David Faser points to an article in the Times Online that throws a bunch of softball questions at Chris Kelly, Facebook’s chief privacy officer. Facebook has been at the center of multiple violations of user privacy, and all the Times can come up with are questions like “Do you think that some of the fear and criticism is based on a lack of understanding about social networks?” and “Do you think that some people didn’t realise they were revealing information to as many people as they were?” and even “Do you think that Facebook and social networking in general could benefit freedom in China?” Ooh, way to pin him down…
So I thought we should come up with a real set of questions to ask of the chief privacy officer at Facebook, such as:
- Why aren’t users instructed to review and adjust their privacy settings during the new account creation process? Only if a user happens to click on the tiny “privacy” tag in the upper right corner of the page will they discover how they can control the flow of their personal information.
- You state “Facebook does not screen or approve Platform Developers and cannot control how such Platform Developers use any personal information that they may obtain in connection with Platform Applications.” Why not? You have every right and opportunity to screen and approve Platform Developers (note how Apple is controlling third-party iPhone applications), yet you choose not to. How can users trust that if they opt-into a the Zombie application, that these developers aren’t gaining access to all their profile information? Why have you not committed yourself to monitoring and controlling the amount and types of personal information that flows to third-party applications?
- What do you mean when you say “Facebook may also collect information about you from other sources, such as newspapers, blogs, instant messaging services…in order to provide you with more useful information and a more personalized experience.” Is Facebook actively searching through non-Facebook sites and media to find more information about users? Is it eavesdropping on instant messaging sessions? Scanning my IM archives? Clipping newspaper articles? This is an extremely unorthodox and unclear statement.
- Why must users opt-out of having external websites send stories to their profile, as well as from appearing in Social Ads. If you wanted to fully protect user privacy, such “features” should be “opt-in.”
What else should we ask of Mr. Kelly?