November 29th, 2007

Facebook’s Growing Design Problem (and a proposed solution)

by Joshua Porter  |   12 Comments  |  shortlink: http://bokardo.com/p/714

According to Businessweek, Facebook may soon be changing its new Beacon feature, which shares personal information (if not identifying you personally) with 3rd party sites outside of Facebook. I wrote about the feature in Facebook’s Brilliant but Evil Design

Interestingly, most people, including the group MoveOn.org, seem worried about a different symptom of the problem than I was. Most people are worried about what happens when the shared information gets back to Facebook, and their Facebook friends see their outside activity. For example, if someone rents Footloose on Blockbuster.com, all their friends on Facebook will see it. I personally think that Footloose is a brilliant movie, but some people might be embarrassed by their friends seeing they rented it.

My main concern was that Facebook and Blockbuster were talking at all.

Imagine this offline scenario. You walk into your local cafe and buy a Maxim (or whatever the woman’s equivalent is). You’re then out with your wife/husband later that day and walk into the nearby Starbucks. The barista says “Hey, I noticed you bought Maxim, how about a nice double-peppermint mocha doohicky as well?”. You then have to explain to your wife that Maxim is completely harmless, no nudity, real beauty, respect women…etc…painful…etc. You also then have to have words with both the cafe and Starbucks because they were sharing information. This is exactly what Facebook and its partners are doing. We wouldn’t accept this in our downtown, so why should we accept it online?

(another thing, this might be what advertisers do all the time with 3rd party cookies. I have them turned off in my browser, but it doesn’t mean I’m 100% protected.)

What Facebook is doing is wrong: It’s not acceptable for Facebook to share information with 3rd parties without explicit consent. For long enough they’ve toed the line…sharing information with 3rd party apps. But you have to explicitly click “yes” to those relationships, and since apps are within the Facebook world we have more of a feeling of transparency (whether or not we should is another question).

When I do business with someone, even if its as simple as renting a movie or buying a magazine, I expect a certain level of privacy. I expect businesses to keep my personal activity to themselves. It’s a common social norm, is it not?

Here’s a simple solution that Facebook might try:

  • When sharing information outside of Facebook: opt-in only. The default must be that a person has to give explicit consent. If they do nothing, their information is not shared.
  • When sharing information within Facebook, it’s OK to opt-out. The default can be inclusion and sharing, as long as Facebook doesn’t share beyond its walls.

Oh, and of course we need a global “No Thanks!” button that turns everything off completely. Click that once and you’ll never be asked about sharing information again.

For the record, this is the policy that I’ll be recommending when consulting on social design projects in the future.

Now, I realize that Facebook can do whatever the heck their privacy policy and terms of service say they can do. But absolutely nobody reads those documents…its not explicit consent by any means. And, more to the point, it’s just shady business. Doesn’t Facebook want a strong, trusting relationship with the people who use its site? Or is selling information to 3rd parties more important?

If Mark Zuckerberg truly wants to build a system of “trusted referrals”, he needs to make some changes.

In a more general sense, this is the tip of the iceberg. This is one of the most important design issues of the next decade. Facebook isn’t even the first to run up close to the fence. But they are way ahead of most integrated social systems technologically. When others catch up they’ll be tempted by the same fruits.

As Doc Searls says, it’s time we set some clear ground rules now, so at the very least we don’t have anybody accidentally notified that we like Footloose.

Links to this Post

Comments

1.  Asi 7:43am, Thu 29th, 2007

Absolutely right and your solution is brilliant in it’s simplicity, fairness and common sense.

I really do hope that Mr Zuckenberg will be keen to make facebook users happy as much as he is keen to make advertisers happy or to claim to get the holy-grail of social advertising (trusted referrals)

A.

2.  Bart Stevens 8:40am, Thu 29th, 2007

Josh,

Early next week, we (the VRM gang) will have a meeting during IIW 2007 in Mountain View, to discuss this topic. You are right, the consumer needs to be aware (and maybe even protected) by people like you and me that this is happening.
Check out my blog, where I will post updates on next steps in the VRM space
Cheers

Bart

ichoosr.com/blog

3.  Jefferson Fletcher 1:18pm, Thu 29th, 2007

Taken from the post:

“Now, I realize that Facebook can do whatever the heck their privacy policy and terms of service say they can do. But absolutely nobody reads those documents…its not explicit consent by any means.”

Agreeing to terms of service actually is explicit consent to large degree. I do think it’s safe to say the majority of people don’t read those user contracts to the letter, but the company tendering said contract isn’t at fault for that.

