May 30, 2024

Another Privacy Misstep from Facebook

Facebook is once again clashing with its users over privacy. As a user myself, I was pretty unhappy about the recently changed privacy control. I felt that Facebook was trying to trick me into loosening controls on my information. Though the initial letter from Facebook founder Mark Zuckerberg painted the changes as pro-privacy — which led more than 48,000 users to click the “I like this” button — the actual effect of the company’s suggested new policy was to allow more public access to information. Though the company has backtracked on some of the changes, problems remain.

Some of you may be wondering why Facebook users are complaining about privacy, given that the site’s main use is to publish private information about yourself. But Facebook is not really about making your life an open book. It’s about telling the story of your life. And like any autobiography, your Facebook-story will include a certain amount of spin. It will leave out some facts and will likely offer more and different levels of detail depending on the audience. Some people might not get to hear your story at all. For Facebook users, privacy means not the prevention of all information flow, but control over the content of their story and who gets to read it.

So when Facebook tries to monetize users’ information by passing that information along to third parties, such as advertisers, users get angry. That’s what happened two years ago with Facebook’s ill-considered Beacon initiative: Facebook started telling advertisers what you had done — telling your story to strangers. But perhaps even worse, Facebook sometimes added items to your wall about what you had purchased — editing your story, without your permission. Users revolted, and Facebook shuttered Beacon.

Viewed through this lens, Facebook’s business dilemma is clear. The company is sitting on an ever-growing treasure trove of information about users. Methods for monetizing this information are many and obvious, but virtually all of them require either telling users’ stories to third parties, or modifying users’ stories — steps that would break users’ mental model of Facebook, triggering more outrage.

What Facebook has, in other words, is a governance problem. Users see Facebook as a community in which they are members. Though Facebook (presumably) has no legal obligation to get users’ permission before instituting changes, it makes business sense to consult the user community before making significant changes in the privacy model. Announcing a new initiative, only to backpedal in the face of user outrage, can’t be the best way to maximize long-term profits.

The challenge is finding a structure that allows the company to explore new business opportunities, while at the same time securing truly informed consent from the user community. Some kind of customer advisory board seems like an obvious approach. But how would the members be chosen? And how much information and power would they get? This isn’t easy to do. But the current approach isn’t working either. If your business is based on user buy-in to an online community, then you have to give that community some kind of voice — you have to make it a community that users want to inhabit.


  1. Sounds like Jay has the simple solution here: why not simply choose not to participate, and keep your information private (or better still, maybe invent a better wheel, and come up with the next Facebook with privacy controls that are granular enough to solve the problem.)

    • A facebook with better privacy controls is, arguably, what facebook used to be. And therein lies one of the big conflicts. Facebook’s interest, for the most part, is in monetizing the content that people continue to generate. It can sell ads against views of old pages, but mostly it needs new information from/about people to keep making money. Individuals’ interest is, I think, more evenly divided between the ongoing flow of information and the existing body of writing/pictures/friendships/contacts that facebook archives.

      So “come up with a facebook replacement that has more user-friendly controls” has as an obvious next step “and then, when enough people have posted enough content to become depended on your service, change the rules and monetize all the stuff people thought was private.”

  2. Jay Libove, CISSP, CIPP says

    As Ed pointed out, the information we provide to Facebook, Google, etc, has value – it can be monetized. Therefore, to anyone who suggests that we shouldn’t complain when we don’t like the “free” service we’re receiving, I urge you to reconsider, what is the value (to Facebook) of the information we provide *to it* for “free”?

    There is a business negotiation going on here, but one in which the actuarial tables are as yet not at all well understood.
    re: Heinlein, TANSTAAFL – neither for us, nor for Facebook.

  3. Regarding the post “Free == stop whining”

    “Why people continue to rant and rave about how they get such awful services for nothing is like insulting the host of a party before you even eat their free food.”

    No it is not. It is like being invited to a “free” party and then insulting the host when he demands that you remove your clothes because, after all, the party was “free”.

    • Haha, funny comment, but I agree with the people whining about free stuff thing. I get a few such idiots too but they don’t make to my client list, thankfully! 🙂 Some people suffer from a certain entitlement attitude, and think that all the pleasures of the world should be made available at NO COST to them because somehow they “deserve” it!

      • I agree. Facebook gets our information for free, and then they think they’re just entitled to keep getting our information in the future, as if they just somehow “deserve” it? I guess they’re not on your client list!

        …. or maybe you meant to make a different point.

        My point is: Don’t be confused by the fact that no money changes hands. Facebook’s relationship with its customers is an exchange of value for value. If Facebook stops providing value to its customers, the customers will leave. Like any other business, Facebook has to pay attention to what its customers want.

  4. Old quote: “Sometimes you don’t get what you paid for, but you never get what you never paid for.”

    Why people continue to rant and rave about how they get such awful services for nothing is like insulting the host of a party before you even eat their free food.

    Try asking your plumber or dentist to give you something for free and see how that works out.

    • I wonder if this (juvenile) attitude is significantly more prevalent in the US (especially in young avid readers of Heinlein and Ayn Rand), and if it in particular widely spread among hi-tech “geeks”. May this cultural reason partly explain what is going on here?

  5. As I wrote here, they also made the UI more confusing in a way that will cause less-than-savvy users to expose more of their personsal information. Basically: a picture with a padlock next to the word “everyone” will make many people think that the setting means “everyone is locked out” when on Facebook it means the opposite.

  6. I think that characterizing facebook’s problem as one of governance may be exactly wrong. The bigger problem is that its interests (making piles of money from users’ personal information seem strongly opposed to those of its users (sharing information with their friends and acquaintances, and only their friends and acquaintances). The recent news that a substantial chunk of facebook’s advertising revenue has been fueled by scam offers of one kind or another makes this issue a little more pressing than it might otherwise be.

    Ultimately, Facebook’s ace in the hole may be its miserably baroque information structure and user interface. It’s almost impossible to figure out what information and which people you have access to or have generated through facebook, so extracting “your” content is essentially impossible should the site’s terms become unacceptable.