Facebook’s Instant Personalization Questions and Answers

(With apologies to F-Secure’s Mikko Hypponen—the @scobleizer of security—I ’m going to attempt to imitate his Questions and Answers format.)

Facebook’s Instant Personalization continues to concern people who worry about privacy on social networks. Here are the questions about it that I wish I’d been asked about it.

Q: What is Instant Personalization?
A: It’s Facebook’s pleasant way of saying that it automatically shares your account information with partner sites according to the privacy settings you’ve chosen.

Q: What’s “instant” about it?
A: Unless you’ve opted out, your data is now being shared. (This is true in many countries. Facebook hasn’t turned Instant Personalization on in Slovakia or Finland, for instance.)

Q: With whom exactly is Facebook sharing my data?
A: The original three were Pandora, Yelp and Microsoft Docs. In fall of 2010, Facebook added Rotten Tomatoes and Scribd. Then in winter of 2010, Clicker and TripAdvisor went live. More partners are coming.

Q: Why?
A: Facebook is a business. We don’t know the financial arrangements behind these partnerships but they are all a part of Facebook’s broader strategy to spread its functionality or ‘like’ buttons anywhere on the Internet it can.

Q: Can they do this?
A: Yep. It’s in the site’s Statement of Rights and Responsibilities AKA its terms and conditions. Grab a magnifying glass and a quadruple mocha, you’ll find it in there.

Q: Is this bad? Why am I shivering?!
A: Wired.com’s Threat Level blog called the recent implementation of Instant Personalization with Scribd a “privacy nightmare” because, among other reasons, it was difficult to opt out at first. Scribd has improved its opt out. But it’s still annoying.

Q: Why is it annoying?
A: Several reasons. 1. Facebook can partner with any site it chooses. Unless you opt of the function entirely, your information is automatically shared. 2. You may be friends with people—your boss, your mom, your employees—with whom you don’t want to share your movie or music tastes. Unless you’re paying close attention, you may be just doing just that. 3. The principle of it. Facebook says that its users can control their own information. This doesn’t meet that standard. 4. It’s too difficult to opt out. You have to drill down into the privacy settings to opt out of the feature entirely. Not being able to opt out of individual sites via Facebook’s privacy settings is especially annoying.

Q: How can I opt out?
A: I thought you’d never ask. To opt out completely: Go to “Account” > “Privacy Settings”. Under “Applications and Websites” click “Edit your settings”.  Find “Instant Personalization” and click “Edit Settings”.  Uncheck the box that says “Enable instant personalization on partner websites.” Once you do this, your information will not be shared with any partner site. You can also keep the feature on and block individual partners.

To opt out sharing with Microsoft Docs: Go to the Docs Facebook application page and click “Block Application”. Then click “Block Docs” on the pop-up.

To opt out of sharing with Pandora: Go to the Pandora Facebook application page and click “Block Application”. Then click “Block Pandora” on the pop-up.

To opt out of sharing with Yelp: Go to the Yelp Facebook application page and click “Block Application”. Then click “Block Yelp” on the pop-up.

To opt out of sharing with RottenTomatoes: Go to RottenTomatoes.com. Find the “Welcome” box with your Facebook profile picture in the upper left corner. Click “Learn More”. At the bottom of the pop-up just above the close button, click “disconnect”.

To opt out of sharing with Scribd: Go to Scribd.com. Find the “Welcome to Scribd – Where the world comes to read, discover, and share…” box on the top of the page. Click “No thanks” in the bottom right corner of that box.

To opt out of sharing with Clicker: Go to Clicker. Find the “Welcome to Clicker” box on the top right of the page. Click the “Disable” link.

To opt out of sharing with TripAdvisor: Go to TripAdvisor. Find the box at the top right of the page that says “TripAdvisor is using Facebook to show you friends’ trips and reviews.” Click “Disable” in that box.

Q: Is there any reason NOT to opt of Instant Personalization?
A: Sure. If you’re a responsible Facebook users who knows and trusts all your Facebook friends, connecting with them on various social sites could be fun and useful. But as Facebook adds more features like Places and shares your information with more sites, you’re taking a risk of sharing information you may not want to share. It’s not a driving while distracted by your cell phone risk. But it is a risk.

Note: The EFF monitors Facebook’s privacy policies closely and was a resource for this post.

