Facebook’s New Privacy Controls Give Users More Choice, and Direct Them to be More Open

Facebook is rolling out a new set of privacy options over the next few weeks — the company’s response to confusion and criticism that it has received following a number of privacy changes, product launches and security issues from late April.

Key Points

The most important aspect of the options is a new privacy interface featuring one-click controls over who sees all the content you share on Facebook, and a grid to help you visualize exactly what you are sharing, and with whom.

You’ll also gain more privacy control over data that Facebook previously directed you to share publicly, such as who you are friends with, and to which Pages you are connected.

There are also new options regarding how you share with applications and outside websites, including the choice to opt-out of the Facebook Platform (ie applications, Connect, Instant Personalization) completely with a single click.

Facebook has succeeded in balancing simplicity with granularity to create a privacy system easy enough for most to understand while still allowing full customization. However, it is still directing users to share potentially sensitive information with everyone by default, which may cause users — and Facebook — more privacy problems.

In a press conference and Q&A with company chief executive Mark Zuckerberg, he explained the genesis of the new privacy alterations. In response to criticism of the complexity of the new privacy system, Zuckerberg acknowledged that “there were a lot of changes, maybe we should have gone a bit slower or communicated a bit clearer.” As the outcry built over the course of the last month, the company quickly began working on the new privacy system, integrating testing with users from across the public-private spectrum.

Along with the new interface we’ll detail below, Facebook came to three important decisions.

1.  Privacy controls will retroactively apply to all content you have posted to date, and will apply to all new products and features added in the future.

This fact assures that anything you’ve erroneously been sharing with the wrong people up until now will be swept away to your new privacy settings. The move is crucial to pacifying users who were taken by surprise by amended privacy defaults and believed Facebook may have endangered their reputation with the changes.

Going forward, users won’t have to be afraid that new features could expose them since they’ll be governed by their own previously-chosen privacy settings.

2.  User data which was previously fixed as publicly available, including who your friends are and which Pages you are connected to, can now be controlled through privacy settings.

Realizing that people are judged by the company they keep, Facebook will allow users to keep this data private. This prevents someone from being locked out of your profile, but able to look through your friends until they locate one with a public profile where they could discover photos of you or wall posts you’ve made.

As far as Pages, this will help people become more liberal with the “Like” button. You’ll now be able to get feed updates from a controversial politician or guilty-pleasure band without sharing your connection with everyone.

3.  Facebook will reduce the frequency of changes to its privacy system.

A pleasurable Facebook experience doesn’t include staying ever vigilant of privacy modifications. The root of the backlash wasn’t that Facebook had changed, but that it had changed too quickly without educating users on how the reach of their sharing was affected. Facebook wants users to be excited about sharing and connecting, not worried about privacy. However, the new system isn’t perfect.

The New Privacy Interface

Facebook is rolling out the new privacy controls over the next few weeks, notifying users with the message above on the top of their home page when they gain access to the system. The “Learn more about controlling how you share” link leads to Facebook’s glossy Privacy Guide featuring a graphic-laden summary of the changes. Wednesday, this notification message linked the words “improved privacy settings page” directly to the new interface, but has since delinked them, perhaps wanting people to learn more before trying out the interface.

The thorough, easy-to-read Privacy Guide should make the changes very comprehensible and assuage fears — if users take the time to read it. Here, Facebook answers questions about why it needs certain data. For example, it explains that “Gender is public so we can correctly display your gender (for example, “Add her as a friend.”).

Users with the new privacy controls activated can access the interface from the blog post, Guide or through the home page’s Account tab -> Privacy Settings.

At the top of the new privacy page is a link to Basic Directory Information (BDI) with the tag line “To help real-world friends find you, some basic information is always open to everyone. We suggest also setting basics like hometown and interests to everyone so friends can use those to connect with you.”

The Basic Directory Information Page

Clicking to the BDI page, you’ll see that the interface is quite similar to the old privacy controls, displaying rows of options with-drop down menus that let you choose to share certain types of information.

First, it explains the few pieces of data that it requires be available to everyone: your name, profile picture, gender, and networks to which you belong (though you aren’t required to have a profile picture, and can choose not show your gender in your profile). These are necessary for people to be able to identify you as you, but this also means users should be wary of posting a profile picture showing any questionable conduct.

BDI collects options that were previously scattered amongst the Contact Info and Search pages of the old privacy interface. You can choose who can find you with Facebook’s internal search; who can friend request you or send you messages; who can see your education, work, current city, and hometown, and the new options to restrict who can see with whom you are friends and the Pages to which you are connected.

A main point here: in April, Facebook had directed users to convert their interests from text to links to Pages. If you went through with the process using Facebook’s transition tool, you were made to “Like” a Page that corresponded to your previously-stated interest. Because Pages are public, this made your interests public. Now you can hide them again.

These options all default to “Everyone”, but we think many users will want to use their newfound powers to prevent those who don’t know them from seeing their friends and Pages. Outside of these two options, the Basic Directory Information page works well to separate privacy options that must stay public for Facebook to function properly from controls on sharing content.

Not all the categories give you the same set of options to choose from. But the range of options, overall, may include from Everyone, to Friends of Friends, Friends Only and Customize.

Note that under the Customize option, you’ll get the same options as before. You choose Friends, Friends of Friends, Specific People, and Only Me. If you select Specific People, you’ll be able to choose individuals or lists that you’ve previously made.

