Sunday, December 9, 2007

How To Turn Off Facebook Beacon

Facebook CEO Mark Zuckerberg reacted to angry users this week by issuing a public apology and adding a privacy control web page for Facebook users.

Checking "Don't allow any websites to send stories to my profile" turns off Facebook Beacon and your purchasing choices (i.e. "John Sharp just rented Pride and Prejudice at Blockbuster") will no longer be published to your friends' News Feeds.

This is a welcome step, but it didn't need to be this way. All Facebook needed to do was take a step to the other side of the table and "think user".

It isn't that hard. Take this user posting from "Adam" in the comments section of the recent NY Times article on Beacon.

In less than a hundred words, he provides an articulate and sensible accounting of all the necessary UI components Beacon would require to be acceptable. Here's a sample of some good "think user" thinking:

Had Facebook included a global opt-out option at the beginning, the outcry would have likely been muted. Coupled with an opt-in-by-item with a STRAIGHTFORWARD yes/no, Facebook users would have been happy, privacy advocates would have been happy, and so on.

I mean, something like this:
“Would you like to let your Facebook friends know that you just bought [x] from [y]?
_ YES, SHARE. List this in my friends’ newsfeeds.
_ NO, DON’T SHARE. Keep this private.

NOTE: You can click on PRIVACY in Facebook to set a default for this feature.”

Adam, maybe they should give you Chris Kelly's job.

Facebook isn't out of the woods yet. There is still the question of what happens to user data provided by the user.

In Zuckerberg's recent blog/apology, there was no mention of any changes to their method of dealing with user data, and no clarification as to whether or not the personal data provided by the user is deleted immediately, rather than "stored, then deleted".

In a recent statement released by Facebook to Stefan Berteau, senior spyware research engineer with (Authentium partner) CA, Facebook says user data is always sent to Facebook ("in order for Facebook to operate technologically"), but that data will be deleted from its servers, once they receive the news that the user has opted out.

"When a Facebook user takes a Beacon-enabled action on a participating site, information is sent to Facebook in order for Facebook to operate Beacon technologically. If a Facebook user clicks "No, thanks" on the partner site notification, Facebook does not use the data and deletes it from its servers. Separately, before Facebook can determine whether the user is logged in, some data may be transferred from the participating site to Facebook. In those cases, Facebook does not associate the information with any individual user account, and deletes the data as well."

I look forward to seeing Berteau's follow-up Wireshark capture logs and analysis. It would be nice to find out that Facebook has kept its word on the changes.

Note: Facebook users, here's that link again.

No comments: