Facebook and privacy: a cautionary tale

Facebook has been weathering a number of privacy-related storms lately, the most recent (at press time) being a new feature called "Instant Personalization", which allows partner websites - starting with Pandora, Yelp and Microsoft Docs - to personalize your experience based on the public info in your Facebook profile.

Just before that announcement, Facebook changed its privacy policy so that public info such as "current city, hometown, education and work, and likes and interests" would be transformed into "connections" that can be shared publicly on sites with similar interests. So, for example, a Facebook site about mobile devices, say, will list every member who named "mobile devices" as an interest. The only way to get off the page is to delete the interest.

The two announcements together essentially mean that more user info is public, which means more partner sites - to potentially include advertisers and marketers - can mine that info for targeted services and ads. To be fair, Facebook has an opt-out process - but it's so strikingly laborious that the Electronic Frontier Foundation has a dedicated page with updates to guide people through it.

Here's the interesting part.

Many of my Facebook friends are unhappy with this, as well as every other Facebook privacy change that has arisen in the last year. And I find myself in the position of explaining to them - to their astonishment - that this is nothing new, and that Facebook is hardly the only company doing this. Odds are, so is their ISP or mobile operator. And if they're not, they're definitely looking at ways to get in on it. The mobile sector in particular has been keen on the idea for several years now, because of the wealth of context-aware customer data that can be transformed into lucrative new services with a premium on personalization for users and targeted marketing opportunities for advertisers.

And there's ostensibly nothing wrong with any of that. Many cellcos already know from experience that users want personalized services and will gladly give up a little privacy in return for a tangible benefit. But many have also learned that trust is essential to making it work, and the starting point is to give people the chance to opt in, rather than forcing them to opt out - and if they do have to opt out, make it super-easy.