Facebook Frictionless Sharing: 4 Privacy Steps

New social applications can post what you're reading, watching, or listening to without you clicking the "Like" button. Should you let them?

David Carr

October 1, 2011

7 Min Read
Network Computing logo

The three horsemen of fear, uncertainty, and doubt are galloping across the face of Facebook right now, as users nervously await a whole slew of user interface changes that they are not sure will be improvements. One of the biggest question marks surrounds a feature Facebook calls "frictionless sharing," where applications will be allowed to post about activities, like what news articles you've read, or what music you are listening to, without your explicitly deciding to share or "like" that bit of content.

For example, that's what happens by default if you connect the Spotify music service to Facebook or read articles on the new Washington Post Facebook app. This is arriving at the same time as the new Facebook Timeline, which is also controversial for the way it provides access to historical posts that previously were buried (and that, in some cases, you might rather were forgotten).

At the moment, you can enable some of these new apps but won't see the notifications posted to your profile unless you enable the developer preview of Timeline.

The good news: Facebook has improved its privacy controls recently, with specific ones related to frictionless sharing. Below, I will share some thoughts on what changes you might consider and why. First, some quick background.

[Want to boost your social networking and professional appeal to recruiters and potential employers? See 10 LinkedIn Tips for IT Pros.]

The cliche about Facebook users is that they rebel and complain at every major user interface change, then promptly forget their vows to quit the service a few weeks later. Sometimes Facebook makes a few changes in response to the outcry. Other times, the whole controversy just blows over.

On the other hand, the uproar of frictionless sharing reminds some people of the one over another passive sharing feature, called Beacon, that Facebook introduced in 2007 and ultimately withdrew with apologies. Beacon automatically notified users' friends of their purchases on other sites, in a way many found invasive and inappropriate.

This time things will be different, predicts Travis Katz, CEO and co-founder of Gogobot.com. "I think Facebook learned a lot from that--they understand you can't do this without giving very good disclosures and control," he said. Application developers will have to think through those issues equally carefully, Katz said. "Any app that doesn't give users a very clear ability to turn things on and off is going to have trouble. Users want control, and they are quite vocal if they think their privacy is being violated."

Gogobot, a social travel site, is currently developing applications that will take advantage of the next round of changes in the Facebook Open Graph platform. Facebook's initial expansion beyond "like" as a verb for sharing content was to add media-oriented actions like "read," "watched," and "listened." The next step will be to allow applications to use their own verbs, and Gogobot plans to add some travel-related ones, for visiting a new country or earning a badge for the number of travel photos you've uploaded to its site.

Facebook is changing the permission request dialog to make it easier for developers to explain what permissions they are requesting and what they will be used for, which is an important change, Katz said. Gogobot plans to request individual permissions separately, allowing users to enable the sharing they want without scaring them off by asking for too much up front, Katz said.

Katz said the complaints about the new Open Graph will likely follow the pattern of the original introduction of the Facebook news feed, which allowed friends to see each other's posts without visiting that person's profile. "People literally freaked out over that," he said, and there were petitions and people threatened to quit--and then it became one of the most popular features on the service. "It made it much easier to share passively with your friends--it's the same sort of thing, but it sounds really scary at first."

Frictionless sharing is also opt in, to the extent that it only occurs when you enable an application that requests permission to post to your Timeline. Applications you have authorized previously will not be able to tap into this feature without asking permission.

However, there is the specter of unintended consequences.

A blog post by software engineer Michael Donohoe, formerly of the New York Times, discusses the reasons the paper decided not to be among the first to take part in Facebook's approach to passive sharing of news stories. One of the scenarios he discusses is that people might observe that someone had read a series of articles about cancer and draw conclusions (warranted or unwarranted) about that person's health from those items.

I posed that question to Julie Smolyansky, CEO of Lifeway Foods, a company leader who treats her Twitter profile as part of her company brand, but prefers to keep her Facebook profile private. That is, the company uses the Lifeway Facebook page for marketing, but the baby pictures she posts to Facebook aren't something she wants everyone to be able to see. Also, it wouldn't do for the CEO of a publicly traded company to have people seeing that she had been reading a series of articles about cancer and conclude that she was ill and might be about to step down.

Given that, would she simply refuse to sign up for apps including these auto posting features, or would she take the time to adjust her Facebook privacy settings?

"I'd probably play with the privacy controls," she said. "I don't think these concerns are reasons not to partake of all these amazing new tools. But I definitely would work very hard to make sure the privacy controls that I need to work with are there, she said."

So what Facebook privacy steps should you take now?

1. Pay attention to permissions you are granting any new applications.

If you don't want apps auto-posting to your profile, watch for any that specifically ask permission to access your Facebook Timeline. For example, Katz decided he didn't mind sharing his music listening through Spotify but elected not to grant Yahoo News permission to share his reading habits automatically. Yahoo still allowed him to access its service with that feature turned off.

If the application makes agreeing to that function a requirement, and you're uncomfortable with it, just say no.

2. Adjust the app privacy settings in Facebook

Visit the apps tab of your privacy settings and make adjustments as necessary.

You can look at the permissions you have granted individual applications and disable those permissions individually. However, you may find that doing so limits your access to the application. I experimented with removing the post to Timeline permission from Spotify and found the application immediately began prompting me to add it back – and wouldn't let me play any more music without doing so.

Another option is to customize the "App activity privacy setting," changing it to just "friends" or "friends of friends" or a custom setting such as a specific list of users. With a custom setting for the sharing option, you could even select "Only me" – in which case you won't be sharing at all anymore.

3. Adjust privacy settings within the app, if any

One way Spotify has responded to these concerns is by allowing users to disconnect their accounts from Facebook and adding a "Private Listening" option to the menu of its music player. Like the Private Browsing mode of a web browser, this lets you hide what Spotify CEO Daniel Ek referred to on Twitter as guilty pleasures. Which would be what, listening to Abba?

Watch for other publishers and app developers to provide their own ways of reassuring users they can control what they do and don't share.

4. View your activity log to edit or delete items

One feature of the new Timeline profiles is an "activity log," where you will be able to review what's appeared on your profile, including any frictionless sharing posts. You can then selectively delete posts, or change their visibility from public to friends only or whatever you desire. The ability to retroactively change the privacy settings on a post is one of a series of recent refinements to Facebook's privacy controls.

About the Author(s)

David Carr

Editor, InformationWeek Healthcare and InformationWeek Government (columnist on social business)

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights