This afternoon I was reading an editorial piece by Adam Cohen in the New York Times. Adam makes a great point about the need for granular privacy settings, “Users should be asked if they want information to be viewable by others, and by whom: Their friends? Everyone in the world? Privacy settings, which allow for this kind of screening, should be prominent, clear and easily managed.”
What I’m a little confused about is why he said Facebook hasn’t made enough steps to empower users to control their privacy settings. Currently, Facebook offers the most granular privacy controls of any website. The existing problem is not with Facebook but instead with users’ identities across the web. The interesting part of this is that suddenly bloggers, journalists and the general web community appear to believe that privacy controls are something they have a right to and it should be included with all websites.
Aside from the Beacon fiasco, I’m not quite sure why Facebook receives all the blame for failure to provide granular privacy settings. In fact they are one of the few sites that provide such detailed selections. Regardless of whether or not Cohen made an appropriate accusation, we are headed toward a virtual world in which we have more granular controls across all the websites that we participate in. As communication between the multiple services that we use becomes commonplace we will see the emergence of the identity control panel.
We have yet to determine the exact location of that control panel. Right now sites like Facebook and FriendFeed appear to be ideal locations for managing our identity privacy controls. Just as there is a race to develop a singular Social Graph API, I think the next step is a standard for expressing our privacy settings. While I may be ahead of myself on this one, a basic level of privacy settings (make certain friends private, others public) should be eventually build into the social graph API.
Of course a standard for identity management needs to be adopted prior to a standard for privacy. Something eventually needs to get put in place though. I previously suggested that perhaps this is where government should step in. What do you think? Should there be a global privacy standard?