More posts from this topic

AshleyMadison

Is it OK to cheat on the AshleyMadison cheaters? (Poll)

The user register of AshleyMadison has been hacked. You don’t know what that is? Well, that’s perfectly fine. It’s a dating site for people who want to cheat on their spouses. Many dislike this site for moral reasons, but there is apparently a demand for it. The Canadian site has some 37 million users globally! Some user data has already been leaked out and the hackers, calling themselves Impact Team, have announced that they will leak the rest unless the site shuts down. So this hack could contribute to many, many divorces and a lot of personal problems! "We will release all customer records, profiles with all the customers' sexual fantasies, nude pictures and conversations and matching credit card transactions, real names and addresses." The Impact Team This is one hack in a long row, not the first and certainly not the last site hack where user data is leaked. But it is still remarkable because of the site’s sensitive nature. Think about it. What kind of information do you store in web portals and what bad could happen if that data leaks out? If you are cheating on your spouse, then that is probably one the most precious secrets you have. Disclosure of it could have devastating effects on your marriage, and maybe on your whole life. Millions of users have put their faith in AshleyMadison’s hands and trusted them with this precious secret. AshleyMadison didn’t misuse the data deliberately, but they failed to protect it properly. So it’s not that far-fetched to say that they cheated on the cheaters. What makes the AshleyMadison hack even worse is the site’s commercial nature. Users typically pay with a credit card issued in their own name. They can appear anonymously to their peers, but their true identities are known to the site owner, and stored in the database. So any leaked information can be linked reliably to real people. The sad thing is that the possibility of a leak probably never even crossed the mind of these 37 million users. And this is really the moral of the story. Always think twice before storing sensitive information in a data system. You must trust the operator of the system to not misuse your data, but also to have the skills, motivation and resources to protect it properly. And you have very poor abilities to really verify how trustworthy a site is. This is not easy! Refraining from using a site is naturally the ultimate protection. But we can’t stop using the net altogether. We must take some risks, but let’s at least think about it and reflect over what a compromised site could mean. This hack is really interesting in another way too. AshleyMadison is a highly controversial site as cheating is in conflict with our society’s traditional moral norms. The hack is no doubt a criminal act, but some people still applaud it. They think the cheaters just got what they deserved. What do you think? Is it right when someone takes the law in his own hands to fight immorality? Or should the law be strictly obeyed even in cases like this? Can this illegal hacking be justified with moral and ethical arguments? [polldaddy poll=8989656]       Micke   Image: Screenshot from www.ashleymadison.com  

July 21, 2015
BY 
Mikko Hypponen What Twitter knows

Your favorite breakfast cereal and other things Twitter knows about you

At Re:publica 2015, our Chief Research Officer Mikko Hypponen told the main stage crowd that the world's top scientists are now focused on the delivery of ads. "I think this is sad," he said. [youtube https://www.youtube.com/watch?v=pbF0sVdOjRw?rel=0&start=762&end=&autoplay=0] To give the audience a sense of how much Twitter knows about its users, he showed them the remarkable targeting the microblogging service offers its advertisers. If you use the site, you may be served promoted tweets based on the following: 1. What breakfast cereal you eat. 2. The alcohol you drink. 3. Your income. 4. If you suffer from allergies. 5. If you're expecting a child. And that's just the beginning. You can be targeted based not only on your recent device purchases but things you may be in the market for, like a new house or a new car. You can see all the targeting offered by logging into your Twitter, going to the top right corner of the interface, clicking on your icon and selecting "Twitter Ads". Can Twitter learn all this just based on your tweets and which accounts follow? No, Mikko said. "They buy this information from real world shops, from credit card companies, and from frequent buyer clubs." Twitter then connects this information to you based on... your phone number. And you've agreed to have this happen to you because you read and memorized the nearly 7,000 words in its Terms and Conditions. Because everyone reads the terms and conditions. Full disclosure: We do occasionally promote tweets on Twitter to promote or digital freedom message and tools like Freedome that block ad trackers. It's an effective tool and we find the irony rich. Part of our mission is to make it clear that there's no such thing as "free" on the internet. If you aren't paying a price, you are the product. Aral Balkan compares social networks to a creepy uncle" that pays the bills by listening to as many of your conversations as they can then selling what they've heard to its actual customers. And with the world's top minds dedicated to monetizing your attention, we just think you should be as aware of advertisers as they are as of you. Most of the top URLs in the world are actually trackers that you never access directly. To get a sense of what advertisers learn every time you click check out our new Privacy Checker. Cheers, Jason

May 15, 2015
BY 
nano freedome

A match made in digital heaven

When an enigmatic and groundbreaking artist started making waves on Youtube, the public was simultaneously curious and in awe of this new type of sonic assault, detached from any specific genre, culture or style. nano draws on life experience accumulated in NYC and Japan to create a truly global aesthetic. nano’s music transcends the confines of nationalities and ethnicities, and reflects nano’s “no national borders” motto. Despite being the product of a united and connected world, nano chooses to be shrouded with a veil of mystery and privacy. Like we here at Freedome, nano believes that personal privacy is a choice and the only person to control it should be YOU YOURSELF. We created Freedome because we LOVE the digital and connected world we all live in. We love it so much, that we want to give everyone the tools to enjoy it to the max by not having to worry about the negative sides that come with it. It’s all about choice and keeping control. A lot of your personal information is shared without your approval, and we should be able to share everything you want without fear of your stuff being stolen or used against you. Just like nano, we think that sharing your passions and keeping your privacy are not mutually exclusive. To celebrate our mutual  love for privacy and a connected world, nano has teamed up with Freedome with a special exclusive song, which can be found here. Join our global troop of digital freedom fighters. Your privacy, your choice.

April 22, 2015
BY