Canada Reigns In Facebook
August 27, 2009 8:08 PM   Subscribe

Facebook agrees to privacy changes [Flash video | article].

After an investigation by the Office of the Privacy Commissioner of Canada, which found that Facebook gave "confusing or incomplete" privacy information to subscribers and gave developers "virtually unrestricted access to Facebook users’ personal information", Facebook has agreed to address the Privacy Commissioner’s concerns.

“These changes mean that the privacy of 200 million Facebook users in Canada and around the world will be far better protected.” - Privacy Commissioner Jennifer Stoddart.

"The notion that some teenager, working in a basement halfway around the globe, that could have access to all of this personal information was unsettling, to say the least." - Elizabeth Denholm, Deputy Privacy Commissioner.
posted by shoesfullofdust (43 comments total) 2 users marked this as a favorite
 
Go Canada!
posted by chunking express at 8:15 PM on August 27, 2009


[Facebook] gave developers "virtually unrestricted access to Facebook users’ personal information"

Be as this may, you do have to sign off on it for every single app you add:

Allowing [app] access will let it pull your profile information, photos, your friends' info, and other content that it requires to work.

So teenages working in basements halfway across the globe (?) could only have access to the personal information of those that explicitly allowed it.
posted by Dysk at 8:17 PM on August 27, 2009


I'm gonna wait till after Facebook renegs with zero repercussions before I form an opinion.
posted by Sys Rq at 8:21 PM on August 27, 2009 [2 favorites]


...and obviously, that needs to be coupled with the control you have over what information can be passed to friends' applications:

You can use the controls on this page to limit what types of information your friends can see about you through applications. Please note that this is only for applications you do not use yourself
posted by Dysk at 8:22 PM on August 27, 2009 [5 favorites]


So teenages working in basements halfway across the globe (?) could only have access to the personal information of those that explicitly allowed it.

Read it again: signing off on applications means not only your information, but "your friends info" too.
posted by Corduroy at 8:23 PM on August 27, 2009


That's true, too. Should have previewed.
posted by Corduroy at 8:23 PM on August 27, 2009


So teenages working in basements halfway across the globe (?) could only have access to the personal information of those that explicitly allowed it.

Actually, one of the problems was that the app you authorized could also see the personal information that you could see... meaning that your friends who hadn't authorized the app were also visible to it.
posted by fatbird at 8:51 PM on August 27, 2009 [1 favorite]


fatbird, see my previous comment - you can control exactly what information can be passed to friends' applications.
posted by Dysk at 8:53 PM on August 27, 2009


As long as I can play Bejeweled and post my high scores, I don't give a crap what kind of information I have to turn over!
posted by The Deej at 8:54 PM on August 27, 2009 [1 favorite]


I just wait for the day when Facebook lets me block ALL applications ALL the time. Every day I have to block another iteration of "Mafia Zombie Wars Lil Flower Donate Tribute Cancer Lady Gaga Lyric Poker Astrology Twilight Tamagotchi Warrior Dog Cat Puzzle Drink Sender Smiley Makeover Prayer How Well Do you Like Snorkling Anteater Bible Passage Horses Quiz".

And every time, a little part of me dies.
posted by SassHat at 8:57 PM on August 27, 2009 [5 favorites]


mazola likes this.
posted by mazola at 8:59 PM on August 27, 2009 [1 favorite]


SassHat, if you go to the link from my earlier comment you can elect to "not share any information about [yourself] through the Facebook API" which disables the very platform upon which apps are built.
posted by Dysk at 9:00 PM on August 27, 2009 [1 favorite]


Future conversations between Canada and Facebook:

Canada: Your site just doesn't have the privacy we need.
Facebook: we are on the 1.3 code. Trust us, version 2.0 will fix everything.
Canada: How long until 2.0 is ready?
Facebook: Six months.
Canada: OK then.

Six months later:

Canada: Your site just doesn't have the privacy we need.
Facebook: we are on the 1.4 code. Trust us, version 2.0 will fix everything.
Canada: How long until 2.0 is ready?
Facebook: Six months.
Canada: OK then.

Six months later:

Canada: Your site just doesn't have the privacy we need.
Facebook: we are on the 1.5 code. Trust us, Trust us, version 2.0 will fix everything.
Canada: How long until 2.0 is ready?
Facebook: Six months.
Canada: OK then.

Six months later:

Canada: Your site just doesn't have the privacy we need.
Facebook: we are on the 1.5 code. Trust us, version 2.0 will fix everything.
Canada: How long will until 2.0 is ready?
Facebook: Six months.
Canada: OK then.

