Fixing Facebook's crazy privacy controls

facebook

Facebook has changed its privacy and security settings often enough that most users now have no idea what settings they actually need. While Facebook's security settings are important (I'll cover them in the next slideshow) it's the privacy settings that cause the most confusion. If you have a gaggle of users who need a clue, here's a ready made presentation to bring them up to speed. If you'd like a copy of my forthcoming report, "Facebook Privacy Sliced and Diced," send an email message to facebookprivacy@gibbs.com

Share this with your friends. If you have a comment or question either leave it below or drop a line to gearhead@gibbs.com and follow me on Twitter, App.net, and Facebook. 

facebook privacy

To configure Facebook's privacy settings you'll need to visit not only the Privacy  Settings and Tools page (the Privacy option in the left hand menu when you're in Facebook's Settings section) but also the Timeline and Tagging, Blocking, Apps, and Ads pages as well. Some of the options on these pages are more about keeping people and features from annoying you but they're mixed in with the options we need to check and change to maintain our desired level of privacy.

facebook privacy

There are two quick ways to get to Facebook's Privacy Settings and Tools page. The direct route to access your privacy settings is to click on the "gear" icon on the top right of your home page which will take you directly to the Privacy Settings and Tools page.

Alternatively ...

facebook privacy

You can also get to the Privacy Settings and Tools page via the "lock" icon to to the left of the "gear" icon. This displays the Privacy Shortcuts menu with links to some commonly asked questions concerning privacy. Clicking on the "open" icon next to each privacy question ...

facebook privacy

Clicking on the "open" icon to the right of each privacy question expands the Privacy Shortcuts menu to show your current settings for the feature associated with that question along with an explanation. You can change the privacy settings related to each question directly from this menu.

Before we change anything, let's see what our account looks like to the world so, if you're on this menu, click on See More Settings ...

facebook privacy

Now click on Timeline and Tagging over in the left hand menu ...

facebook privacy

... and on the Timeline and Tagging Settings page click on View As ...

facebook privacy

.. and this is what I look like to the world in general. If your account is really locked down only your profile photo and cover photo will be visible (as you can see, my cover photo is a grey bar) along with the +1 Add Friend link if you've not limited your account to only be visible to friends or friends of friends. If you want to see how your timeline looks to a specific person click on View as Specific Person in the black bar at the top and enter that person's name.

facebook privacy

Wherever you get to choose who can see your content on Facebook or do something such as tag content related to you then your choices in most cases are Public, Friends, Friends except Acquaintances, Only Me, Custom, or one of two default lists; the default Close Friends list and whatever list is at the top of your list of lists. The link See all lists allows you to pick any list you've created. The Public option is the most permissive while Only Me the most restrictive. Custom allows for ...

facebook privacy

Custom allows for more complex control including blocking specific users and lists of users but be careful! It's easy to reduce your privacy particularly as the option Friends of those tagged is enabled by default allowing anyone also tagged in a post you're tagged in to see the post in your timeline.

facebook privacy

While Timeline and Tagging settings might appear to be separate from privacy settings they do in fact matter to how you're seen and who can see your posts. If you click on Who can see posts you've been tagged in on your timeline? or Who can see what others post on your timeline? you can change the setting for each option.

facebook privacy

The Privacy Settings and Tools page is split into three sections: Who can see my stuff?, Who can contact me?, and Who can look me up? Between them there are over 40 settings! Is it any wonder users are confused?

facebook privacy

Under Who Can See My Stuff is Who can see your future postings which sounds simple enough until you realize that this is a default that gets overridden if you change it when making a post ... in other words, the setting defaults to the last choice made. You need to be careful when posting and check the visibility setting; it's a great way to post things publicly that should really remain private. Note that your new setting in this menu does not change who can see previous posts so if your current setting is Public and you were to change that to Friends then any previous public posts will still be visible to anyone. To change the visibility of previous posts ...

facebook privacy

To change the visibility of previous posts you need to go to the Privacy Settings and Tools page and click on Limit The Audience for Old Posts on Your Timeline. This is a one way change to your posts being visible to friends only and will apply to all posts in your timeline. Again, be careful because once made the visibility of your posts can only be changed by going to each post individually and changing its audience.