The Choose Your Privacy Settings Page

The centerpiece of the new privacy controls, called Sharing on Facebook and listed beneath the link to the BDI page, allows users to broadly protect or expose their content with a single click, then see the results as a visualization.

Previously, privacy settings for each different type of data and content, like biography, birthday, or the ability others to comment on your posts, had to be set individually. Furthermore, with so many options it was hard to get a quick and accurate feel for how private your data was kept. Now users can actually see their settings, not just read them.

The one-click controls break down who can see user data into the same three buckets as before: Everyone, Friends of Friends, and Friends Only. By selecting one of these stock settings, you can choose who can see your various types of data and content, which is in turn visualized by the grid.

There is also a Recommended setting, a mix of the three buckets designed by Facebook to be a sensible approach to privacy for most users. Here, contact info like phone numbers, email and home addresses, IM screen name and the ability to comment on your posts are reserved for friends only; your birthday, religious and political views, and the ability to view photos and videos in which you are tagged are given to friends of friends; and your family and romantic relationships, biography and favorite quotations, and your status updates, photos you’ve uploaded, and content you’ve posted are shown to everyone.

While the data in the friends-only bucket seems appropriate, the fact that Facebook recommends you share your photos, status, and posts with everyone is could be a problem for a significant portion of its users.

Status updates frequently contain information about a user’s location, behavior, and plans. Allowing everyone to know you are “at Ike’s Sandwiches in San Francisco right now”, “Hungover from last night” or “Flying to Vegas as soon as work ends” could help a stalker find you, an employer form a negative opinion about you, or a burglar know your house is empty.

This issue is compounded by the fact that status is often updated from mobile apps that don’t offer post-by-post privacy options. Photos, meanwhile, are frequently kept private from family members, or even from friends when a user is applying to schools or jobs, as users worry shots of them at a party, in unprofessional clothing, or engaging in risqué behavior could cost them a relationship or big opportunity.

While protecting contact information that could facilitate identity theft is important, so is the reputation of Facebook users. Recommending that status, photos, and posts be open to anyone more than friends of friends could be a risky move, considering that Facebook wants to avoid further backlash and truly protect their users. Worse for Facebook than a public backlash, users might decide that Facebook is not a good place to be sharing more intimate aspects of their lives, thereby decreasing sharing on the site — and making Facebook less relevant.

However, if users want more granular control, they can click “Customize Settings” to individually select settings for everything on the grid. This page includes options for things a user shares that are not cited on the grid, including who can see your website, or who you are interested in and looking for. Also, users can control things others share (which could be reworded for clarity) such as photos and videos you are tagged in, the ability to post to your wall, and the ability for others to see or comment on these posts to your wall.

Available in the BDI page and the main custom settings is a button that says “Preview My Profile”. Under the headline “This is how your profile looks to most people on Facebook” you can view your profile through the eyes of someone completely removed from your network. You also have the option to type in a friend’s name and see how they see your profile, which can helpful for checking the view of people you’ve partially blocked. However, there is currently no way to see what friends of friends see. This page could be improved by having buttons to view your profile from each of the three buckets or a specific friend.

Other New Settings

Beneath the “Share on Facebook” grid there is a link to Applications and Websites settings which we analyzed earlier this week. The important news is that there is a single button, albeit a small one, which allows you to opt out of Facebook Connect, Instant Personalization, applications and anything else associated with the Facebook Platform. While useful to some users, it creates a situation where one bad apple can ruin the barrel. If a user is plagued by one or two spammy apps, or gets spooked reading about the Yelp Instant Personalization security flap, they might hit “Turn off platform applications,” thereby uninstalling apps by developers who worked hard to conduct themselves admirably.

The block lists privacy page has gotten a small update whereby along with blocking users in general, you can block all application invites from a specific friend. This will come as a relief to people who are too nice to remove relatives and old friends but can’t stand getting another Farmville invite from them. Application invites are still awaiting the new apps notifications area.

The change to the pages of privacy controls discussed here are augmented by the previously-existing ability to control the distribution for each piece of content by hitting the lock icon when publishing. This feature allows you to distribute to select one of the buckets or manually enter which friend or list you wish and do not wish to see the content. Any choices made using the lock feature will override your other privacy controls, allowing you to restrict or expose a certain post while maintaining your control over the rest of your data.

Also, more of these features need to migrate to Facebook mobile interfaces like m.facebook.com and the iPhone app.


Facebook has made a significant step towards making privacy control easier without stripping out functionality. They have also improved communication to minimize the impression that it doesn’t have users’ best interests at heart. Still, their choice to encourage users to share their highly sensitive status updates and photos with the world shows that it is still pushing them to share more publicly, rather than setting the defaults to private. Along with continuing to make features like Instant Personalization opt-out rather than opt-in, the company is headed towards openness as it was before.

Privacy groups, senators, and users who have previously criticized Facebook for pushing users to be too open have called out its continued open-by-default focus. Whether or not Facebook has blunted the critics enough to escape a larger backlash, regulation, or long-term traffic loss is not yet clear. However, the reaction so far has generally appeared positive. Combined with Zuckerberg’s focus on communicating the company’s vision to users, the overall impression is that Facebook wants to do right by users even as it encourages them to share.