I could keep going, but you get the picture.
posted by Antidisestablishmentarianist at 9:06 PM on August 27, 2009 [2 favorites]


Brother Dysk: thanks for that tip but, practically, who would ever have found that (or even thought to have found that)?

That access to info should be opt-in by default, not opt-out.
posted by mazola at 9:06 PM on August 27, 2009 [1 favorite]


Slightly off-topic, but the facebook purity greasemonkey script does an excellent job of blocking those annoying quizzes.

Less off-topic, the ACLU of Northern California has a Facebook quiz of their very own for you.
posted by gingerbeer at 9:28 PM on August 27, 2009


Canada Reigns In Facebook

YES! CANADA IS LORD OVER ALL FACEBOOK.

Check yo'self. T.Y.
posted by grobstein at 9:31 PM on August 27, 2009


I'm gonna wait till after Facebook renegs with zero repercussions before I form an opinion.

These guys are like a cigarette company. This is just the beginning of something long, weird and convoluted ...
posted by philip-random at 9:40 PM on August 27, 2009


mazola: thanks for that tip but, practically, who would ever have found that (or even thought to have found that)?

Checking the privacy settings should be the first thing you do on any site that you enter personal information into...
posted by Dysk at 10:12 PM on August 27, 2009


Checking the privacy settings should be the first thing you do on any site that you enter personal information into...

I suppose that's right and I suppose this underscores why.

I just thought I was being attentive to what I was allowing and this 'applications' section ran completely under my radar. I don't use apps so why on earth would I expect to manage a section for apps installed by others?
posted by mazola at 10:27 PM on August 27, 2009 [1 favorite]


Perhaps I'm missing something. When I allow an application to access information, I am not allowing the author the same access. When an application describes itself as, say letting me create quizzes for friends, I would assume that I'm giving it access to the information it needs to create quizzes for friends. So in this case, I would assume that I'm giving it access to my friends list.

Unless of course the description of the app is that it "lets you create quizzes for your friends, and gives access to your 'friends only' photos to the teenager, working in a basement halfway around the globe, who wrote the app".

I don't trust those assumptions (or Facebook), so my actual behaviour there is a lot more paranoid.
posted by GeckoDundee at 11:01 PM on August 27, 2009


GeckoDundee, the problem is that Facebook doesn't require app developers to have a privacy policy, nor do they really check to make sure they follow Facebook's Terms of Service, so all that's preventing a developer from writing a quiz app (or whatever) that also acts covertly as a datamining tool to generate salable data are his scruples, and the off-chance that someone might get suspicious and convince the Facebook boffins to check what's going on (assuming they can even do that - I have no idea how their API works).
posted by Dysk at 11:21 PM on August 27, 2009 [2 favorites]


Hey, remember when Facebook didn't have any godawful app clutter?

Or tweens? Or grandmothers?

And that was the whole reason you signed up in the first place?

What the fuck happened to that Facebook?
posted by Sys Rq at 12:10 AM on August 28, 2009 [3 favorites]


Never install any of those applications, so I've been wondering:
When those "Friend is requesting help with Mafia Zoo Have a Drink Here's a Hug application", are they actually just hitting the "Ask everyone one of the people you have as Friends" button or are these targeted requests?
posted by madajb at 12:14 AM on August 28, 2009


Almost certainly the latter. Some apps will even throw stuff like that into the 'feed' (as opposed to when you get requests that need dealing with to go away) automagically (so long as you haven't explicitly disallowed app access to your feed in your settings).
posted by Dysk at 12:20 AM on August 28, 2009


Allowing [app] access will let it pull your profile information, photos, your friends' info, and other content that it requires to work....

...as well as all sorts of other content that it doesn't require.
posted by rokusan at 2:40 AM on August 28, 2009


What the fuck happened to that Facebook?

Mark Zuckerberg said "I wanna beeee profitable like TWITTER YAAA!!!"
posted by cavalier at 3:46 AM on August 28, 2009


The way it's been going for the past two years or so, it's more like it's aspiring to MySpace (but with Twitter-esque functionality for status updates thrown in).
posted by Dysk at 3:57 AM on August 28, 2009


An associated issue has been what, exactly, Facebook considers an application. Damn near any stupid thing you might want to do on Facebook seems to be a 3rd-party application...Wanna take that silly "What kind of pasta are you?" quiz your mom sent you an invitation to? Hey! It's an app that you have to sign-over your info for.
posted by Thorzdad at 4:36 AM on August 28, 2009 [1 favorite]


"Canada reins in Facebook is what you meant, I believe.
posted by wfitzgerald at 4:45 AM on August 28, 2009 [2 favorites]


You can disable all applications. But criminy if I want to play a game, I shouldn't be giving the app access to all of my friends' information. That is the part that galls me. I cannot control what my friends agree to and I don't want to not use any apps. I ought to be able to agree to give up my info without giving up my friends' info beyond my friends list. In addition, I should be able to limit the app's access. I don't understand why it needs access to anything beyond friends lists and wall postings.
posted by Librarygeek at 6:26 AM on August 28, 2009


Thanks Canada.
posted by furtive at 6:34 AM on August 28, 2009


But criminy if I want to play a game, I shouldn't be giving the app access to all of my friends' information.

