Facebook revamps security, privacy settings following huge data scandal

Following the Cambridge Analytica (CA) privacy train wreck that has been the past two weeks, Facebook says it’s going to reach into the 20 or so dusty corners where it’s tucked away privacy and security settings and pull them into a centralized spot for users to more easily find and edit whatever data it’s got on them.

The changes are due to arrive over the coming weeks.

It gave details in a blog post on Wednesday.

Facebook VP of policy and chief privacy officer Erin Egan credited the CA revelations for showing the company that they’ve got work to do:

Last week showed how much more work we need to do to enforce our policies and help people understand how Facebook works and the choices they have over their data. We’ve heard loud and clear that privacy settings and other important tools are too hard to find and that we must do more to keep people informed.

Last week, CEO Mark Zuckerberg announced a crackdown on abuse of Facebook’s platform, strengthened policies, and pledged an easier way for people to revoke apps’ ability to use their data.

The core of the data analytics personal data-gobbling scandal is, of course, how very, very easy it’s been for apps to get at that data. … And how precious little Facebook has done to police those apps. … And the near-nil steps Facebook took to verify that the data of 50 million Facebook users inappropriately shared with data analytics firm CA had in fact been deleted (it hadn’t).

Egan said in Wednesday’s post that the revamp of privacy and security controls has been in the works “for some time,” but “the events of the past several days underscore their importance.”

We’ve heard loud and clear that privacy settings and other important tools are too hard to find, and that we must do more to keep people informed.

The changes, not surprisingly, put the onus on users to delve into what data Facebook has on them. The changes don’t speak to the lack of vetting Facebook has put app developers through.

The security and privacy settings changes fall into these three buckets:

  • A simpler, centralized settings menu. Facebook redesigned the settings menu on mobile devices “from top to bottom” to make things easier to find. No more hunting through nearly 20 different screens: now, the settings will be accessible from a single place. Facebook also got rid of outdated settings to make it clear what information can and can’t be shared with apps. The new version not only regroups the controls but also adds descriptions regarding what each involves.
  • A new privacy shortcuts menu. The dashboard brings together into a central spot what Facebook considers to be the most critical controls: for example, the two-factor authentication (2FA) control; control over personal information so you can see, and delete, posts; the control for ad preferences; and the control over who’s allowed to see your posts and profile information.
  • Revised data download and edit tools. There will be a new page, Access Your Information, where you can see, and delete, what data Facebook has on you. That includes posts, reactions and comments, and whatever you’ve searched for. You’ll also be able to download specific categories of data, including photos, from a selected time range, rather than going after a single, massive file that could take hours to download.

Note what Facebook isn’t making it easier to find: the Doomsday button, as in, the sayonara, suckers, I’m out of here option of deleting your Facebook account and all its data entirely. (Want to know how? Carefully, and only after you’ve downloaded all your data. Here’s how.)

Pulling the Facebook plug will put you into good company: the #DeleteFacebook movement includes such luminaries as Elon Musk and comedian Will Ferrell, for example.

Though Egan didn’t say a peep about making it easier to delete your Facebook account, the BBC says that it “understands the firm also intends to make the link to fully delete an account more prominent.”

Post-CA damage control at Facebook also includes diminishing its cozy relationship with data analytics firms such as CA and AggregateIQ (AIQ), an analytics firm tied to CA that recently, allegedly left its code lying around, open for all to access.

As CNN reports, Facebook announced, also on Wednesday, that it’s cutting third-party data providers out of ad targeting by shutting down a tool that enables advertisers to target users with information gathered by external data brokers.

The tool is known as Product Categories. Graham Mudd, a product marketing director at the company, said in a statement that killing the tool should lead to greater privacy:

While this is common industry practice, we believe this step, winding down over the next six months, will help improve people’s privacy on Facebook.