For a moderate amount of time, I had been a “friend” with someone on Facebook, and we appeared to have full visibility of each others activities. Then, recently, I noticed that this person no longer appeared in my feeds or list of friends. I searched for this person on Facebook to no avail (zero results), and attempted to load this person’s Facebook profile using the custom URL, but was met with the standard error “The page you requested was not found”. This prompted me to assume that this person either (a) deactivated her/his page and left Facebook, or (b) un-friended me and tweaked the privacy settings to be essentially invisible to non friends. This didn’t bother me much, and I didn’t really think of it again.

Today, however, I noticed an update in my Ticker noting this person made a comment on some other Facebook user’s (not a friend of mine) page.  This particular action also was reported in my main News Feed. I found it quite odd that suddenly I was seeing updates from this ex-friend. I proceeded to search my friends list, and s/he wasn’t there. I searched for this person’s name, and still received no results. I tried to load this peron’s URL, and got the same error message.

However, when I clicked the user name (this person’s real name) in the status update, I was taken to her/his Facebook profile page, only it now was a different URL with a different username.** But it was my former Facebook friend: same photo, same basic info, etc. I searched the friend list, and I wasn’t there (as expected).  As far as I can tell, this person reactivated or recreated a new Facebook account, and simply decided not to friend me (fine). Yet, I’m not seeing activity from this person — this non Facebook friend — in my News Feed.

Has anyone else experienced this? Or have a possible explanation?  My only guess is that perhaps the user is using the same email address for the new account, and some code within Facebook recognizes that I used to be friends with someone using that email, therefore it is making activity visible to me. This is troublesome, of course, since people unfriend for various reasons, all with the presumption that Facebook activity will no longer be made visible to former friends.

UPDATE: I’ve now realized that this former Facebook friend and I do share one friend in common. So it is possible that her/his privacy settings allow visibility of actions to “Friends of friends”. I will investigate further….

** I should point out that the new custom username for this former Facebook friend is not, as far as I know, this person’s name. Nor does it appear to be any other version of her/his name. To compare, it would be as if I created a new Facebook account with the custom URL of /george.kerplanski. This new username — perhaps created to help obfuscate this user’s new account — appears to violate Facebook’s guidelines, which states “Your username should be as close as possible to your true name”.  I might be wrong about this, of course…

It is a well-written article, quite balanced, and features myself, the T3 principle researcher Jason Kaufman, and fellow Internet research experts Alex Halavais, Fred Stutzman, and Elizabeth Buchanan (I am friends with the latter three, for disclosure). The Chronicle also tracked down a Harvard student presumably within the dataset.

For those looking, my initial blog posts (from 2008) regarding the T3 dataset are here and here, and my full treatment of the dataset release was published here:

• Zimmer, M. (2010). “‘But the data is already public’: on the ethics of research in Facebook,” Ethics & Information Technology, 12(4), 313-325

I don’t want to rehash the entire article or episode, but would like to provide a few annotations:

The article does a nice job pointing out the dual challenges of “Researchers [who] must navigate the shifting privacy standards of social networks and their users”, as well as the “the committees set up to protect research subjects—institutional review boards, or IRB’s—[who] lack experience with Web-based research.”

These are critical revelations that we cannot take lightly. There is much work to be done to ensure researchers of all disciplines and levels recognize and respond to the complexities of engaging in this kind of research online, and that IRBs are sufficiently trained to recognize issues related to Internet research ethics.

To these ends, the Association of Internet Researchers (AoIR) has published an ethics guide (now undergoing revisions) as “as at least a starting point for their inquiries and reflection”, and we’ve held various workshops on the subject. Elizabeth Buchanan and Charles Ess have spearheaded important research on the IRBs’ awareness of Internet-related concerns, and have launched the Internet Research Ethics Digital Library, Resource Center and Commons website as a valuable resource.

And, specific to the article’s mention that I have “pointed to the Harvard case in urging the federal government to do more to educate IRB’s about Web research”, I was privileged to present before the Secretary’s Advisory Committee on Human Research Protections (SACHRP), part of the Office for Human Research Protections in the United States Department of Health and Human Services (HHS). Joined by Elizabeth Buchanan, Montana Miller, and John Palfrey (of Harvard’s Berkman Center, by the way), we discussed emerging ethical issues with Internet-based research and urged the committee to take steps to ensure IRBs and researchers were suitably trained to recognize and address these important ethical issues.

In the context of this entire debate (and some of the original comments left on my blog posts), this passage from the article is quite telling:

But Mr. Kaufman talks openly about another controversial piece of his data gathering: Students were not informed of it. He discussed this with the institutional review board. Alerting students risked “frightening people unnecessarily,” he says.

“We all agreed that it was not necessary, either legally or ethically,” Mr. Kaufman says.

Frankly, I’m troubled by this statement. I will leave it to legal experts to determine if the research violated the consent requirements of the Federal Regulations for the Protection of Human Subjects (45 CFR 46), but from an ethical standpoint, I argue the researchers did have an obligation to respect the intentions of those students who might have restricted their Facebook profiles to only be visible to members of the Harvard community. The researcher’s own codebook acknowledged that the assistants used to access the profile data might have had preferential access to a profile, and that “a given student’s information should not be considered objectively ‘public’ or ‘private’”. This realization should have triggered an ethical concern over whether each students truly intended to have their profile data publicly visible and accessible for downloading.

This is the crux of the issue, and my earlier attempts to learn if and how this apparent waiver of the consent requirement was deliberated by Harvard’s IRB were unsuccessful. Perhaps now we can gain a bit more understanding of why it was deemed that consent wasn’t necessary (and I hope it was a more nuanced decision than simply avoiding “frightening people unnecessarily”).

I agree with the article’s conclusion that the “biggest victim” in this episode is academic scholarship.

The uniqueness of this dataset is of obvious value for sociologists and Internet researchers, and it wasn’t my goal to shut down this research project. It is unfortunate the researchers haven’t been able to find a suitable means of re-releasing the data, but just like the AOL search data release forced us to rethink methods of anonymization before again releasing large datasets of transaction logs, I’m hopeful that this episode can prompt meaningful consideration and debate of our understandings of privacy, anonymity/identifiability, consent, and harm when it comes to Internet-based research.

Finally, I wanted to provide a brief response to the implicit accusation made in the article that I’m a part of some kind of “academic paparazzi”.

I’m not even sure what this means. Perhaps someone thinks I spend my time trolling through other people’s research hoping to find a place where they slip up so I can have a “gotcha” moment? Hardly. I had never written on research ethics until I came across this particular case. I saw a passing mention of the data release on another scholar’s blog, and the ensuing discussion there about how the presumed anonymity of the dataset should be questioned due to its unique data variables. So I started to explore, and my discoveries followed. I’m not out to get anyone, but rather have taken quite a number of proactive steps to help researchers (both the T3 team and more broadly) address these complexities.

The complexities of research ethics and methodology in today’s Internet-based environment is complex, and I’m just starting to scratch the surface. But I don’t take this lightly; I’m a scholar, not a paparazzo.

As I conclude in my full article:

The purpose of this critical analysis of the T3 project is not to place blame or single out these researchers for condemnation, but to use it as a case study to help expose the emerging challenges of engaging in research within online social network settings. …The T3 research project might very well be ushering in ‘‘a new way of doing social science’’, but it is our responsibility scholars to ensure our research methods and processes remain rooted in long- standing ethical practices. Concerns over consent, privacy and anonymity do not disappear simply because subjects participate in online social networks; rather, they become even more important.

I hope that’s the takeaway from all this.

I had spoken with a high level Mozilla rep (will remain nameless since I didn’t receive confirmation that I could publish the conversation in full) after the release of version 4 about this important design flaw, and the person told me they were up against hard deadlines to get the feature included in version 4, and didn’t have time to tweak the preferences GUI. The representative agreed this was “less than ideal” and promised that the entire privacy panel would be “revamped” in future releases.

Today, Mozilla has released version 5 of its popular browser, and they have kept their promise. In this new version, the option to turn on “Do Not Track” is rightfully located at the very top of the “Privacy” tab in the preferences panel:

(Another notable enhancement is that the Do Not Track feature now works across platforms.)

I’m glad to see that Mozilla is paying attention and (finally) recognizing that these design decisions matter.

Twitter fought the subpoena’s accompanying gag order, and has earned a partial victory that allowed Twitter to make the order public. [Some surmise that the wording of the order -- asking for size of "data files" -- suggests the same order was made to other ISPs or online providers, but there is no evidence that anyone other than Twitter has objected.] Upon learning of her inclusion in the subpoena, Birgitta Jonsdottir, a member of Iceland’s parliament, sought the help of the EFF and  filed a motion challenging the government’s attempt to obtain the records, asking the court to vacate the order. The motion argued the government’s demand for the records violated First Amendment speech rights and Fourth Amendment privacy rights of the Twitter-account holders.

