Facebook changes touch privacy nerve

ByABC News
October 2, 2011, 2:53 PM

— -- Facebook has touched a nerve with a broad range of critics upset about the social network's latest batch of online sharing technology.

Ten consumer and privacy groups have joined Reps. Ed Markey, D-Mass., and Joe Barton, R-Tex., in calling on the Federal Trade Commission to investigate new sharing mechanisms designed to accelerate the collection and dispersal of information about Facebook users' Internet activities.

In the spotlight are Timeline, a feature that maps everything a user has ever done on Facebook, and several "Open Graph" applications designed to broadcast a user's surfing patterns and Web interests to friends and friends of friends.

Users have long been able to share information, manually. But the new services automate much of the sharing process, and appear to tap deeper into user data amassed by the company, says Chris Calabrese, legal counsel for the American Civil Liberties Union.

"There's a loss of user control, here," Calabrese says. "Combined with the permanent nature of the information, it means there is a lack of the ability for consumers to control and protect their online reputations."

Laura Antonini, research attorney at Consumer Watchdog, says Facebook's new sharing features "disregard the privacy of its users by making sweeping changes that expose personal information without giving users the chance to choose what information they want shared with the world."

Facebook spokesman Andrew Noyes counters that Timeline and the new Open Graph apps are intended to make it easier for users to share music and other content with their friends.

He acknowledged that Facebook does use tracking cookie technology to monitor and correlate users' Web activities, just as Google and other online ad networks and analytics firms commonly do. He says Facebook does so responsibly. "We offer numerous controls both before and after the fact," says Noyes, adding that "all the sharing is opt in and easily controllable."

Mike Murray, managing partner of MAD Security, notes that there is little stopping Facebook from changing that policy. "The settings that are default today may not be in the future," says Murray. "What we've seen from Facebook over the years is a constant, creeping advance in the amount of tracking that is done."

Meanwhile, security experts say Facebook has also raised fresh security concerns, as well. The company has recently rolled out new mechanisms to encourage users to share more educational, career and health information, and to recruit "subscribers" to follow them on Facebook, akin to how people follow each other on Twitter.

Crime gangs will almost certainly tap into the richer information Facebook users divulge about themselves to trick victims into infecting their PCs with a virus, says Catalin Cosoi, researcher at antivirus firm Bitdefender. "This will make it a lot easier to obtain valuable information about an individual," Cosoi says.

And as the company promotes Twitter-like following of recent wall posts among Facebook users, spamming scams now common on Twitter almost surely will migrate to Facebook. "Facebook has underestimated the sophistication of the cyber underground," says Tom Kellermann, chief technical officer of mobile security firm AirPatrol. "If you build it they will come."

Facebook says it goes to great lengths to keep its users safe. "We have technical systems that operate behind the scenes to flag suspicious behavior and slow it down or block it entirely, and we're constantly working to improve these," Noyes says.