Canada is making its mark on the international scene and applying pressure on Facebook to do more to protect users from privacy violations by 3rd party applications. At first glance Facebook’s plan doesn’t look too bad, but with further thought it clearly has some issues.
First, complexity is the enemy of security (or privacy for that matter). Facebook proposes a “Which information do you wish to share with this application” style approach to give users more control. This will work the same way with end-users as it does when Vista prompts for User Account Control, which is “What do I have to do to make this go away and finish my task?” If it was only your personal privacy at risk, you could make the argument that you have been supplied with a method of being smarter, but are too lazy to care…
Second, as a Facebook user, you will have the choice whether to share your friends’ information with third parties without their consent. So if my friends don’t care as much as I do (and they aren’t likely to), my personal information, and basically everything I am sharing with my friends and family, is open game to third party developers. This was recently demonstrated by the ACLU in a shocking way for many Facebook users.
In closing, I admire Facebook for taking the Canadian authorities’ concerns seriously, but I feel they need to go further and keep themselves a few steps ahead of the big G. Facebook acknowledges this will take them upwards of a year, and that they will pay close attention to user feedback. I encourage everyone who uses this platform to express their concerns, likes and dislikes during this process to find the right balance of fun, freedom and responsibility.
Creative Commons image courtesy of flickr photostream by Max-B