In March 2011, Judge Theresa Buchanan, in the Eastern District of Virginia, ruled against that motion, arguing that because the government was not seeking the content of the Twitter accounts in question (.pdf), the subjects did not have standing to challenge the government’s request for the records. She further argued that “because petitioners voluntarily conveyed their IP addresses to Twitter as a condition of use, they have no legitimate Fourth Amendment privacy interest.” The judge was unpersuaded by the petitioners initial suggestion that they did not read or understand Twitter’s Privacy Policy, and that any conveyance of IP addresses to Twitter was involuntary. In a footnote of the motion, she wrote quite plainly: “Internet users are bound by the terms of click-through agreements made online.”

Christopher Soghoian has posted a critical analysis of this portion of the judge’s ruling, noting that while the judge states in her order that “[b]efore creating a Twitter account, readers are notified that IP addresses are among the kinds of ‘Log Data’ that Twitter collects, transfers and manipulates,” that isn’t entirely true. Soghoian comments:

It would be far more accurate to say that before creating a Twitter account, users are presented a link to a privacy policy, which includes a statement six paragraphs down about IP address collection. Users are further told that by clicking on a button to create the account, that they acknowledge that they read the linked privacy policy, although Twitter does not actually take any steps to make sure that users clicked on the link or scrolled through the content on that page.

Of course, it wouldn’t really matter if Twitter forced people to click on the privacy policy, or scroll through the page, because everyone knows that consumers won’t actually read through the text.

This final point is critical: “everyone knows that consumers won’t actually read through the text.” Soghoian’s post includes numerous studies that show users rarely read terms of service or privacy policies, as well as quotes from both FTC officials and US Supreme Court Chief Justice Roberts acknowledging the fact that these policies are difficult to read and understand.

Building from his original post, Soghoian has penned an amici brief (pdf) to the court, which presents the following argument:

Amici urge the court to not dismiss petitioners’ Fourth Amendment privacy interests based on their mouse clicks. Research has shown that consumers rarely read and even more rarely understand privacy policies. In fact, the mere presence of a privacy policy is often misunderstood by consumers to mean their privacy is protected. While “clickwrap” acceptance of terms may constitute a contract under certain circumstances, this legal construct for private obligations has limited bearing on whether a user’s expectation of privacy against government intrusion is objectively reasonable and protected by the Fourth Amendment.

I’m among the signers* of this brief, and would like to thank Chris for his continued efforts on protecting privacy online.

• Dr. Kelly Caine, Principal Research Scientist in the Center for Law, Ethics and Applied Research in Health Information and the School of Informatics and Computing, Indiana University
• Danielle Keats Citron, Professor of Law, University of Maryland School of Law
• Dr. Serge Egelman
• Jerry Kang, Professor of Law, UCLA School of Law
• Dr. Aleecia M. McDonald
• Frank A. Pasquale, Schering-Plough Professor in Health Care Regulation and Enforcement, Seton Hall Law School, Visiting Fellow, Princeton University Center for Information Technology Policy
• Len Sassaman, Researcher, Katholieke Universiteit Leuven (Belgium)
• Jason M. Schultz, Assistant Clinical Professor of Law, Director, Samuelson Law, Technology & Public Policy Clinic, UC Berkeley School of Law
• Wendy Seltzer, Associate Research Scholar, Center for Information Technology Policy, Princeton University
• Christopher Soghoian, Graduate Fellow, Center for Applied Cybersecurity Research, Indiana University
• Dr. Michael Zimmer, Assistant Professor, School of Information Studies, Co-Director, Center for Information Policy Research, University of Wisconsin-Milwaukee

This is an important step towards giving Web users more control over how their digital steps are being monitored and recorded. The Future of Privacy Forum has been tracking the history of this feature for some time, and we had a conference call with Mozilla, Microsoft, and Google a few weeks ago to learn about their various (and varying) methods for allowing users to prevent tracking.

Here’s how Firefox’s Do Not Track feature works:

For more background, please see Chris Soghoian’s detailed history of the inception of the opt-out header concept, as well as the DoNotTrack.Us website for full details on the broader project supporting these initiatives.

