Losing Faith in Facebook, One Security Setting at a Time

There goes Facebook again, igniting a privacy firestorm, this time on the cusp of the announcement of its $100 billion public offering. What’s firing people up this time? The site has been gradually releasing a new facial recognition feature, which has greatly concerned privacy experts and the public.

What does this new feature do? The tool, called “Tag Suggestions,” works as follows, according to Facebook: “When a user uploads new photos to his or her Facebook profile, the new feature then scans them with facial recognition software to match the people in the photos with other photos in which they have been previously tagged.” Tag Suggestions also provides users with group tagging — users can type a person’s name in, and then apply the assigned name to all photos of that person in the user’s profile, says a Facebook Blogpost on the subject.

Facebook justifies the change by stating that the feature can easily be turned off. All that is needed: The user will have to log into their personal account, select “Account” –> “Privacy settings” –> “Custom” –> “Customize settings” (at the end of the Custom menu). After two more steps (scroll down to the “Things others share” section of the customize settings and edit the settings of “Suggest photos of me to friends.” A pop-up window will appear, saying: “Photos: Suggest Tags.” As with nearly all of the Facebook security and overall account changes, the security setting is enabled by default. By selecting “Disabled,” (finally, after seven or so steps), users can deselect the facial recognition tag that has flummoxed so many. There are more than 1,800 user comments attached to the Facebook blog post announcing the security change — 99 percent which are negative (by my unscientific estimate).

And these users are not alone in voicing their frustration. Privacy experts and groups in North America and Europe have now joined the chorus against the settings change. European Union privacy regulators, citing the Tag Suggestions default setting, have said that they will begin to investigate Facebook — joined by the group Electronic Privacy Information Center in the United States, which is considering filing a complaint with the Federal Trade Commission over the feature. They believe that the settings should always be based on the user’s prior consent — and not automatically activated by default.

And Laurianne McLaughlin, writing for InformationWeek, describes the challenges that Facebook will likely face with the business community if privacy concerns continue to grow. She says, “While Facebook has influenced the look and feel of many corporate collaboration and wiki tools during the past few years, for the better, Facebook itself is not winning over those teams inside companies huddling over thorny business problems.” Privacy issues and security concerns, she believes, make the business community uncomfortable. Plenty of companies use Google Docs, and are growing increasingly comfortable with cloud computing. Facebook should be well positioned to reach out to the business world, but might be stymied simply because it can’t stop scaring people with every change to the site (and yes, it seems like every change stirs the pot all over again). It makes sense that users shouldn’t need to visit the Facebook blog for every site change — and why can’t Facebook send e-mails to every user announcing security and other changes?

I’ve written on Facebook privacy matters in the past — instead of trumpeting a security upgrade to HTTPS, the website stayed largely silent, despite the fact that the setting should probably have been in place all along (banks have used HTTPS for online banking for eons, and all Web-based e-mail providers have done the same thing). Why can’t a website like Facebook, prominent builder of social networks for the masses, get security measures and settings right?

Facebook, after all, could be used for social networking good, such as when the Centers for Disease Control turns to the site during epidemics. So why does the site seem so Big Brother, when it is supposed to represent fun and connectivity? And why must users jump through hoops just to ensure personal privacy? McLaughlin was right to wonder why so much personal time, advertising, and enterprise should be invested in a site that cannot seem to get its public relations image in order. Apple and Google are the top two most respected brands in the world, according to Fortune magazine, yet have had their fair share of security snafus over the years. So why is Facebook different (and why is Facebook not even in the top 50 in Fortune’s list)?

One has to wonder how many investigations and how much bad press Facebook endure will endure before its membership numbers start to drop. The site lost 6 million users in the United States in the month of May. Social media expert Paul Gillin, in a recent CNN segment, cited competitive pressures (and the ghost of MySpace) for Facebook’s consistent blunders: “They are constantly trying to innovate new services that will keep them ahead of the pack. As a result, they are constantly annoying people with some of the limits that they test.” Good point from Gillin — how many users will continue to support a business that is haunted by the past, but also views human beings are nothing more than commodities?

Brendan McKenna
Law Technology News



Leave a comment

Filed under Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s