The feeling of control we have over the communication and content faucets in social networking are nice. But Facebook (like others) is in this thing to make money. Marketing networks have shared informtion for decades while offering minimal control, let alone opt-in/out options, to their members. It makes sense to hear more voices of appallment about this now that we belong to these instant and transparent networks. I’m just surprised at the types of things people are being offended by in this age of blatant self-expression.

Facebook talking with outside companies has to be expected to grow the business. If I complete a movie quiz, then get a message or coupon from Blockbuster as a result, is that a big deal? Does the inverse example that Josh talks about above actually happen without consent, even if that consent is buried in a terms of use agreement?

I’m really not trying to play devil’s advocate here. If anything I’m trying to better understand 1)how many Facebook users are miffed about this? 1 percent? 10? 50? 2)Specifically why are people so upset? Because of hypotheticals, or because of actually embarassing or identity/privacy threatening situations?

4.  Joe 12:05pm, Fri 30th, 2007

Wow that is totally unacceptable. I think this demonstrates companies like Facebook creating functionality without thinking of the implications first. The Maxim example is funny but scary – I would be in some trouble!

5.  Pauric 7:40am, Sat 1st, 2007

The interesting aspect of this, for me, that I dont see reported on specifically is how the community is forcing change back to more privacy. Its hard to see that happening as swiftly, if at all, in the real world (the starbucks-maxim example)

So, while I agree this is a huge design issue. Users have the power to rebel and force change in their virtual communities.

6.  AndreL 11:55am, Sat 1st, 2007

Another Facebook feature that I find offensive to my privacy is the Mini-Feed that shows every little activity I do with my account.
Ok, there’s the hide button, which allows you to hide some of your activities, but that’s not the solution. Every time a I do something, that becomes public to everyone. It’s very annoying. The users activities should be private by default.

7.  Elena 11:29am, Mon 3rd, 2007

People’s lack of respect to their own and others’ privacy is really quite revolting.

8.  Brad Fults 4:03pm, Mon 3rd, 2007

Above, Jefferson Fletcher misunderstands the gist of the complaint/warning. Specifically, the question is not whether Facebook can legally share information with third parties based on a user’s acceptance of terms (even if the user does not read them); the complaint is that Facebook is possibly betraying the trust of its loyal users. The problem is a philosophical and social one, not legal.

As for the issue itself represented by Josh Porter, I agree that an opt-in-only policy would probably do more to keep the trust of skeptical users, but I’m not convinced that it’s a large enough problem to necessitate such action.

Even given your scenario of buying a Maxim magazine, I’m inclined to say that anyone who is in that situation needs to first and foremost reexamine their relationship with their wife rather than worry about merchants catering to their unhealthy paranoia. The new technological openness ushered in by the latest generation of social web applications is meant to mirror the social openness of Generation Y and the shedding of outdated paranoid values.

I, for one, think that it’s incredibly useful that Yelp and others can send data to my Facebook account. If I make a purchase that I don’t want people to see (likely only if I were buying a surprise gift or something — prudish secrecy is irrational and destructive) then I can just remove the story when Facebook’s notice shows up or remove it from my news feed later. In other words, the low barrier to removal combined with the high potential value and undeniable trend toward rational social transparency make me conclude that this feature is not harmful or dubious to the degree implied in the above article.

9.  Ryan 5:56pm, Mon 3rd, 2007

Beacon is now opt-in, they made changes last week. Read the news.

10.  videolar 9:11am, Fri 7th, 2007

My mum says, ” Don’t spend time with face book study your text book.”

11.  ailaG 9:18am, Fri 7th, 2007

As I understand, Facebook did not send information to 3rd parties, but rather – the 3rd parties sent information to Facebook. But I may be wrong about that.

AndreL – You can edit your mini feed. Go to privacy > mini feed and to application editing (btw, when you add an app it ASKS you whether it can write to your mini feed. Facebook asks it, not the app)

12.  family 10:59am, Mon 4th, 2008

The feeling of control we have over the communication and content faucets in social networking are nice. But Facebook (like others) is in this thing to make money. Marketing networks have shared informtion for decades while offering minimal control, let alone opt-in/out options, to their members. It makes sense to hear more voices of appallment about this now that we belong to these instant and transparent networks. I’m just surprised at the types of things people are being offended by in this age of blatant self-expression.

Add Your Comment

Accepted tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> .

Preview...

If your comment contains links, or if it is your destiny, your comment may not show up immediately. I'll approve it as soon as I can. (I delete dozens of comment spams per day)

Get updated when someone posts a comment: Comment Feed