Yesterday the New York Times published a pretty interesting visual of Facebook’s privacy settings. They’ve broken out every single setting in a neat little tree designed to show you just how expansive (read: confusing) Facebook’s privacy settings are.
Actually, it looks like pretty solid information architecture to me.
Anyways, in the related article Nick Bilton makes an interesting point when he compares Facebook’s privacy policy to the United States Constitution. He highlights the fact that Facebook’s privacy policy is 5,830 words, while the US Constitution is a measly 4,543 words. The caveat here (which will most likely be overlooked by most readers) is that’s the number of words in the Constitution not including the amendments.
Now, I’m no historian here, but I do remember enough from my civics class to know that the main body of the constitution was purposefully left vague, because a couple of particularly zealous members of the Constitutional Convention thought it was important to keep things like the right to bear arms and free speech in a separate, editable portion of the document that would allow it to evolve over time as the country’s needs changed (hence all those amendments). When you run a site with 400 million active users, you don’t exactly have that same luxury.
The Times’ graphic also has a handy visualization of the actual length of Facebook’s privacy policy over time:
When I see this, here’s what I see: as Facebook’s user base grew, so did its privacy policy. The amount of legalese you need to cover your ass when you have a user base of 1 million college students with educational email addresses is drastically different than when nearly half of internet users access your site on a daily basis. Back in the olden days of Facebook, you didn’t really need privacy settings because you had to have a legitimate university email address to create a profile in the first place. I remember friends who preferred it to MySpace, because it was a whole lot harder to create a bogus profile on Facebook.
Ah, memories.
But then those kids graduated college, and lost access to their university email accounts (my university killed my account 8 months after I graduated). Now what? You can’t really tell those people they’re out of luck and will lose their Facebook accounts because now they don’t have a legit university email address. Plus, Facebook isn’t run by a bunch of idiots.
What does a good businessman do? Offer that same service to MORE people, and make more money.
That means opening up the pearly gates and allowing people with any email address to create a profile. But with that wider access comes more security concerns. Like the MySpace of old, any weirdo can now hop on Facebook and start creating profiles and even impersonating other people. This creates a need for more privacy controls and a more comprehensive privacy policy. With recent advancements in Facebook’s Open Graph, these privacy settings need to be even more complex in order to provide users with the control they need over sensitive personal data.
This data is a kickin’ tool for us marketing types, giving us the ability to put content in front of users they actually care about. As a user, that means you’ll see less of the clutter you don’t care about, and more meaningful content that you would actually find useful or interesting. As a digital marketing agency, getting relevant content and offers in front of user eyeballs means a better chance of snagging that precious conversion, and boosting the ROI of online campaigns.
On the flip side, marketers have an ethical duty not to abuse that precious data, although Facebook isn’t making it easy to convince users abuses won’t happen. Steamrolling straight into the opt-out model they’ve been using with the Open Graph is a bit rude and kinda creepy for the vast majority of users out there. IMHO, Facebook could benefit from adopting a bit more touchy-feely approach to this kind of thing. That said, whether or not their blasé approach to privacy changes will have a lasting impact on the user base is the subject of another blog post.
Do I think personal data should be served up on a silver platter to Facebook and the third party apps that use its platform? No. But I do think we all need to be mindful when it comes to the information we are putting on the internet, and diligently monitor our privacy settings on services like Facebook. After all, the security of our personal information is ultimately our personal responsibility. Facebook is giving us the tools to protect it. Let’s make sure we do it right.
Tags: Facebook
