Musings about Facebook Application Privacy

After reading the ACLU’s report about Facebook app privacy problems and taking the quiz demonstrating them, What Do Quizzes Really Know About You?, I was a little upset at first.

The privacy settings just seemed completely insane. Let’s use one’s sexual orientation as (spicy) example and assume we have two facebook users, A and B, with the following privacy settings:

A does not allow apps to see A’s sexual orientation.
A does allow all other accesses.
B does allow all accesses.

If B now runs an application, it would seem like B’s application shouldn’t see A’s sexual orientation, because A denies applications that piece of information. However, it seems like Facebook uses B’s privacy settings, which grant all accesses. The result is that B’s application can see A’s sexual orientation. This seems wrong.

I’ve realized, though, that in principle there is nothing wrong with this. Since B can see A’s sexual status, B’s application could ask B to manually enter it, and the application would still know about it. The desire to apply A’s privacy settings to B’s applications really only prevent automation, not the spread of information.

I would still like Facebook to change this, but if I really want to maintain my privacy, I probably have to abstain from using Facebook at all: The least fixpoint of entities that have my information is not small at all.

PS: Now I am going to post this on Facebook.


About Mathias

Software development engineer. Principal developer of DrJava. Recent Ph.D. graduate from the Department of Computer Science at Rice University.
This entry was posted in Ramblings. Bookmark the permalink.

Leave a Reply