Facebook’s privacy settings finally make sense — for a reason

Give Facebook some credit.

A few years ago, its growth seemed unsustainable. Everyone assumed that some other social network would eventually rise up to replace it as had happened to its precursors Friendster and Myspace. And its privacy controls felt purposely confusing.

Now, with more than a billion active users, the site is still growing. Its biggest competitor is Google+, which is isn’t setting the world on fire yet. And it finally has privacy controls that the average user has some hope of understanding.

Why is Facebook finally offering privacy settings that make sense?

Because they’re about to start using your information in new ways that may make you squirm.

You may have already taken Facebook’s tour of the new settings. If you haven’t, you should then consider these 3 recommendations to take control of your profile.

Find this privacy near the upper right hand corner, click on it and select “See more settings” at the bottom of the menu that pops up.


You’ll see this screen:

privacy settings

1. Use “friends” as a default.
Under “Who can see my stuff?” you’ll see “Who can see my future posts?” Unless you have a good reason, go with “Friends”. This will save you from having to backtrack and change the settings on something you didn’t want to get out. Of course, your friends can still share what you put out — as Facebook founder Mark Zuckerberg’s sister Randi learned — so keep in mind that anything you put on Facebook could end up on the front of a newspaper. Also consider using “Friends” as the setting for “Who can look you up using the email address or phone number you provided? and “Who can look up your timeline by name?”

Facebook is going to be making more and more of your information easily accessible. While it’s smart to consider that anything you post on Facebook could easily made public, you may want to restrict what information strangers can easily browse through.

2.  Do not let other search engines link to your profile.
Unless you use your Facebook profile as a professional tool, you probably don’t want it to be one of the first things people find when they search your name. So we recommend selecting “off” for “Do you want other search engines to link to your timeline?”

3. Turn of “tag review”.
Next click  on Timeline and Tagging on the left menu.

Screen Shot 2013-01-17 at 6.31.43 PM

You’ll see this screen:


Most people want to allow friends to post on your wall but if protecting your images is your priority, you may want to make it available only for you. Either way, it’s a good idea to select “friends” for “Who can see what others post on your timeline?” This will prevent strangers or even potential mates or employers happening to catch your page right as a friend posted some hilariously sick image on your timeline.

We recommend you turn on “Review posts friends tag you in before they appear on your timeline?” This won’t stop your friends from tagging you in something embarrassing but it will stop it from showing up on your wall if they do.

We definitely recommend you enable “Review tags people add to your own posts before the tags appear on Facebook?” This so called tag review will keep you from being in ridiculous tagged pictures or posts that show up in search results.

If you don’t want to be tagged much or don’t like the idea of photo recognition, you may want to select “No one” for “Who sees tag suggestions when photos that look like you are uploaded?”

That’s a good start. Next time, we’ll walk through Facebook’s security settings.


More posts from this topic


Did a funny test in Facebook? Time to clean the permissions.

You are precious. You are very valuable. At least to companies dealing in advertising and customer profiling. The value of you and your peers make giants like Google and Facebook tick, with a combined revenue of about $78 billion. I’m sure most of you understand this value. But how many are really making smart choices to guard it? If you’re on Facebook, you may have seen posts like this: “Your Friday night. Tina wants to sleep. Jan destroys furniture. Aaron wakes up handcuffed. Wilhelm starts a drinking competition.” Clicking the image takes you to nametests.com, or a localized version in your own language. Once there you can create your own test that reveals funny things about you and your friends. It’s obvious that these test are more entertaining than scientific. And this site can’t be blamed for lacking fantasy! Who thinks you’re sweet? How many children will you have? Who should you write a love song for? Who of your friends belong in your stuffed animal collection? Stuffed animal collection! OMG. LOL. :) You can find out all this and much more with the tests at nametests.com. The site is operated by a German company named Socialsweethearts, that claim to have over 1500 tests in more than 40 languages! OK, just another funny and harmless site that creates virally spreading posts and cashes in on advertising, you might think. But let’s take a closer look at what’s going on here. Many of the test involve your friends, revealing whom would be or do something. And to provide this they must know who your friends are, right? So it’s perfectly legit when a dialog pops up asking for access to your Facebook account and friends list. Wait! This is where you should stop and think. Let’s rephrase what’s going on. You purchase an automatically generated joke about you and your friends and pay by allowing them access to your friend list and Facebook wall, including all your past, current and future posts. A good deal? No, I don’t think so. And on top of that, you pay with knowledge about all your friends too, but without asking them for permission. Ok, Socialsweethearts is a German company, and Germany has strong privacy laws. I think there is a pretty good chance that this company isn’t misusing your data shamelessly, even if they definitively has the technical opportunity to do so. But this is pure luck. I bet that virtually none of the folks using these tests actually checked the background of the company and made an educated decision to trust it. Did you? But on the other hand. Pretty much all the giants that make billions on our private data are from the Americas. Europe has totally lost this race. A German company entering the same business successfully would be bright news, sort of. Bad news for your privacy but good news from European business perspective. So don’t worry too much if you have used the services on nametests.com. But this is anyway an excellent opportunity to clean up the list of apps that have access to your data. In Facebook, go to Settings and choose Apps in the menu to the left. Now you see a list of all apps and sites that have been granted access. Some of them are no doubt legit, for example apps that should be able to post to your wall. But the permissions will stay when you stop using something. And some permissions are only needed on a one-time basis, but they will stay on the list. Nametests.com belongs to that category and should be erased. Go through the list and remove anything you don’t need. If you see something that you don’t understand the meaning of, it’s safest to remove it too. Permissions can always be added back and apps that lose their permissions will notify you and ask you to grant new permissions. Happy cleaning, Micke   [caption id="attachment_8485" align="alignnone" width="300"] This is what it looks like when nametest.com want's permission to access your data in Facebook.[/caption]   Images: Screenshots from nametest.com and facebook.com  

