How Facebook Succeeds and Fails at Privacy

I value privacy, and since you’re reading this, probably you do too! Privacy controls in social media (and — more importantly, the clarity thereof) vary greatly.

Facebook made some great strides to allow users to control privacy and examine how private their posts are. They clearly prioritize clear product text and user tools for managing privacy settings. Privacy controls for timeline posts, app access, and user profile data are clear and easy to use.

The good

Users can easily view and change the privacy level of each item in their profile. Facebook offers a tool to view your profile as public (a user not connected to you or not logged in) or to view your profile as a specific friend. (N.b.: you currently cannot view your profile as a friend-of-a-friend, or any other person you are not friends with, though their view of your profile and posts may be different than a user not logged in!)

Facebook tool to view your profile as Public or as a Specific Person (a friend).

Facebook users can add users to some default groups (e.g., Family, Acquaintances, Close Friends), or create their own custom groups of users. Posts can be shared with a particular group, named friends, or can exclude listed friends or groups.

Facebook has different icons for different (and custom!) privacy levels for posts.

Changing privacy settings for a post between Public, Friends, or Only Me requires two clicks. Changing privacy to a custom group requires four clicks and scrolling. Every member of a marginalized group on Facebook that I know uses custom groups to control their privacy. Making custom privacy controls easy is critical for both marginalized people and sensitive populations (e.g., survivors of domestic violence).

The drop-down for post privacy allows users to select Public, Friends, or Only me, but other options require additional clicks. This design discourages custom user groups, but allows for that flexibly.

Facebook offers a “Privacy Checkup” feature in the Help menu to teach users about profile and post privacy in their product while allowing users to change their settings to meet their needs. A particularly handy feature under Privacy Settings allows users to limit the audience for posts that you’ve shared with Public or with friends of friends with a single action (okay — technically several clicks with a confirmation, but I assure you it’s easy and clear).

This area also provides options for controlling how users can find you, which users can tag you in comments or in photos, and which users can write on your Timeline. (As a queer woman concerned about privacy, I restrict who can see posts I’m tagged in to a custom group of queer allies.) Buried in here is also Facebook’s Data Use Policy.

Facebook’s Privacy Shortcuts feature allows users easy access to Privacy Checkup, Who can see my stuff, Who can contact me, How do I stop someone from bothering me, Privacy Basics, and See More Settings.Fac

Just this week, Facebook released their new tool to prevent recurring instances of revenge porn.

The bad

Group and event privacy on Facebook is — in a word — unclear.

To be fair to Facebook, most of the details are available with some investigation. When you create an event, you select “Private Event” or “Public Event”, and these have relatively clear descriptions. Events indicate whether they are Private or Public, and comments about the event have descriptive text about who can “see the event” (implying that this matches who can see the comment).

Facebook event creation settings and event details. Private Event: “Only invited guests will see your event. You can choose to let guests invite friends.” Public event: “Anyone will be able to see your event and search for it, even if you’re not friends.” Event comments for private events show the above text about private events in the comments.

The Android mobile interface does not clarify that an event is public (curiously, it does indicate private events):

Facebook’s Android mobile app displays no indication for Public events, but does display “Private” for Private events.

Nowhere in the product text does Facebook indicate whether your attendance of an event is visible to people who do not attend the event, though it is implied by event visibility.

For events shared with a group, the event indicates “Event for $group”, and post privacy indicates “Members of $group”. The unstated implication again is that this event, posts, and attendance are only visible to members of the group.

The ugly

You cannot control the privacy of what you write on other users’ Pages or Timelines. While it’s easy to see on each post what the visibility of that post is (e.g., that user’s friends, family, or Public), it’s not easy to track down every place where your past activity is visible to Public. Users can also change the visibility of a post, and your comment that you thought was restricted to that user’s friends may now be visible to Public! There is no easy way to search for this, and there is no option to be notified of such changes.

The visibility of posts to tagged users (and their friends) is also unclear. With some investigation, you can find out that if a user is tagged in a post, that user’s friends can see the post (unless that user has more restrictive settings). Tagging a user in the comments of a post does not change whether a user has access to the post. Again — this behavior is not clear from product text.

You cannot control the privacy of your reactions (e.g., Likes) to other users’ posts. Notably, likes on public posts bring those posts to the attention of your friends and followers. This is ideal behavior for dank memes or every three weeks when That One Onion Article makes its rounds yet again, but exposes marginalized people.

It gets worse: Suggested User features are dangerous

All of the above aspects of privacy can be controlled by learning about and using privacy features. However, Facebook, like almost every social media product, tries to introduce you to other users with their “People you may know” feature — or as I like to call it, “Dykes you may know”.

“Suggested Users” features often use machine learning algorithms (e.g., clustering) to suggest users in your community. This tool was created to help users connect with friends and family or meet similar people. While Facebook has a setting to only allow Friends of Friends to add you, and to limit lookups and searches based on email address or phone number, Facebook’s privacy tools offer no option to opt out of exposure in their Friend Suggestion feature. Based on my experiences, I suggest to following alternative names and descriptions:

  • Dykes You Might Know: Identify queer people in your community that you didn’t know were queer! (This applies to members of other marginalized or private communities.)
  • Trade Medication With…: Introduce users to other patients with the same doctor!
  • Do ya wanna see your abuser again?: Build connections between survivors of intimate partner violence and friends of the abuser!
  • Find an FBI agent: Find FBI Director James Comey’s Instagram and Twitter accounts!

If you liked this, click the heart below to recommend this, and please share!

Mathematician; Insecurity Princess