at the same time, if they are pushing that in users' faces and reminding them of all these different privacy settings, people will be less likely to share, and that is not what Facebook wants."

RESOURCE CENTER