Off the Shelf

This is part of my ongoing series in social media privacy, please read the exciting introduction here.

1. Introduction
2. Foursquare
3. Facebook updated 5/6/2010
4. Twitter – coming soon.

Since writing this Facebook has re-envisioned how they handle your personal information. The EFF is always quick to respond to changes like this in areas of user privacy. If you are interested in learning more about how these changes effect your Facebook settings please visit the EFF resources: Facebooks Eroding Privacy Policy, How-to Opt Out of Instant Personalization of your Webs, Facebook Jargon Translator and 6 Things You Need to Know About the “Connections” Feature.

…and now back to our regularly scheduled blog post on Facebook Privacy

Facebook
Facebook is one complicated beast of privacy settings. I wouldn’t go so far as to say that Facebook almost makes it difficult to navigate the privacy settings. It’s their business to share information. So if you lock all that down, what good does that do them? There are five (yes, count them, five) different sections for privacy controls on Facebook: Profile Information, Contact Information, Applications and Websites, Search and Block List. I avidly curate these as Facebook has been known to implement and change things without letting people know.

To get started go to: Account > Privacy Settings.

1. Profile Information Panel

Only Me Visibility:
There are two things I only allow “only me” to see and these are “About me” and “Birthday”. Birthday is your date-of-birth and you should never share this! Getting a little timely e-birthday card is just not worth the risks of sharing this information.

Creating Lists:
The best way to manage your privacy is by creating friend lists. Using “lists” you can both “friend” your boss or your mom, but not let them see certain aspects of your profile. To do this fire up: Account > Edit Friends. Then start working your way through your friends adding them to lists which you can create on the fly. I tend to work with pairs of lists. For example I have “Relatives” and I compliment that with “Relatives_censored”. I may not want Uncle Bob, the minister, to know I was out last night getting completely ossified. However, I don’t mind my sister knowing what I was up-to last night. This way I get the benefits of categorizing my friends, yet I add a dual level for privacy uses.

After your create lists you can then place everyone into your newly created category lists. Now you can keep those pictures of you Xeroxing your butt away from your boss, yet allowing him to be a part of your “online” life by adding him to the “work_censored” list. Everyone I currently work with goes into the “work_censored” list by default, unless they are extra uber special and I don’t mind them hearing if I want to complain about a bad day at work.

Friends of Friends Visibility:
I stick with the “friends of friends” for my lowest level of security. Never do I choose “everyone” or “friends and networks”. These settings apply to: my “Interests, Activities, and Favorites” (I don’t see any harm in someone knowing that I am a huge ELO fan), “Religious and Political Views”, “Relationship Status” (maybe someone wants to do some data-mining on single people and our interests) and “Education and work” (I do lots of professional development so I try to be accessible to folks in that way and maybe an alum wants to contact me about something)

2. Contact Information Panel
Let’s be safe here, you don’t want to corral a privacy setting off only to divulge the location of another entry point to that same information elsewhere. This one is different than “Personal Information” as it works off of your “network” settings (Rutgers, NYC, x Job etc.) not your “friends” lists. Confusing? Yes!

Friends and Networks Visibility:
Information that is visible to my friends and networks are my IM screen name, mobile phone, other phones, and my website (it’s a work related blog). I would however not allow folks in your work network to see your blog, if it’s not work related. Once they know where your blog is you can’t really take that away by just changing your privacy preferences in Facebook.

Friends of Friends Visibility:
My most security lax section is “friends of friends”. I allow those people to both “add me as a friend” and “send me a message”. I do have some lost friends out there so enabling people to at least ask for my friendship allows me to filter them based on my own standards, rather then shutting them out completely.

3. Application Settings Panel

This is where you should use the most caution. I use very few applications as those are vulnerability points for malevolent parties to compromise your carefully guarded profile security. I also don’t ever, under any circumstances, answer those “questionnaires” that people send around. You can learn more about being aware of vulnerabilities like this by watching this witty presentation entitled “Social Zombies, Your Friends Want to Eat Your Brains” given by Tom Eston and Kevin Johnson at Defcon 17 in 2009. You should also always be on guard for things that look “official”, but are not (Countermeasures Blog).

What you share:
This field is just an informative section on what you are agreeing to when you allow applications to access your Facebook content.

What your friends can share about you through applications and websites:
I make sure every single one of these boxes is unchecked. I don’t want my friends sharing anything with anyone without my consent. From the disclaimer:

“When your friend visits a Facebook-enhanced application or website, they may want to share certain information to make the experience more social. For example, a greeting card application may use your birthday information to prompt your friend to send a card.”

It sounds so sweet doesn’t it? However, why would you want some greeting card company knowing your date-of-birth? Remember don’t deny access to one aspect of your profile just to hand it over in another.

4. Blocked Applications:
I block all that, Farmville and Mobwars crap. It’s just a bad idea. Anytime a friend sends me an invite to an application I immediately block that application. I even “hide” my friends feeds from those applications on my main page.

Ignore Application Invites:
If you have a friend that is constantly joining apps, you can add them to this list here and they will never ask you to “cultivate their crops” ever again.

Activity on Applications and Games Dashboards
Currently my settings are to only friends as I have used “I Like” in the past to share music.

Search Panel

Facebook Search Results:
I only allow friends and networks to search for me on Facebook. I hope that by doing this I block some unwanted attention.

Public Search Results:
This means your personal stuff that you’ve shared with “Everyone” can end up on Google. Just do yourself a favor and uncheck the box that says “Allow”. I don’t want a search engine crawling my profile, if I have some control.

5. Block List:
This one is easy. If you annoy me you go on the block list, included in this are nosey relatives and anyone else I deem unacceptable. Use the power of this to rid yourself of any troublesome element in your online life.

That about does it for Facebook of course there is so much more, but this should give you a very good starting point for locking-down your online life.

Keep Reading: Twitter and Privacy >>>

More about Facebook privacy here: 10 Privacy Settings Every Facebook user Should Know

Tags:   aware · facebook · foursquare · location · media · privacy · security · sharing · social1 Comment