Facebook Relents on Privacy Concerns

In what interest groups are calling a victory for personal privacy, the popular social networking site Facebook.com said Thursday night it would make changes to its new Beacon service.

The service, which collects a wide array of personal data from third-party vendors and delivers it to Facebook for inclusion in users’ news feeds, has come under fire in recent weeks from privacy advocates, led by MoveOn.org.  MoveOn helped drive attention to a group organized on Facebook itself entitled “Facebook, stop invading my privacy!”, which eventually grew to over 50,000 users by Thursday. In a statement, Facebook detailed the way Beacon will now work:

-Stories about actions users take on external websites will continue to be presented to users at the top of their News Feed the next time they return to Facebook. These stories will now always be expanded on their home page so they can see and read them clearly.
- Users must click on “OK” in a new initial notification on their Facebook home page before the first Beacon story is published to their friends from each participating site. We recognize that users need to clearly understand Beacon before they first have a story published, and we will continue to refine this approach to give users choice.
…
As with all its products, Facebook will continue to iterate quickly and listen to feedback from its users.

Facebook also sought to dispel what it called “misinformation in the market about some key aspects of how Beacon works”:

- Participation in Beacon is free for all partner sites.
- Beacon only allows for the sharing of specific actions on the specific sites participating in Beacon
- Beacon only has the potential to display actions to a selection of a user’s friends through News Feed and on a user’s Mini-Feed.
- Facebook is not sharing user information with participating sites and never sells user information.

Adam Green of MoveOn said in an accompanying statement:  “If Facebook changes their policy so that no private purchases made on other websites are displayed publicly on Facebook without a user’s explicit permission, that would be a huge step in the right direction — and would say a lot about the ability of everyday Internet users to band together to make a difference.”

The Beacon snafu has been an exercise in “Opt-in” vs. “Opt-out” services on the Internet.  The difference is subtle:  Opt-in means you, the user, have to explicitly authorize the service to perform an action, while Opt-out means you have to explicitly tell the service not to perform that action.  In the case of Facebook’s Beacon, sites such as Fandango.com were sending movie ticket purchase data to Facebook with only an easily-missed notification in the corner of the screen, and no facility for preventing the transmission of that data.  According to a slideshow produced by MoveOn, Facebook began making incremental changes to the system this week, culminating in Thursday’s announcement.