It’s been a month or so, so Facebook has announced some new privacy changes. CDT has the breakdown:
With Groups, users can essentially partition their interactions (passive or active) with Facebook and create multiple, customized Facebook experiences. For example, a user who participates in a “neighborhood” group can – with one click – view a newsfeed that is visible only to members of that group, post status messages that only members of the group can see, and peruse a list of profiles that includes only group members. This new functionality will make it much easier for groups (lowercase “g”) of friends to keep in touch and will likely accelerate the use of Facebook as a platform for organizing everything from bake sales to protests.
This seems inoffensive enough.
Users felt like a bad situation was made worse by their lack of options: It was impossible to leave without losing years’ worth of photos, videos, messages, and more. …But now, Facebook has made it easy to download a file that holds everything you can find when you visit your own profile page: status updates, conversations, photos that you have posted or that you were tagged in, and more. This is a very bold step that will spur innovation by third-parties. Soon it should be easy to transfer photos to Flickr, videos to YouTube, status messages to Blogger, or even to establish a presence at a new social network site without having to start from scratch.
Many folks, including myself, have called for data portability. But, as James Grimmelmann has observed, data portability presents its own host of privacy problems, chief among them that it allows users other than you to easily rip content out of the Facebook context and post it somewhere else. I may make available to Facebook Friends photos that I do not want them to then download and post to LinkedIn…
I foresee this causing as many problems as it supposedly solves.
Today, Facebook has taken these granular data permissions to a whole new level with an industry-leading privacy setting for managing applications’ data access to user data. The new setting has two primary features. First, users will be able to see what types of data were last accessed by each application. This will help them monitor applications for suspicious behavior and will hopefully promote good practices by developers: Did a quiz about “which Justin Bieber song are you” access your photo albums? Maybe it’s time to delete that application.
This is a good step forward.
So we have three changes. One is good, one is inoffensive, one is well-intentioned but probably will cause a whole new sort of privacy problems.
At least none of them are actively evil. I suppose that’s a step in the right direction.