Note, however, a critical limitation (currently) to the Do Not Track method: it requires third-party advertisers to recognize and properly react to the DNT header sent to them from your browser, and there’s no requirement that they must. As Firefox notes: “Honoring this setting is voluntary — individual websites are not required to respect it.” While implementing the header should be easy for advertisers, no advertising network or other tracking service has yet announced plans to honor the Do Not Track header. The FTC might require something similar, and we can hope that public pressure might lead ad networks to voluntarily adopt Do Not Track, but for now, this is merely the expression of a user’s privacy preference that falls on deaf ears.

Despite this limitation, it still is very important and meaningful that Firefox has implemented Do Not Track for its millions of users.

The problem is, unfortunately, they made it very hard to turn Do Not Track on.

Today I installed Firefox 4 and went to the preferences panel to see for myself how Do Not Track has been implemented. Logically, I went to the Privacy tab first:

Here, all I see is a default setting of “Remember history”, noting that “Firefox will remember your browsing, download, form and search history, and keep cookies from Web sites you visit.” This default is discomforting. Looking at the menu of options, I see I can select “Use custom settings for history”:

Here, at least, I control whether Firefox stores my browsing history, or accepts third party cookies, etc. But, Do Not Track is nowhere to be found on the Privacy settings control panel.

Next, I try the Security tab, since Do Not Track is pitched as a security feature by Mozilla. Again, no settings for Do Not Track are provided:

Finally, I click on the ubiquitous “Advanced” settings tab. Bingo! Look closely, and you’ll see a setting for “Tell web sites I do not want to be tracked” among the list of browsing settings. And, of course, the default setting is to not have Do Not Track activated:

This design choice is very troublesome. Do Not Track is a major development in potentially providing Web users more privacy, security and control over their online activities. Mozilla brags about “leading the Web towards a universal standard Do Not Track feature,” and its own (draft) Privacy & Data Operating Principles talks about providing “real choices,” “sensible settings,” and “user control.” Yet, the setting to turn on Do Not Track is buried in the Advanced preferences tab, and listed alongside such mundane options for smooth scrolling and spell check.

Mozilla, you can do better than this.

TrackMeNot represents a form of technological resistance in the fight against the increasing loss of control individuals posses over their online personal information flows, and I was excited to play a very small role in its development while at NYU. Now, five years later, NYU has a thriving Privacy Research Group, filled with “students, professors, and industry professionals who are passionate about exploring, protecting, and understanding privacy in the digital age.”

Recently, two members of the NYU Privacy Research Group, Jaime Madell and Ian Spiro, have launched another privacy-enhancing technology, this time targeted at empowering Facebook users. Their creation is PostPref, a Facebook application that helps users protect the privacy of their photos.

PostPref is an attempt to remedy the lack of context on online social networks, the architectures of which tend to weaken norms of information flow by forcing the “binary” (private vs. non-private) categorization of shared information. Simply put, PostPref is a photo watermarking tool that allows users to quickly and intuitively label their photos so that others know whether they should feel free to redistribute the photos.

The concept is pretty simple: Once you authorize the PostPref app on Facebook, you have the ability to add a red, yellow, or green light, and accompanying message, to each of your photos: A “green” mark means “feel free to re-post freely.” A “yellow” mark means “please ask me first before sharing.” And a “red” mark means “do not share this photo at all!” Below is an image of myself tagged with a yellow watermark, indicating that my permission should be requested before reposting the photo.

Of course, there’s no technical restriction on what others actually can do with these photos. Anyone who has access to your photos on Facebook could download a “red light” photo and use it as they wish. (They might want to crop out the watermark to avoid making their breach of your privacy wishes obvious).

But PostPref is a good step towards putting power back into the hands of users. Facebook consistently misunderstands the nature of privacy online, and tools like PostPref help reorient services like Facebook to better respect the complex nature of privacy online.

The piece appears in The Huffington Post. Here’s an excerpt:

How to Win Friends and Manipulate People
Chris Jay Hoofnagle and Michael Zimmer
Posted: June 2, 2010 07:44 PM

Information-intensive companies such as Facebook follow a Machiavellian public relations strategy when introducing new programs. Without warning, these companies introduce “features” that invariably result in more information being shared with advertisers, wait for a negative reaction, and then announce minimal changes without affecting the new feature. They explain away the fuss with public relations spin: “we are listening to our users,” “we didn’t get it right this time,” “we look forward to your feedback,” etc. This strategy works, time and time again.

