Facebook has been left red-faced after having to admit that it hired a PR agency to plant negative stories with the press about privacy concerns on Google.
The irony is, of course, that Facebook is hardly a shining example of how an online firm should protect its users' privacy.
Here's what happened:
* Facebook secretly hired giant public relations firm Burson-Marsteller to seed stories in the media about privacy concerns with Google Social Search.
The Social Search feature of Google scours the web for publicly available information about you from sites such as Twitter, Yelp, Picasa, and FriendFeed, and displays it in the search results of your online friends.
* Facebook's plan backfired badly when Burson-Marsteller approached former FTC investigator and blogger Christopher Soghoian offering him the story, but refusing to reveal who its client was. An unimpressed Soghoian published the email exchange.
Amid much speculation, The Daily Beast news website revealed that the firm pulling Burson-Marsteller's strings was Facebook.
* Facebook confirmed it had hired PR firm Burson-Marsteller to promote the company's position against Google's Social Search facility and admitted that it should have presented the issues in a "a serious and transparent way".
This wouldn't necessarily have been a problem, if the PR agency had been up-front that it was representing Facebook when pitching the anti-Google stories in the first place. What is seedy is that Facebook's involvement was deliberately hidden.
This whole story reeks of poor judgement by Facebook and its PR agency.
And it's rather hypocritical for Facebook to point fingers at possible questions over Google's attitude to privacy, when its own house is in such a mess.
For instance, Facebook recommends that users adopt privacy settings that can reveal their personal data to anyone on the internet.
Don't believe me? Read the small print in Facebook's privacy policy:
"Information set to 'everyone' is publicly available information, may be accessed by everyone on the Internet (including people not logged into Facebook), is subject to indexing by third party search engines, may be associated with you outside of Facebook (such as when you visit other sites on the internet), and may be imported and exported by us and others without privacy limitations."
"The default privacy setting for certain types of information you post on Facebook is set to 'everyone.' You can review and change the default settings in your privacy settings. If you delete 'everyone' content that you posted on Facebook, we will remove it from your Facebook profile, but have no control over its use outside of Facebook."
In other words, if you make your Facebook information available to "everyone", it actually means "everyone, forever". Because even if you change your mind, it's too late - and although Facebook say they will remove it from your profile they will have no control about how it is used outside of Facebook.
If Facebook really cared about your privacy online, wouldn't it recommend more privacy-conscious settings and not default to sharing your profile information with search engines?
If you're interested in being safer on Facebook, read more about the security and privacy challenges that exist for Facebook users. You could also do a lot worse than follow the advice in our step-by-step guide for better security and privacy on Facebook.
And, if you're a regular user of Facebook, be sure to join the Sophos page on Facebook to be kept informed of the latest security threats.
Follow @gcluleyFull disclosure: Parts of Sophos, although not Naked Security, use Burson-Marsteller on some PR projects.
i think they should have spent more time fixing there own privicy problems then to worry about Google. Google does a variety of things but i think that it has better privacy in your Gmail then it does with your facebook. anyways, why would they admit to something that they tried to keep secret? and why would facebook attack google? is it that facebook is jealous of there competition?, is it Google is invading there privacy?
I think I'm going to advocate lying about things in regards to certain info required on Facebook. If they are going to insist on sharing my info with the world, I'm going to make sure it's poisonous.
And they still get to count you among their numbers, and comb enough information from your likes and your friends' likes to paint an accurate enough picture. You don't seed your feed with pretend friends and join groups and fan pages you don't really like just to throw them off the trail, do you? You're not really fooling them, you're fooling yourself.
Facebook is not indispensable. If you don't like their practices, just leave.
I really wonder if Facebook's motives were more to deflect attention away from themselves by pointing the finger at a bigger target--so they didn't have to worry about as much pressure to fix their own problems.