7 posts categorized "Privacy"

Heading to Belgrade This Week for WordCamp Europe 2018 (WCEU)

Wceu 2018

If any of you will be at WordCamp Europe 2018 this week in Belgrade, Serbia, please do say hello. I'll be there starting this afternoon and am greatly looking forward to learning from many of the people involved deeply in the WordPress community.

In particular I'm looking forward to the Developing for Privacy and Data Protection session. Based on the work done in the community to help website operators comply with the European Union's General Data Protection Regulation (GDPR), this workshop will look at what comes next. I'm personally very interested to see where this will go.

I'll also be going to some accessibility workshops and checking in on topics such as caching, security and mobility that are always of interest. I also have some meetings with partners and others.

Anyway, if you're there at WCEU 2018, feel free to drop me a note.

My Report into For Immediate Release (FIR) Podcast #646

In this week's For Immediate Release episode #646, my report covered:

If you are a FIR subscriber, you should have the show now in iTunes or whatever you use to get the feed. If you aren't a subscriber, you can simply listen to the episode online now.

If you found this post interesting or useful, please consider either:

Three Critical Reasons High Schoolers Should Restrict The Privacy Of Their Facebook Pages

Tonight purely by accident I stumbled upon the Facebook page of a student I know at one of our local high schools. I didn't know he was on Facebook but he had commented on a post in my NewsFeed by someone who turns out to be a mutual friend.

Curious to know if it was the person I thought it was, as his Facebook profile picture was not a photo of him, I clicked on the link to his name expecting to see the standard "basic info" you see for everyone and then the privacy message that usually greets you:


Instead, I saw everything...

Walls Wide Open

His Facebook "Wall" was wide open for all to see.  Anyone. I saw all his posts... all his photos... all the comments between him and his various friends. I clicked on the Info link and learned all about where he goes to school (which I knew), his musical tastes, the sports he likes, movies, television shows, games, religious views...

And I got to see all of his friends...

... probably a good half of whom ALSO had wide open walls.

In the course of maybe 10 or 15 minutes of flipping around, I learned a good bit about some of the region's high school age students, saw a whole bunch of photos, read a few conversations that probably weren't meant to be public (or at least to be read by 40+ year-old men sitting at home on their computers)...

...and generally got increasingly concerned about the amount of information these students were perhaps inadvertently disclosing about themselves and their lives.

Now, this is, after all, what Facebook seems to want. They generally default to public sharing, and so if you don't take active steps to protect your privacy, all your content will be shared with the world. And while some people are quite okay with that, I'm personally not.

If I could say anything to these high schoolers or their parents - and to all the others reading this post, it would be that there are three critical reasons why you might want to think about restricting your Facebook privacy a bit more.

1. Security

The most obvious one is the security angle. There are a lot of sickos out there. I've been online for now almost 30 years and I've seen all sorts of seriously warped stuff... information security has always wound up as part of what I've been involved with, and some of what I've had to do has taken me to seriously vile and heinous parts of the Internet.

There are warped people out there. There are thieves and scammers and fraudsters and perverts and others who prey on people online. They've always done this... Facebook just makes it ultra-easy to do. They can start commenting or "liking" your posts and photos. Striking up friendships. Sending you messages. Wanting to meet, etc., etc.

With your wall wide open, you are giving them all the info they need for "social engineering" to know exactly what to say to you. They know the music you like, the TV shows you like, etc. They've seen your photos, so they know what you look like, what you like to wear, etc. It's insanely easy for them to gain your confidence and trust.

You are also giving them your location. You are letting them know where you are, what you are doing. It's a wonderful way that your friends can know where to meet you (and it is. I personally use it that way.)... it's unfortunately also a way for a stalker to find you. And sure, it may not ever happen in your town/city, but why give out all this info when you don't really need to?

You also give away where you are not. Believe it or not, people's homes have been robbed after they were posting publicly about going away from their homes.

Location info... and really all this personal information... is really best shared only with those you trust.

2. Employers Check Facebook

The second reason to restrict your info is because if you are a high school student looking for even a part-time job, guess what that potential employer is going to do?

Yes, they (or at least the smart ones) are going to search for you on Google and Facebook and see what turns up.

In 2012, you're pretty crazy as an employer if you are NOT doing background checks on the Internet. Who needs to call references when you can just go to a search engine and learn more about potential employees than you probably ever wanted to know? (including all the "stupid sh__" they did last weekend?)

It's real. It happens. And stuff lives on in Google's caches far longer than you would ever think.

3. Colleges Check Facebook

In a similar way, college admission officials check Facebook. (Another article claims 80% of colleges use Facebook in recruiting.) Need I say more?

If you are in the process of applying to colleges, you probably don't want admissions officials reading your wall conversation with a friend where you are trashing one potential college and talking about another. Nor do you potentially want them seeing your writing, spelling, photos, etc. (unless, of course, it's awesome and might help you get into a school).

Managing your "online reputation" is something that you have to start thinking about NOW.

How To Close The Walls

To start, the best thing to do is to go into Facebook's "Privacy Settings" that, today, anyway, are found in the drop-down arrow next to your name in the upper right corner of the web version of Facebook:


Facebook unfortunately has a way of changing these settings around from time to time. But if you go down to "Privacy Settings" you'll get the window you see below, where you can make two important changes:

  1. Set your default privacy to "Friends".
  2. Change all past posts to be set to "Friends".


Note that when you click that "Manage Past Post Visibility" you'll see a window pop up that warns you that all posts shared with friends or the public in the past will be restricted. Then you'll get ANOTHER window just confirming that you really, really want to do this and warning you that you can't undo it and will have to manually change it on each post if you want to share those posts publicly again. Finally, you'll be able to change the setting.

You may also want to click "Edit Settings" next to "How You Connect" and restrict who can find your profile, who can send you messages, who can write on your timeline, etc. Here are my settings, which I have changed from whatever Facebook sets as the default settings (probably "Everyone" for all of them):


If you do these three steps,

nothing will really change for you on Facebook!

You'll still be able to interact with your friends. You'll still be able to write on each other's walls. You can still tag each other in photos, send each other messages, etc.

It's just that now when anyone who isn't your friend goes to see your Facebook profile... whether they are other students who aren't your "friend", parents of other students, potential employers, college admission officials... or sick creeps... or just random people out on the Internet... all they will see is this:


All that other personal information stays within the circle of the people you have accepted as "Friends" on Facebook.

And YOU are in control of what employers, college admission officials and everyone else sees.


  1. These privacy settings do not completely remove the chance your info can be publicly disclosed. Your info and photos go out to your Friends' Newsfeeds, and they can then in turn "share" your info out to other people... and somewhere along the way may be someone whose settings are more public. However, you are greatly restricting the potential of that with these settings.
  2. There's a separate conversation that could be had about how you could selectively post certain items publicly to create a public profile that would actually be positive for employers/colleges to see.  For instance, notes about awards you've won, volunteer activities you've accomplished, great photos you've taken or articles you've written, etc.  But again, you are in control of that information.

If you found this post interesting or useful, please consider either:

Jason Calacanis, Facebook, Privacy and the Open Internet

Last week Jason Calacanis ripped into Facebook and privacy in his typical "hold-nothing-back" style:
The Big Game, Zuckerberg and Overplaying your Hand

He brings a poker spin to the Facebook story and states how Facebook is, in his opinion, "overplaying" its hand:

The biggest mistake most new players make at poker is overplaying their hand. They spend so much time thinking of the ways they can win that they forget all the ways they can lose. Overplaying hands can affect even the most seasoned players, especially after they’ve won a couple of hands in a row.

He goes on to chronicle instances of this, list out companies that he views as getting screwed by Facebook right now and link to a good number of recent stories about Facebook's problems.

As a long-time advocate writing about the need for an "open internet", and someone who has been writing about Facebook and the dangers of its privacy policy and Terms of Service, I was pleased to see Jason's advocacy of "an alternate path":

The Web and HTML grew into the juggernaut they are today because they’re based on open standards that everyone can buy into. No one player has control or dominance over anyone else. Facebook’s very obvious goal is to use the their social graph dominance to control the future of advertising and attention on the Web. Why on Earth are we supporting this?


It’s time for the good people of the world to stand up against Facebook. It’s time to build and support OpenID and the creation of an truly open social graph. It’s time to force Facebook to allow open data portability. It is our data, after all. The road map for the open web has been laid out and supported by the “good guys/gals” at OpenID, Google, Twitter, Open Social and countless others who don’t feel the need to control the industry and manipulate our customers.

He's right on target... although I'm not entirely sure I'd include Twitter in his last sentence (I've written about how both Twitter and Facebook violate "The Internet Way" from an architecture point-of-view). I'll admit, though, that Twitter has not necessarily espoused the grandiose aims of Facebook to own all our content and attention.

We do need open solutions... distributed, decentralized and most importantly... letting us be in control.

I can't help but think back to over 10 years ago when many of us were involved with a similar battle with regard to operating systems... and Red Hat's CEO Bob Young had his proverbial question:

"Would you buy a car with the hood welded shut?"

And the follow-on:

We demand the ability to open the hood of our cars because it gives us, the consumer, control over the product we've bought and takes it away from the vendor. We can take the car back to the dealer; if he does a good job, doesn't overcharge us and adds the features we need, we may keep taking it back to that dealer. But if he overcharges us, won't fix the problem we are having or refuses to install that musical horn we always wanted -- well, there are 10,000 other car-repair companies that would be happy to have our business.

In recent years, we've given up much of that control for the sweet call of utter simplicity. Facebook is incredibly easy to use... anyone can get set up, start communicating with friends, and more... the price of that simplicity is that we turn over control of our interactions, our contacts, our photos and our data to a single corporation that does not necessarily appear to have our best interests at heart.

Is the simplicity worth it?

Can we find a better way?

Can we embrace a more open solution? (As messy as it may initially be.)

Remember... email started out in walled gardens of simplicity, too... as the idea of email matured, we broke down the walls and got to a place where you could control where your email server was. It's time we look at how we do that on the social networking side.

The time is now.... can we do it?

P.S. Might Diaspora be a way forward? Maybe... time will tell... right now it's just an idea...

If you found this post interesting or useful, please consider either subscribing to the RSS feed or following me on Twitter or subscribing to my email newsletter.

NY Times illustrates Facebook's "bewildering tangle" of privacy options

If you haven't seen this graphic from the NY Times piece, "Facebook Privacy: A Bewildering Tangle of Options", you really should check it out (click on the image to see the full graphic):


The piece notes:

To manage your privacy on Facebook, you will need to navigate through 50 settings with more than 170 options.

And this is to make it simpler?

The companion NY Times article, "Price of Facebook Privacy? Start Clicking", is worth a read as well, pointing out for instance that the text of Facebook's Privacy Policy is longer than the text of the US Constitution! :-)

If you found this post interesting or useful, please consider either subscribing to the RSS feed or following me on Twitter or subscribing to my email newsletter.

Facebook for iPhone 3.1 - ALL your *iPhone* contacts belong to us! (HUH???)

facebookforiphone.jpgAfter installing the brand-new version 3.1 of the Facebook for iPhone application, I started to enable the "Sync" feature to sync my Facebook contacts with my iPhone contacts, when I was VERY put off by this warning screen shown on right:

If you enable this feature, contacts from your device will be sent to Facebook and your friends' names, photos and other info from Facebook will be added to your iPhone address book. Please make sure your friends are comfortable with any use you make of their information.


Obviously the app has to send my iPhone contacts up to Facebook so that Facebook can match up the contact info with the names of my friends in Facebook.

But then what?

Does Facebook then ignore my contacts? Are they stored in Facebook's giant databases? Will they all be spammed with info about joining Facebook? ("Dan York is on Facebook, why don't you join?")

I looked for some kind of privacy policy or other info in the Facebook app... on the iTunes page, on the page for the Facebook for iPhone app. I can't find one anywhere.