facebook privacy

Under Who can contact me? there are only two choices for Who can send you friend requests? The default is Everyone while the alternative is Friends of Friends. The latter setting will eliminate complete strangers such as that nice prince from Nigeria but if you're in tight with someone like the Dali Lama or Lady Gaga the number of people who can ask to be friends with you is still going to be pretty big.

facebook privacy

Under Who can contact me? there's also the option of Whose messages do I want filtered into my Inbox? Basic Filtering allows you to select to have messages from friends and friends of friends sent to your inbox while Strict Filtering limits inbox messages to only friends and, in both cases, messages from other sources get shuffled off into "Other", the mailbox no one ever checks. Of course "paid for" messages will still arrive in your inbox. Oh, joy.

facebook privacy

Under Privacy Settings and Tools there's one last section that is crucial to your privacy: Who can look me up? The option Who can look you up using the email address or phone number you provided? can be set to Everyone, Friends of Friends, or Friends and applies to people who can't already see your email address or phone number. Friends is the most restrictive setting but "No one" is not an option. Do you want other search engines to link to your timeline? restricts indexing by search engines to either just Facebook's search engine or to all search engines. Unchecking this option is the most private setting but it will take some unspecified period of time for the other engines to stop.

facebook privacy

The next part of the Facebook privacy puzzle is Blocking which you can find in the left hand Settings menu. Here you'll be able to manage your restricted list (the list of friends who will only be able to see your public posts), block or unblock users from having any interaction with your Facebook account, block or unblock users  from sending you app invites and or event invites, and block or unblock specific apps. You can also activate any of these blocks from within specific messages.

facebook privacy

A crucial area of privacy control concerns apps and this is arguably one of the most important to think carefully about. The reason for this is that apps can find out a tremendous amount about you if you're not careful about what privileges you're giving when you enable them. Again, as with the Blocking section, Apps is found in the left hand Settings menu.

facebook privacy

In the Apps section under Apps you use you can examine the privileges of individual apps whether they are Facebook apps or external apps supported by Facebook's Platform. If you disable Platform by changing Use apps, plugins, games and websites on Facebook and elsewhere to Off you'll lose the ability to login to third-party sites and services via Facebook but if you really want to lock down your privacy, that's what you'll have to do.

facebook privacy

In the Apps section under Apps others use you can restrict the information about you that is accessible by apps being used by other people. Facebook claims "This makes their experience better and more social" but it also allows for "information leakage" so to ensure the highest degree of privacy you need to disable all of the categories or, better still, disable Facebook's Platform.

facebook privacy

Under Instant personalization in the Apps section you can control how a number of other Web sites present you with your friends' Facebook data. With this enabled (which is the default) even though you haven't enabled any kind of integration with the site the special relationship the site has with Facebook allows them to mine your social graph. For those who want to be really private switching this off is a must. The Old versions of Facebook for mobile setting should be set to Only Me even if you don't use any old mobile Facebook apps to ensure that you don't make any mistakes; it's a pity Facebook doesn't offer Disable for this option.

facebook privacy

Once again, as with the Blocking section, Ads is found in the left hand Settings menu. There are two sections here: Third Party Sites and Ads & Friends. The former asks "If we allow this in the future, show my information to" and should be set to "No one" as should Ads & Friends question "Pair my social actions with ads for" unless you are comfortable with advertising networks taking advantage of your profile data.

facebook privacy

If you've got this far you'll understand what a complex mess Facebook privacy is and the reason for this is obvious: Facebook is a free service trying to make a living so they want users to be as public as possible. Unfortunately user visibility and privacy are diametrically opposed goals and Facebook has a more or less uncontrollable tendency to veer away from privacy. This means that unless legislation is enacted that tightens up privacy (such legislation will be delivered by flying pigs) users will have to understand what privacy controls Facebook offers and how to use them.

If you'd like a copy of my forthcoming report, "Facebook Privacy Sliced and Diced," send an email message to facebookprivacy@gibbs.com