Most Read: Business

 Last Update: : AM 04/26/2015(NASDAQ&DJIA)

World Markets from      


Other Market Data from      


Key Rates from      


Blog Contributors

Timothy B. Lee

Timothy B. Lee

Timothy B. Lee covers technology policy, including copyright and patent law, telecom regulation, privacy, and free speech. He also writes about the economics of technology. He has previously written for Ars Technica and Forbes. You can follow him on Twitter or send him email.

Brian Fung

Brian Fung

Brian Fung covers technology for The Washington Post, focusing on electronic privacy, national security, digital politics and the Internet that binds it all together. He was previously the technology correspondent for National Journal and an associate editor at the Atlantic. His writing has also appeared in Foreign Policy, Talking Points Memo, the American Prospect and Nonprofit Quarterly. Follow Brian on Google+ .

Andrea Peterson

Andrea Peterson

Andrea Peterson covers technology policy for The Washington Post, with an emphasis on cybersecurity, consumer privacy, transparency, surveillance and open government. She also delves into the societal impacts of technology access and how innovation is intertwined with cultural development.

Post Tech
About / Where's Post I.T.?   |    Twitter  |   On Facebook  |  RSS RSS Feed  |  E-Mail Cecilia
Posted at 11:42 AM ET, 04/18/2011

Security firm calls on Facebook to step up its game

Privacy is a perpetual thorn in Facebook’s side, and now a prominent Internet security firm is calling on the company to improve its safety and privacy. Facebook is, of course, designed around the principle of sharing information. But the social network has faced a lot of backlash from users who want more notice of and control over how the site shares and uses personal information.

The security firm, Sophos, issued an open letter to Facebook zeroing in on three steps it says the social network can take to better protect its users: make privacy the default option, vet its app developers and offer secure browsing across the site.

Those three moves would address a lot of the privacy concerns Facebook users have expressed. Default privacy would have avoided problems with the site’s Beacon advertising feature, which shared users’ online purchases with their network; Facebook was sued over the feature and discontinued Beacon in 2009. Facebook apps are probably the prime source for spam on the site, posting unwanted messages and “likes” on user profiles.

And while Facebook does offer secure browsing — a feature that is turned off by default — Sophos said it only offers the secure option “whenever possible.” The firm said that https encryption should always be an option for users.

Those playing devil’s advocate could easily say that it’s not up to Facebook to take care of any of this. It’s a free service and a business, after all, and what you put on the site is completely up to you. No one should be in doubt that the site is looking to mon­etize your personal information, and it’s a bit naive in this day and age to think that anything you put on the Web is truly private.­

Regardless of what you think Facebook’s responsibilities to its users may be, it’s best to always operate under a set of ground rules: If you don’t want everyone to know about it, don’t post it. And if you don’t completely trust something, don’t click on it.

Related stories:

‘Twilight’ game scam spreading on Facebook

Facebook offering site-wide 'HTTPS' security

Internet firms wake up to federal privacy scrutiny

By  |  11:42 AM ET, 04/18/2011

Tags:  Social networking, Security

Read what others are saying

    © 2011 The Washington Post Company