May 12, 2010, 3:29 PM — Let us be perfectly clear: While Facebook has received a lot of criticism lately about its new privacy policies and Open Graph concept, which allows them to partner with other sites which will also have access to some Facebook user data, Facebook isn't explicitly keeping secrets from you. But some security professionals and users continually knock the site for what they say are less-than-clear explanations about where your data is going, and how secure the site really is.
Joey Tyson, a social media security expert who maintains the site Social Hacking, says there are important data security and privacy issues happening under the radar of the Facebook experience. This is what Facebook isn't saying outright to members.
We don't want you to change your privacy settings
Facebook's privacy policies have evolved dramatically in the last few years since the site launched--see the Electronic Freedom Foundation's timeline of Facebook's privacy policies. At Facebook's inception, privacy was tightly controlled by the users. Today, there are some parts of the profile that the user cannot make private. Other parts can be made private, but not without a lot of work figuring it out. Changing your privacy settings on Facebook has recently been called "today's version of programming the VCR," by some security professionals.
"Facebook has shown they have been pushing users to share more and share more openly," said Tyson. "And while they offer the user controls, what they seem to WANT people to do is share openly and share publicly." Tyson notes that it is important not to think Facebook doesn't offer privacy. Facebook wants members to use the site, even if it is in a private fashion. But that is not their preference. As a result, if you engage many of the privacy controls, you will be asked if you really want to do it.