It will only access the information of friends who have chosen to allow their friends' apps access.

But yes, it is utterly idiotic that you can't limit the access an app has, beyond saying that it can't do any publishing anywhere (it will still be able to read all your information). The application privacy settings ought also to be more visible, and you should be forced to go through it upon signup, before you can use the site.
posted by Dysk at 7:04 AM on August 28, 2009


Basements. Feh.
posted by stevil at 8:01 AM on August 28, 2009


I already have set the API settings as completely private. I just don't want to see in my newsfeed the fact that my mom's cousin sent her ex-boyfriend's sister a Tequila Sunrise Care Bear. And the newsfeed options only let me re-enable applications, not block all of them.
posted by SassHat at 12:11 PM on August 28, 2009


SassHat, my mistake, I thought you were wanting to block application invitations...
posted by Dysk at 12:45 PM on August 28, 2009


It will only access the information of friends who have chosen not to disallow their friends' apps access.

FTFY.
posted by Sys Rq at 1:08 PM on August 28, 2009 [1 favorite]


(not much of a choice either, so much as the default)
posted by Sys Rq at 1:09 PM on August 28, 2009


Sys Rq, if you choose to use the platform, which is run by a for-profit company, you should know that they don't have your best interests at heart. I still maintain that (for profit or not, but especially in the case of the former) whenever you're throwing personal details into any web form, you should already have checked the security policy and settings.
posted by Dysk at 4:49 PM on August 28, 2009


Oh, I agree, even without that "web" in there. Don't get me wrong.

It's just that an awful lot of people are an awful lot of stupid, and for Facebook to expect them to be so cautious that the defaults should favour the app authors—well, it's negligent at best and downright nefarious at worst.
posted by Sys Rq at 5:07 PM on August 28, 2009 [1 favorite]


Thanks for all the useful (and somewhat scary) information, Brother Dysk. I think it would be a scandal though if it turned out that the Facebook API let's apps send data to the creator. Is there anyone here who knows the API well enough to comment?
posted by GeckoDundee at 5:21 PM on August 28, 2009


Gecko, The apps run on the app's creators' (developers') servers, store data in the developers' databases, etc. Any data an app has access to, I as a developer could also access, and copy to whatever location I wanted to. An API that would allow completely custom apps that could interact with your data and yet also not allow transmission of that data would be quite an impressive feat.

In general, I don't understand the fuss. Facebook is not by any means a necessity for anyone, nor are they forcing people to post secret information. Heck, people aren't even paying them! How do people get so righteously angry about a *free* service they are *voluntarily* uploading information to? If you don't want your birthday out on the web, don't put it there! Ditto for that pic of you with the beer bong, the dirty story about your boss, your secret desire to lick toilets, etc.
posted by mrgoldenbrown at 7:06 PM on August 28, 2009


Sigh. I should have qualified my statement re: the API with an "I believe."
posted by mrgoldenbrown at 7:09 PM on August 28, 2009


I just wait for the day when Facebook lets me block ALL applications ALL the time. Every day I have to block another iteration of "I just wait for the day when Facebook lets me block ALL applications ALL the time. Every day I have to block another iteration of "Mafia Zombie Wars Lil Flower Donate Tribute Cancer Lady Gaga Lyric Poker Astrology Twilight Tamagotchi Warrior Dog Cat Puzzle Drink Sender Smiley Makeover Prayer How Well Do you Like Snorkling Anteater Bible Passage Horses Quiz".

And every time, a little part of me dies. Lyric Poker Astrology Twilight Tamagotchi Warrior Dog Cat Puzzle Drink Sender Smiley Makeover Prayer How Well Do you Like Snorkling Anteater Bible Passage Horses Quiz".

And every time, a little part of me dies.


What's even worse is when it is someone you are supposed to respect:

[your boss] has poked you with a level three tamogochi hug in Mafia Zombie Wars Lil Flower Donate Tribute Cancer Lady Gaga Wars. If you poke back now you can join [your boss]'s team and gain 500 Lyric Poker Astrology Twilight points!
posted by Meatbomb at 1:00 PM on August 29, 2009


« Older It's not a tumor   |   "And there's a creepy doll..." Newer »


This thread has been archived and is closed to new comments