September 21, 2015

Only 10% protected – Interesting study on travelers’ security habits

Kaisu who is working for us is also studying tourism. Her paper on knowledge of and behavior related to information security amongst young travelers was released in May, and is very interesting reading. The world is getting smaller. We travel more and more, and now we can stay online even when travelling. Using IT-services in unknown environments does however introduce new security risks. Kaisu wanted to find out how aware young travelers are of those risks, and what they do to mitigate them. The study contains many interesting facts. Practically all, 95,7%, are carrying a smartphone when travelling. One third is carrying a laptop and one in four a tablet. The most commonly used apps and services are taking pictures, using social networks, communication apps and e-mail, which all are used by about 90% of the travelers. Surfing the web follows close behind at 72%. But I’m not going to repeat it all here. The full story is in the paper. What I find most interesting is however what the report doesn’t state. Everybody is carrying a smartphone and snapping pictures, using social media, surfing the web and communicating. Doesn’t sound too exotic, right? That’s what we do in our everyday life too, not just when travelling. The study does unfortunately not examine the participants’ behavior at home. But I dare to assume that it is quite similar. And I find that to be one of the most valuable findings. Traveling is no longer preventing us from using IT pretty much as we do in our everyday life. I remember when I was a kid long, long ago. This was even before invention of the cellphone. There used to be announcements on the radio in the summer: “Mr. and Mrs. Müller from Germany traveling by car in Lapland. Please contact your son Hans urgently.” Sounds really weird for us who have Messenger, WhatsApp, Facebook, Twitter, Snapchat and Skype installed on our smartphones. There was a time when travelling meant taking a break in your social life. Not anymore. Our social life is today to an increasing extent handled through electronic services. And those services goes with us when travelling, as Kaisu’s study shows. So you have access to the same messaging channels no matter where you are on this small planet. But they all require a data connection, and this is often the main challenge. There are basically two ways to get the data flowing when abroad. You can use data roaming through the cellphone’s ordinary data connection. But that is often too expensive to be feasible, so WiFi offers a good and cheap alternative. Hunting for free WiFi has probably taken the top place on the list of travelers’ concerns, leaving pickpockets and getting burnt in the sun behind. Another conclusion from Kaisu’s study is that travelers have overcome this obstacle, either with data roaming or WiFi. The high usage rates for common services is a clear indication of that. But how do they protect themselves when connecting to exotic networks? About 10% are using a VPN and about 20% say they avoid public WiFi. That leaves us with over 70% who are doing something else, or doing nothing. Some of them are using data roaming, but I’m afraid most of them just use whatever WiFi is available, either ignoring the risks or being totally unaware. That’s not too smart. Connecting to a malicious WiFi network can expose you to eavesdropping, malware attacks, phishing and a handful other nasty tricks. It’s amazing that only 10% of the respondents have found the simple and obvious solution, a VPN. It stands for Virtual Private Network and creates a protected “tunnel” for your data through the potentially harmful free networks. Sounds too nerdy? No, it’s really easy. Just check out Freedome. It’s the super-simple way to be among the smart 10%.   Safe surfing, Micke   PS. I recently let go of my old beloved Nokia Lumia. Why? Mainly because I couldn’t use Freedome on it, and I really want the freedom it gives me while abroad.   Image by Moyan Brenn  

