Facebook’s creepy news feed insertions are a privacy annoyance but a usability nightmare
I’ve been really annoyed lately at Facebook’s algorithm showing my comments on statuses and photos to friends of mine who aren’t friends with the original posters. I’m not entirely sure how to turn it off, but it seems that in the “Timeline and Tagging” section of the privacy settings, and change “Who can see what others post on your timeline?” to just be “Friends”. I also notice in the “Custom” section of that dropdown, there’s a checkbox for “Friends of those tagged” under “Make this visible to”. Which is all not just confusing, but unclear about what it actually does.
But we’ve had this conversation before, right? The problem with Facebook’s privacy is not even necessarily what they show, but that it’s never clear what they’re going to show to others and when. If I select the huge “Friends” button on the default privacy settings, I expect it’s only the people I’m friends with who are going to see it, not that it’s mostly friends who see it but sometimes other people might see it, depending on what it is and who’s tagged in it.
I actually don’t have much of a problem with a lot of my life being public. But I just want to know what’s going out and when and to who. I know that Facebook (and Google) thrive on people keeping public lives on the internet, but they need to do what Twitter does and keep it clear. Give us a good reason to share to more than just our friends, but don’t trick us into doing it.
My story of how Angie’s List handed over my contact info to an angry vendor
I used to wonder why reviews on Angie’s List were almost all overwhelming positive straight A reviews. After writing my first review, I now know: Angie’s List gives vendors the information they need to harass people who don’t give them good enough reviews.
The story as brief as I can keep it: I called a locksmith that I found through Angie’s List a few weeks ago to have the locks on my newly-purchased house rekeyed. When the locksmiths got there, they said that the locks that I had were low quality and suggested I replace them. I took their word for it and had them replaced with the supposedly-higher quality locks, but it made me less than happy, because it meant I ended up spending twice as much as I thought I was going to.
I hadn’t written any reviews on Angie’s List before, but I kept getting emails from them prompting me to write reviews and even got a phone call from them. So I figured I’d finally write a review of this locksmith. I gave them all As except for one B on pricing, mentioning that, while I felt that the locksmiths were being straight with me, it made me feel like I’d been upsold.
Now, while I was happy with the service, I gave them this slight blemish on the review for two reasons:
- Because ever since joining Angie’s List, it annoyed me that almost all of the reviews were straight-A reviews, which is basically worthless. Surely there was SOMEthing that was less than perfect.
- I was writing the review for other users, and I felt that people calling this locksmith for rekeying should be prepared to potentially spend more money. Maybe it’s a good thing to get advice on what to do about your locks, but it’s still something that I felt worthwhile passing on.
The day after writing the review, I get a call on my cellphone from the owner of the locksmith company. The fact that he would call me about the review was unsettling enough, but he kept talking about how they would never “upsell” someone and while they appreciated the good review, they felt that it was unrepresentative of their company. He wouldn’t let me get a word in edgewise, talking over my attempts to clear up what I meant and getting increasingly agitated. When I finally got a word in, I told him that I had written the review for other users and thought they might find that helpful. He repeated his rant and so I hung up on him.
I was pretty rattled and really angry. If he was this worked up over an almost-perfect review, what would he have done with bad reviews? And these guys are locksmiths! They not only know where I live, they know how to get in my house!
I immediately wrote to Angie’s List, asking them “How did this vendor even get my contact information? Is that something that they can get through Angie’s List?”
Just after I sent the email, I figured that what must have happened is that the vendor was able to piece it together: he looked at the date the service was provided, looked at his records and figured out that it was me. Surely Angie’s List wouldn’t give him my contact info, right? Wrong. This was the email I got back from them (emphasis mine):
Reports may not be submitted anonymously. This is one of the many steps we take to ensure the authenticity and honesty of the feedback we post. When a member shares their service experience with us, the report becomes accessible to all members in their chapter. However, we only share the member’s name and address with the service provider if they request it.
They ONLY share the name and address?! Why should they be sharing anything at all? I’m fine if they let the vendors respond online, but they should not be providing anything about me to vendors. I understand the necessity of requiring that reviews have a date the service was performed on, but why make that exact date public? And I get why a review site would need to verify that an individual is who they say they are, but why is there any need at all to share that with vendors?
Even beyond the lack of security and privacy you have on Angie’s List, this makes the review part of their site totally worthless. I don’t want my information to be shared with vendors, so I won’t be writing any more reviews. And why would anyone?
“That’s a lot of rights to give Google, on the face of it — in fact, it’s basically every right you cangive to Google as a copyright holder. But think about how limited Google’s services would be if it didn’t have permission to use, host, store, modify, communicate, publish, or distribute your content — it couldn’t move files around on its servers, cache your data, or make image thumbnails, since those would be unauthorized copies. It couldn’t run Google Translate or Google Image Search. It would be illegal to play YouTube clips in public. In short, Google is giving itself all the permissions it could possibly need to run all of Google services, with the specific limitations that it doesn’t own anything you upload and it can’t use your data beyond running its services.”