…

In all these cases, Facebook follows the pattern of taking two steps forward with an aggressive misuse of personal information and creeping back the slightest bit once the criticisms emerged. Each time, Facebook promised users that “we will keep listening,” and artfully reminding us that all they really want to do is make “the world more open and connected.”

These events represent the perfection of privacy public relations. Guided by earlier battles fought by tobacco and drug companies, information-intensive firms have learned how to use rhetoric to distract the public while successfully implementing new programs. They are the Machiavellis of privacy.

…

Read the entire op-ed here.

The interview covers various important issues, but Baym’s main concern is that Facebook has a “fundamentally naive and Utopian” view of what privacy means online, stemming  from the fact that the company is run by “a bunch of computer science and engineering undergrads who don’t know anything about human relationships.”

I agree. I frequently remind myself that Mark Zuckerberg is only 26 years old, attended a very exclusive boarding school and university (which he never completed), and happened to be the last one standing when Facebook hit it big, making him an instant billionaire, and suddenly putting him in charge of the personal information of millions of people. He’s a kid; a privileged kid, who can’t really relate to the lived experiences of 99.9% of Facebook users.

Baym’s concern that Facebook is run by “a bunch of computer science and engineering undergrads” parallels my concerns with Google, where privacy is too often approached from strictly legal or engineering perspectives, failing to consider the broader ethical considerations. More on that soon…

• Facebook launches new “feature” with little or no warning
• Feature is automatically activated for millions of users
• Users get confused and angry
• Backlash and criticism occurs; users threaten to leave
• Zuckerberg blogs that he has listened, tells you everyone really wants to share everything, but in the end backtracks a bit

This happened with NewsFeed, Beacon, changes to Facebook’s terms of service, and so on. And it happened again today.

Amid the rising criticism about recent changes, Facebook announced new privacy settings and practices, promising users more, yet simpler controls over the flow of their personal information on the social networking site and beyond.

Here’s how the changes are summarized on Zuckerberg’s blog post:

First, we’ve built one simple control to set who can see the content you post. In a couple of clicks, you can set the content you’ve posted to be open to everyone, friends of your friends or just your friends.

…

Second, we’ve reduced the amount of basic information that must be visible to everyone and we are removing the connections privacy model. Now we’ll be giving you the ability to control who can see your friends and pages. These fields will no longer have to be public.

…

Third, we’ve made it simple to control whether applications and websites can access any of your information. Many of you enjoy using applications or playing games, but for those of you who don’t we’ve added an easy way to turn off Platform completely. This will make sure that none of your information is shared with applications or websites.

If you simply want to turn off instant personalization, we’ve also made that easier. Already, partner sites can only see things you’ve made visible to everyone. But if you want to prevent them from even seeing that, you can now easily turn off instant personalization completely.

All in all, these are very important changes that give users some of the control we’ve been seeking (and Zuckerberg keeps referring to as if it always was there, but actually has been disappearing at an alarming rate). Facebook provides additional explanation of the changes — which will be implemented in coming weeks — here.

With these changes, users can more easily set global privacy settings to control their information flows with a few clicks (a helpful new feature). Users can now decide whether to make their “connections” — the pages they “like” — public or not (like they could before). Users can block all applications from ever accessing their information (a new feature), and users can more easily opt-out of Instant Personalization (but it is still opt-out).

Of course, these new privacy settings are closer to how these features should have been designed and deployed in the first place — but it is unsurprising that Facebook would rather try to force the sharing of all one’s personal information rather than give users control. Only under the threat of government intervention, it seems, did Facebook take these serious steps (note how Facebook goes out of its way to tell us that Senator Schumer’s office was consulted about these changes).

But at the end of the day, these changes show that Facebook is capable of designing their services in ways that respect user’s expectations to be able to control their information flows online. Hopefully this represents only the first step towards a (re)commitment by Facebook to honor its core principles.

[image = screencap from Facebook video]

When I finally got around to giving it a close reading, my initial reaction was visceral. In just over 500 words, Zuckerberg succeeded in sounding condescending, bragging about things Facebook can’t really brag about, and over-simplifying the core issues at hand. But in the end this doesn’t matter, because I don’t even think Facebook’s 400 million users were the intended audience.

::

Like others, I found the overall tone of this piece condescending. Writing about the “challenges” of keeping 400 million users satisfied, the desire to “apply the lessons we’ve learned along the way”, and that he’s “eager to get your feedback” sounds good when the marketing and PR people suggest it, but when you’re (presumably?) trying to apologize and calm angered users, such rhetoric falls short of contrite.

