All of the hoopla about Facebook's controversial user policy sidesteps the point about what social Web users really need to know about protecting their privacy and intellectual property.
The latest controversy erupted last week after a blog trumpeted an otherwise largely ignored change in Facebook's terms of service that would have granted Facebook an "irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license" to use your material and "use your name, likeness and image for any purpose, including commercial or advertising."
Needless to say, the privacy and users' rights community and a lot of bloggers were justifiably alarmed. The Electronic Privacy Information Center reportedly was on the verge of a federal complaint until Facebook decided to rescind the change last Tuesday night.
But there was another clause in that short-lived policy that--depending on your reading--either clarifies or contradicts the rest of it. The legalese that gave Facebook perpetual rights was "subject only to your privacy settings" and those settings are hard-wired to limit exposure to your material.
Privacy settings can be tightened
The site's privacy settings, in most cases, don't even permit you to expose your information to everyone on the Web. By default, the settings typically show your profile and other data only to "My Networks and Friends." While that might include a lot of people, it doesn't include the entire world. So if Facebook is subject to its own privacy settings, it would be very limited in its right to distribute content from your page to anyone outside your network.
These settings can be modified, but most of them can only be tightened. With a few exceptions, you don't even have the option to make a lot of your information available to the public at large. One exception is media files such as photos and videos, which, by default, can be viewed by "everyone." But you can use privacy settings to restrict who can see your photos all the way down to specific friends or even "only me."
The problem with Facebook's privacy controls is that a lot of people don't know about them, and even those who do might find them unintuitive to use. Facebook Chief Privacy Officer Chris Kelly agrees that the company has work to do in this area, and said they are developing a privacy wizard to make it a lot easier to set your controls.
Mouse over to privacy settings
In the meantime, you might want to hover your mouse over the "Settings" tab near the upper-right corner and select Privacy Settings. There you'll find options to control who can see your profile as well as other information about you, such as your "personal info," status updates, photos, videos tagged of you, and who your friends are. You can control who can see your profile within Facebook and you can turn off access to public search engines such as Google. There are plenty of other settings, including ones to control who can write on your wall and who can comment on notes, photos, or other elements of your site.
Settings vary according to what you're trying to control and, because of the confusing user interface, you might have to hunt around a bit. For example, to change the privacy settings on your own photo albums within the Privacy Settings area you would have to find the fine print under Photos Tagged of You that says "Edit Photo Albums Privacy Settings" or navigate from the Applications tray at the bottom left corner of your browser. That "privacy wizard" they're working on can't come a moment too soon.
Another relatively unknown feature is the ability to create multiple friends lists and assign different privileges to people on different lists. For example, if you want only certain people to know your cell phone number you can create a list like "good friends" and another called "colleagues" to make that information available only to people on those lists. You can create lists by clicking on the Friends tab on the blue navigation bar and then clicking on "Make a New List" in the left column.
Third party applications
Be especially careful when it comes to third-party applications. For example, I use an application from Eye-Fi that automatically syncs my photos to Facebook and Flickr through my Wi-Fi network. When I review cameras, I often take ugly and stupid test pictures and, if I'm not careful, those pictures can be automatically loaded to my Facebook page for everyone to see. But my most embarrassing moment was about a year ago, when I tried out the New York Times Quiz on a day I hadn't read the paper, only to have my low score posted for all my Facebook friends to see, including my editor at The New York Times.
Regardless of how you configure your privacy settings, there is a reality of the social Web that can't be configured away. Any digital information that is posted can be copied, captured, cached, forwarded, and reposted by anyone who has access to it. Even if some embarrassing photo or information is up for only a few minutes, there is the possibility that someone might copy it and send it around. And--as many people are painfully aware--friends can become ex-friends. So even if you're reasonably careful about who you let on your page, you never know what they might do with the information you post.
Disclosure: Larry Magid is co-director of ConnectSafely.org, a non-profit Internet safety education group that receives financial support from Facebook and some of its competitors.