Love this quote here. It’s not that I think that the concerns aren’t valid (especially that “even if they don’t use if for evil, they could since you’re giving them permission to), but these things are worded in a way that companies have the freedom to make their products work the way they intended to. Worrying about it is like worrying about some random horrific crime: yes, it might happen, but the chances are so slim that it’s not worth worrying about.
How I Learned To Stop Worrying and Love The Facebook Changes
Like any TechCrunch-reading web nerd, my first reaction to the “Open Graph” Facebook changes was whiny and furious. How dare they slap my name on every site that’s desperate to tap into their user base? If I wanted my name on those sites, I would have signed up for them! And if I wanted to share my info from those sites with my Facebook friends, I would have individually signed in to each and every one of them, giving that site explicit permission to share with the same people I was sharing with on places like Facebook and then dealt with dozens of different settings arrangements!
Maybe you can see my thought path on this issue changing there. If not, it’s come to this: not only is the change not a big deal, but it’s what we’ve been looking for from the web for years.
Yes, I was surprised when I went to the Washington Post front page and was greeted with a list of the articles my Facebook friends had shared. Yeah, it was a little discomforting to go to Yelp and see my “friends activity”, some of which was from high school friends that I hadn’t seen in decades. But then it cleared up: these are all people that I’ve already approved as my friends. Why should I have to do it yet again? My name isn’t showing up to strangers; it’s showing up to my friends, who I had already consented to share with. At the least, it’s made the web even more convenient, but more than that, it’s expanded the sharing web so hugely that it’s difficult to even comprehend right now.
This is exactly the kind of thing that we’ve wanted from the web; what we’ve wanted companies to do for years: make a single identity and a single group of friends that are managed in one place and then spread throughout sites with multiple purposes. It’s what Open ID wanted to do. Yes, it’s a lot of power for one company, but this isn’t the government we’re talking about. At the absolute worst, it’s like a cult where you actually can leave at any time, with the only downside being some hassle from your friends.
I would not fault anyone for deleting their Facebook account and being done with the whole thing. The concern is understandable. But before you back away entirely, and before you get outraged about these Facebook changes, think of this: your name is likely all over search results on the web, and you have no control over it. Your visits are being tracked anonymously by dozens of web statistics software. Your financial information is a single password (and likely a crappy password) away from anyone who wants it. Like a germaphobe who obsesses over toilet seat covers, you have a LOT greater things to worry about than this.
If you’re up for arguing this, I’m all for it in the comments. And by the way, the comments are powered by Disqus, a service that’s been around for years, where a single login with have you logged into to thousands of sites around the web.
What If Less Privacy Means More Freedom?
With the launch and demo of Google’s Chrome OS, where the OS is the browser and all your information lives online, my head was in the cloud (HA! No? Oh, alright). As much as I love the move towards an online life—where information stays in one place and the only thing that changes is the devices we use to access it—it’s hard not to take in the arguments that we’re throwing our privacy away.
Playing the part of the skeptic (not too much of a stretch for me), it’s not hard to see the concerns. Sure, at the moment there’s nothing in my Google Docs or on my blogs that will put me in jail or get me blackmailed, but it’s pretty easy to see a 9/11-type event or massive change in government that means more scrutiny on what we say and do. Our world can change in a big way, and what formerly seemed innocuous is now a crime, with all the evidence needed to convict available in the formerly-friendly-sounding cloud.
Meanwhile, the conspiracy theorists are sweeping the ashes of their burnt hard copies under the rug and going about their lives, which probably will involve embroidering a lovely “I Told You So” for their living room walls.
It seems extreme, but it’s happened before, and recently. We tend to believe that we can only get more free, but it can get snuffed out all too easily. Look at Afghanistan in the 20th century, and now imagine that kind of crackdown when everything you’ve said it not only easy to find, but is traced to your name, address and even social security number.
And that’s not even to mention smaller things like what your bosses or potential employers can find out about your, or what thieves of property or identity could use to more easily take things away from you. It happens.
But what if the flipside negates that? What if what we give up in privacy, we gain in freedom?
Yes, on the political front, having your opinions easily read as disobedience in a sudden government crackdown is chilling, but the ease and speed at which we can share stories in a wide broadcast means that it’s a lot harder for authorities to disappear people. If one person knows about it, they can get it to everyone, and it doesn’t even require convincing someone at the news station that it’s a story worth airing. It’s just aired, then and there by anyone who cares.
Yes, it’s concerning how much a thief or other ill-intentioned individual could find out about just with access to your Google password, but by the exact same token, we have instant access to our accounts, can find out much more quickly when things have happened, and cut things off, often remotely. And even in these small cases, the ability to get advice and help from a community of the whole world means it’s much easier to take action when it happens, and find out how to keep it from happening before it does.
There’s still enough skeptic in me that I do sometimes suddenly get freaked out by how much of me is out in the cloud. But a deep breath of the wider picture usually brings me back to wanting as much of my life online—the easy-to-use, information-filled, convenient as all hell online world—as I can get.
The debate is open in the comments…if you aren’t nervous about comments.