I do have people in my iPhone address book who have given me private/unpublished numbers. I'm not really comfortable having all that data sent up to Facebook if I have no idea what they are doing with it.

What's the deal, Facebook?

If you found this post interesting or useful, please consider either subscribing to the RSS feed or following me on Twitter or identi.ca.

The Incredible Danger of Facebook's New Privacy Policy - And How to Protect Yourself

facebook.jpgLet's be very clear. No matter what the blog post or letter from Mark Zuckerberg may say (or update blog posts), Facebook's new privacy settings have far less to do with "making privacy simpler" than they do with one simple fact:
Facebook has "Twitter-envy".

Twitter is essentially the center of the public "real-time web" and is getting all the attention, hype and buzz. Facebook is not getting that attention and wants to be your single portal to the Internet.

Facebook wants you to share your information PUBLICLY.

The new "Privacy Policy" is not so much about protecting your privacy as it is about getting you to make more information public.

Let's be clear. THAT is the goal. If Facebook were serious about making it easier to protect your privacy, the recommendations would be different. The "making privacy strong" theme is spin. And judging by articles I'm seeing in the mainstream media, it's working. Now, to be fair, there are some improvements, like the ability to change the privacy settings of each post you make, but that improvement is overshadowed by the larger danger.


The fundamental issue is that when you are brought into the new "privacy transition tool", the "recommended settings" are that you share all your status updates, links, photos, videos and notes publicly. Not just with other Facebook users, but with the entire Internet. By accepting the recommended settings, you are agreeing to make all the info you put into Facebook accessible through search via Google, etc.:


So all those silly status updates you wrote? Found in Google. All those "private" photos of your family that you previously just shared with friends? Found in Google. All those longer notes that you were sharing with your friends? Found in Google. Whether or not you are single or married? Found in Google.

It is a fundamental shift in information sharing from being inside a private walled space to being in an open public space.

Everything you publish - available to everyone on the Internet.

The danger I see is that many, if not most, people will simply accept the recommended settings. And suddenly information they thought was kept more private will be shared with the world.


My recommendations are very simple:

1. Do NOT accept the recommended settings. Choose "Old Settings" in the Transition Tool.

2. Go into the Privacy settings and examine all settings. Click the "Privacy" link at the very bottom of a Facebook page or going into "Settings" in the upper right corner and then click on "Privacy".


3. Change who can see your profile information. Click on "Profile Information" to decide who you want to see information about you.


4. Change you can see your contact information. Click on "Contact Information" to decide who can see your contact info:


5. CHANGE WHAT YOUR FRIENDS SHARE ABOUT YOU! This is a critical one. Whenever your friends go off and play one of those games like Mafia Wars or Farmville, or take one of those zillion quizzes, they are sharing information about you, including with "game developers" who have questionable backgrounds. Everytime any friend of yours adds any Facebook "application", they are sharing info about you.

Click on "Applications and Websites" to see where you can turn it all off:


Personally, I've unchecked all of these items. If one of my "friends" on Facebook decides to start interacting with a new Facebook application, that is their choice. But I don't necessarily want that external company or organization to get all this information about me.

I admit that I find it rather annoying that Facebook provides no way in its new "Privacy Transition Tool" to change these settings. You have to go into these settings to change it.

6. Change what information is accessible via search. Click on "Search" to change whether you want your information to be found via a Google Search:


If you go through each of these panels and make sure the changes reflect how you want your information shared, you'll wind up in a much better space with regard to privacy.


There is an even greater danger to privacy lurking in the fine print:


Facebook has reclassified what is "publicly available information". Your name... profile photo... and friend list are now "visible to everyone". And guess what?

There's nothing you can do about that (except, perhaps to not use any applications).

It's just the price of using a walled garden service like Facebook where a single company is in charge.


I understand Facebook's business need to push people to share more information. They feel they need to be the center of the "real-time web"... and they feel that Twitter is in a better place to be that. But I find it annoying and frustrating that so many users are now going to find their "private" information publicly accessible out on the public Internet simply because they accepted the "recommended" settings.

Bad move, Facebook.