Correction to This Article
The column incorrectly said that Chris Kelly is on leave as Facebook's chief privacy officer. Kelly, now a Democratic candidate for attorney general of California, resigned March 16.
The latest Facebook fracas: Your privacy vs. its profit

By Rob Pegoraro
Sunday, April 4, 2010; G04

The signs of a new season surround us: Flowers are blooming, trees are budding, and another Facebook privacy fracas is brewing.

The last event kicked off a week ago, when the popular social network posted a note on its blog about "working with some partner Web sites that we pre-approve to offer a more personalized experience" at those sites.

This possible change didn't exactly get a charitable read in reactions like "Facebook's Plan To Automatically Share Your Data With Sites You Never Signed Up For," and "Facebook Planning To Give Away Your Data To 'Partners.' "

How bad could things get for the 400 million-plus Facebook users when this test begins a few months from now?

The potential downside seems obvious. You'll see that some random site knows who your Facebook friends are and fret about other once-private information Facebook might be leaking. But what will you be able to do when so much of your life is tied up there?

As Sherry Turkle, a sociologist at Massachusetts Institute of Technology, said in an e-mail Thursday: "There is a sense of the 'investment' in Facebook being so great that one is beholden to it. . . . This is not empowering."

(Before I go further, a few disclaimers: Washington Post Co. chairman and chief executive Donald E. Graham sits on Facebook's board of directors; Facebook's chief privacy officer, Chris Kelly, who is on leave to run for political office, is a friend of mine from college; and many Post staffers, myself included, use public Facebook pages to connect with readers.)

The upside isn't quite as clear.

In a phone interview Wednesday, Facebook spokesman Barry Schnitt and product director Bret Taylor said the Palo Alto, Calif., company wanted to expand its utility. In this experiment, Facebook would build on its Facebook Connect system (in which people can sign into sites such as The Post's with their Facebook accounts) to help other companies greet Facebook users with a taste of its social network.

For example, Taylor suggested that if a Facebook friend posted a link to a song on his wall and you clicked over to the record label's site, the label could tell you which Facebook pals liked the song.

This test would come with limits. You'd have to be logged into Facebook in the same browser to get any such personalized welcome elsewhere, less than 10 sites would be invited into the program at first, and each of them would have to let you easily opt out (after which each would have to delete any data Facebook had shared about you). Facebook would also provide a universal opt-out for the entire program.

To its credit, Facebook hasn't tried to spring this change on people. Beyond that blog post, it has invited users to comment on proposed changes to its privacy policy and "statement of rights and responsibilities" -- then provided a marked-up version of each showing text that has been removed and added, a step few other sites bother to take.

The reaction to that prior disclosure could indicate how worked up people really are about the changes. The relevant part of the new privacy policy, "Information You Share With Third Parties," had drawn only 211 comments early Thursday.

More important, consider what's happened since Facebook made far more user data public by default in December. According to Schnitt, 33.9 percent of Facebook users had changed their privacy settings one way or another, even though the site required all of them to confirm, decline or edit its suggested options. Since then, 50 million more people have joined Facebook.

You can't chalk all of that up to audience obliviousness.

Perhaps Facebook users have decided that with so many people on the site, their own data get lost in the collective noise -- sort of the way living in a big city affords some enforced anonymity.

Some might have learned to think like publicists on Facebook. They dial back how much information they post, they only write status updates that beg for publicity (think of all the political manifestoes you've seen), or they create second accounts for their work identities (an action Facebook's user agreement prohibits).

Or maybe Facebook's executives are correct in assuming that people don't want as much privacy online, as founder Mark Zuckerberg said in January. (He did not say that privacy was dead, nor does he seem to think that; his own Facebook profile informs strangers that "Mark only shares some of his profile information with everyone.")

But even if all of those theories are true, changing the rules to share people's information without advance permission crosses a line. If the benefits of this openness are as obvious as Facebook suggests, this new option should sell itself to the same people who let Google's computers read their Gmail, then publicize their pastimes on Foursquare. And if this experiment is as limited as Facebook suggests, the company won't forgo much revenue if it eases off on its launch.

In the meantime, I'll stay on the site -- as a journalist, it's implausible not to. But it would help to see some sign that this company will go to the mat to defend its users' rights, even if that means jeopardizing its profits. It's not too late for Facebook to pick a fight with China, is it?

Living with technology, or trying to?

View all comments that have been posted about this article.

© 2010 The Washington Post Company