August 24, 2015

Forget the personality tests – Ask Facebook instead (Poll)

It’s amazing how advertising can power huge companies. Google has over 57 000 employees and some 66 billion US dollars in revenue. And Facebook with 12 billion and 10 000 employees. These two giants are the best know providers of ad-financed services on the net. And modern advertising is targeted, which means that they must know what the users want to see. Which means that they must know you. Let’s take a closer look at Facebook. We have already written about their advertising preferences and I have been following my data for some time. Part of the data used to target ads is input by yourself, age, gender, hometown, movies you seen etc. But Facebook also analyzes what you do, both in Facebook and on other sites, to find out what you like. It’s obvious how the tracking works inside Facebook itself. Their servers just simply record what links you click. Tracking in the rest of the net is more sinister, it’s described in this earlier post. Your activity record is analyzed and you are assigned to classes of interest, called “Your Ad Preferences” by Facebook. Advertisers can then select classes they want to target, and the ad may be shown to you based on these classes. You can view and manage the list using a page that is fairly well hidden deep in Facebook’s menus. Let’s check your preferences in moment, but first some thoughts about this. Advertising may be annoying, but it is the engine that drives so many “free” services nowadays. So I’m not going to blame Facebook for being ad-financed. I’m not going to blame them for doing targeted ads either. That can in theory be a good thing, you see more relevant ads that potentially can be of value to you. But any targeted ad scheme must be based on data collection, and this is the tricky part. Can we trust Facebook et al. to handle these quite extensive personal profiles and not misuse them for other purposes? It’s also nice that Facebook is somewhat open about this and let you view “Your Ad Preferences” (Note. Not available in all countries.). But that name is really misleading. The name should be “Facebook’s Ad Preferences for You”. Yes, you can view and delete classes, but that gives you a false sense of control. Facebook keeps analyzing what you do and deleted classes will reappear shortly. I made a full clean-up a couple of months ago, but now I have no less than 210 classes of interest again! This is really amazing if you take into account that I block tracking outside of Facebook, so those activities are not contributing. And I have a principle of not clicking ads in any on-line media, including Facebook. And liking commercial pages in a very restrictive manner. But the thing is that Facebook has realized that people dislike ads. “Suggested posts” or “Sponsored posts” are in fact masqueraded ads and any interaction with them will record your interest in the classes they represent. I have to admit that I do click this kind of content regularly. And where did that suicide thing come from? No, I’m fine. I’m not going to jump off a bridge and I’m not worried about any of my dearests’ mental health. I have not interacted with any kind of Facebook content related to suicide. Except that I can’t know that for sure. Facebook tries to give an open and honest image of itself when presenting its Ad Preferences settings and the possibilities to manage them. But this rosy picture is not the full truth. The inner workings of Facebook advertising is in reality a very complex secret system. When you interact with something on Facebook, you have no way of knowing how it affects your profile. Something I have clicked was apparently associated with suicides even if I had no clue about it. Ok, time to take the Facebook personality test. Let’s see what kind of person they think you are. Follow these instructions: Go to Facebook and locate an ad, a “sponsored post” or a “suggested post”. These items should have a cross or a down-arrow in the upper right corner. Click it. Select “Why am I seeing this?” from the pop-up menu. This screen contains some interesting info but proceed to “Manage your ad preferences”. Review the list and come back here to tell us what you think of it. Delete the inappropriate classes. Deleting all may reduce the number of ads you see.   So let’s see what people think about this test’s accuracy:   [polldaddy poll=9023953]   So using Facebook’s Ad Preferences as a personality test may be entertaining, but not very accurate after all. You should probably look elsewhere for a real test. The catch is that you can select what test to take, but not how others collect data about you. Someone else may rely on this test when evaluating you. You have actually granted Facebook the right to share this data with basically anyone. Remember this clause in the agreement that you read and approved before signing up? “We transfer information to vendors, service providers, and other partners who globally support our business, such as providing technical infrastructure services, analyzing how our Services are used, measuring the effectiveness of ads and services, providing customer service, facilitating payments, or conducting academic research and surveys.” You did read it before signing, didn’t you?   Safe surfing, Micke   Image: Screenshot from facebook.com  

August 13, 2015