Your Private Facebook Info Isn’t So Private
I love Facebook. I love Facebook so much that if I had a choice of donating a kidney to a dying Facebook or a dying Susan, I’d definitely save Facebook. [Possibly even over someone you actually like too. –Susan] Please don’t interrupt me when I’m speaking. My love for Facebook originally was a result of how private it was. I had control of who could see my information and how much of it they could see. I was lulled into a false sense of security and all my friends were, too.
A few weeks back, Facebook announced that it was going to start opening up user profiles to the search engines. Hearing that, I was somewhat concerned. The first thing I did, before even reading the rest of my blog feeds, was march my little self over to my Facebook Privacy settings and make sure that I was opted out of that nasty, secret-spilling little feature. It’s not that I have anything to hide; it’s just that I definitely do. My Facebook profile is holy ground. I don’t need that stuff ending up in anyone’s search results. I mean, what if you all find out that I’m not nearly as innocent as I make myself out to be? That would be horrible for my image!
Given all the precautions I’ve taken to hold on to my secret Facebook identity (opting out of indexing, giving out lots of limited profiles, etc), you can imagine my horror/surprise when I was playing around with Bloglines this weekend (yes, they have returned my feeds) and discovered this:
Oh, look at that. That’s some private Facebook information being returned for my name. That’s…not good. Curious as to where they were pulling that from I clicked on the source blog.
It’s coming from my Facebook friend John Harmon’s Facebook notifications. John and I may be 89 percent alike in what attracts us to potential mates (so, um, John, wanna go out or something?), but we’re apparently very different when it comes to protecting the privacy of our Facebook profiles. Where I enjoyed Facebook’s walled garden and being able to control who saw what parts of my profile, John has decided to open his profile up to all, exposing me in the process.
And even better! If Top Secret Lisa Facebook Information is showing up in Bloglines, where else do you think its showing up? Check out the top two results for my name in Ask’s Blog Search:
So. Not. Cool.
Sadly, I’m not sure what I can do about this (other than demanding that all my friends close off their profiles). It doesn’t matter how much you try and protect yourself; if others that you’re associated with are willing to be open about their information, then it seems like you’re at some degree of risk, too. Apparently, the entire world now has a right to know that I accepted John Harmon’s Friend Request and then sent him a Facebook message (which, since we’re apparently sharing, was about the fact that his Notifications were being indexed.)
Or maybe the fact that information is getting out has nothing to do with John opening up his profile? Is me sending John a Facebook message or accepting a Friend Request even part of his public profile? As far as I’m concerned it’s not. What if John and I were having some sort of illicit affair? This could seriously put a damper on my home life. [Because Jack Jack would be jealous? –Susan] I’m talking to my people here. Please go keep yourself busy by "editing" something. Your resumè, maybe.
There’s been a good degree of Facebook backlash lately, most of it rooted in the fact that, with the birth of all these pretty Facebook applications, we’re being forced to give up a little bit more of our privacy. Part of the information that was revealed about me was a result of the Quizzes application I voluntarily installed. Rae Hoffman recently blogged about her own problems with the Compare People application. That stuff doesn’t so much concern me. I mean, it does, but I realized (and have accepted) that it’s because of my own actions that information is being revealed. I opted into that. I don’t feel like I opted into this. And I’m not so convinced that John sharing his public profile qualifies as him opting in either.
I want to know why random Facebook trivia about me is ending up in the SERPs. And why now?
The stuff leaked about me was pretty trivial, but this could turn into a serious reputation management issue if users can’t control what’s getting into the index. Do I care that the world knows that I’m Facebook friends with John Harmon? Not particularly, but what if I posted new work information that wasn’t public yet? Or if it’s revealed that I’m messaging Jason Calacanis a lot, or they start indexing pictures (be afraid, Rae)? My Facebook profile may be pretty tame compared to others, but even so, if made public, it could cause me a whole world of trouble. Susan would know all the trash I talk about her. And those pictures of her I’ve posted? I could lose my job for real this time.
I chose to align myself with Facebook because of the promise that my information was closed off from people I didn’t want accessing it. Now that’s changing and it makes me more than a little concerned about what may end up in the SERPs next. If you’re a Facebook user, I’d caution you to pay close attention to what’s showing up for your name in the SERPs. You may be surprised.
7 Replies to “Your Private Facebook Info Isn’t So Private”
I had the same problem with my status updates showing up in Bloglines until I changed the privacy settings in Facebook. This works for me:
Go to My Privacy, Profile, below “Status Updates”, uncheck the box that says “Allow friends to subscribe to my status updates”. That should prevent your status updates from appearing in future feeds.
You can also do that for your Notes. Under “Syndication”, select “No one can subscribe”. I have not had problems with my status updates since changing those settings.
hey lisa, good info for the people who don’t understand just how public the ‘net is.
I just did a post on a myspace scraper site you may or not be aware of.
Controlling your personal profile can be an uphill battle if you’re not careful about what you say where.
At least we know, Lisa, from your Bloglines post that you’ll knock him down gently. Why, he’ll never even realize you’ve gone :)
@Danny: Thanks for the info. So what you’re really saying is that I have to knock around John Harmon a bit. I see where you’re going there. Smart man. :)
“What if one of your FB friends suddenly doesn’t like you so much anymore? They could easily copy your photos and messages and stuff, and do whatever they want with it.”
Yikes, remind me not to hang out with any of your friends. :)
Nothing you say online is private. That’s basically how you have to think of it. You should never say or do anything (even in a walled-garden) that you’d not want to be made public.
What if one of your FB friends suddenly doesn’t like you so much anymore? They could easily copy your photos and messages and stuff, and do whatever they want with it.
Remember the Miss New Jersey “scandal” from a few months back? People got a hold of her private Facebook pictures (which incidently weren’t bad/dirty…Miss New Jersey is a good friend of my daughter, who took some of the photos!).
The point is, anything you say or post anywhere is potentially fair game. Even on private forums, email, whatever.
Not quite Facebook’s fault. For example, you can get a feed of your Gmail inbox. If you give that to Bloglines, I’d see that certain people may have emailed you (person, subject line) but not what they sent. It’s down to Bloglines (and other services) accepting password protected feeds. John’s feed is only showing up because he specifically fed it to Bloglines and didn’t keep it private.
Then again, Facebook’s help says this shouldn’t happen:
“Won’t Bloglines and other similar services make my notes content searchable by the world if my friends enter the URL for my Notes feed into those services?
Atom and RSS feeds from Facebook include the Bloglines Feed Access Control extension , and we set the access parameter to “deny” for all of our feeds. We also indicate in our robots.txt that feeds should not be visited or indexed by bots. The major aggregators and search engines (Bloglines, Technorati, Google, Yahoo!) all appear to respect these directives. If you are very concerned about the possibility of someone seeing your notes that you don’t want him or her to see, we’ve added a privacy option that you can set on your notes privacy page which will prevent any of your Notes from being syndicated in any RSS or Atom feed.”
I haven’t explored this enough, but it could be that there’s a setting that John used to override this.
WOW – very interesting – this changes everything!!! Thanks Lisa – diggin in now to see what’s really out there!