And lines like “We have also heard that some people don’t understand how their personal information is used” make it sound like Facebook isn’t convinced this is really happening, and that they haven’t received any such feedback firsthand. They’ve “heard that some people” don’t understand, as if there’s a rumor wafting through the lunchroom that some mysterious subset of users are having troubles. And here comes Zuckerberg to the rescue. That’s condescending.

::

The piece also brags about Facebook’s guiding principles:

– You have control over how your information is shared.

– We do not share your personal information with people or services you don’t want.

– We do not give advertisers access to your personal information.

– We do not and never will sell any of your information to anyone.

– We will always keep Facebook a free service for everyone.

(Note that these 5 principles are different than the 10 principles Facebook already proclaims, although they pretty much map up against each other if you take the time to work on it.)

Zuckerberg repeats that first principle a few other times, noting that “If we give people control over what they share, they will want to share more”, and bragging that “Many people choose to make some of their information visible to everyone so people they know can find them on Facebook. We already offer controls to limit the visibility of that information”

The problem is, this simply isn’t true. Sure, Facebook provides lots of granular privacy controls allowing me to control some of my information. But not all of my information. It was Facebook who decided to make “some of [my] information visible to everyone so people [I] know can find [me] on Facebook”. Facebook did that, not me. And over time, Facebook has routinely removed “controls to limit the visibility of that information”.

Which means that the 2nd principle, “We do not share your personal information with people or services you don’t want”, isn’t true either. By making certain personal information permanently visible, I am forced to share that information with people or services that I don’t want to.

Simply put, I do not have full control over how my information is shared, nor with whom. How these remain core principles of Facebook is beyond me.

::

Perhaps what bothered me the most about Zuckerberg’s statement is the fact that he boils down a multitude of reasoned complaints and concerns over a range of Facebook’s platform changes and privacy practices (Instant Personalization, Connections, profile visibility changes, etc) to this singular issue: “Simply put, many of you thought our controls were too complex.” Zuckerberg then goes on to reveal that “We have heard the feedback” and that “we will add privacy controls that are much simpler to use”.

Facebook might have listened, but it did not hear.

Complaints about the complexity of Facebook’s privacy settings have persisted for years. But the noise recently has been about Facebook forcing some information to be permanently public, about Facebook changing the default settings to have more things share with “everyone”, about Facebook automatically enrolling users in “instant personalization”, and about Facebook forcing users to turn their interests into “likes” of pages where they are publicly listed as members.  These are the issues at hand, not merely the complexity of the privacy controls.

In the end, this entire op-ed is just a press release announcing that some simplified privacy settings are forthcoming. That’s what’s so upsetting. All the other issues were ignored and obfuscated in the false rhetoric of how users have “control over how your information is shared.” Amid all the complaints by privacy advocates, possible intervention by the U.S. Senate, and talk about secret privacy meetings within Facebook,  all they could come up with is announcing simpler privacy settings. That’s very disappointing.

(Zuckerberg also notes some kind of control to “give you an easy way to turn off all third-party services”, but there are no details on what this really means. What constitutes a third-party service? Presumably Facebook’s own Instant Personalization “feature” is not a third-party service. I guess we’ll learn about this later today).

::

Finally, I can’t get over the fact this missive from Zuckerberg appears as an op-ed in the Washington Post (which, btw, has corporate connections with Facebook). If Facebook really wanted to communicate with its 400 million users about the steps it was taking regarding privacy, is the editorial page of the Post really the best placement? Why not post it on the Facebook blog? Issue a press release? Post it on the Facebook Site Governance page (which boasts 1,508,300 fans). Facebook finally got around to posting a link to the op-ed on its own Facebook page — almost 24 hours after it appeared online at the Post. Heck, buying a full-page add in The Onion would’ve reached more of its core audience than the Sunday Washington Post.

So why the Post? My guess that Facebook is concerned about the real possibility of government intervention into its affairs. Later this week, Facebook will reportedly be briefing members of Congress on what its doing to address various privacy issues. What better way to start the process of lobbying than put an op-ed in the Washington Post.

Which, in the end, means Facebook could care less what I — or any of its 400 million users — thought of the op-ed. It wasn’t put there for users like me. Rather, it seems like Zuckerberg’s piece was strategically placed in the Post to soften the minds of Washington.

And that’s what really pisses me off.

[Image source]