Time to Audit Your Facebook Privacy Settings, Here's How

Facebook privacy

Now that Facebook is loosening its data-sharing policies with third-party Web sites and applications, it's the perfect time for users to consider tightening up their privacy settings. This week the mega social network announced new personalization features that extend the Facebook experience to third-party Web sites—unless you opt out, that is. Here's a rundown of the new features, and how you can opt out if you choose.

The two new features Facebook launched of interest to users are called Social Plugins and Instant Personalization. Social plugins add Facebook interactions (such as "Like" buttons and comments) to non-Facebook Web sites. Instant Personalization makes your public Facebook data available to three select partners (Pandora, Yelp, and Docs.com) to help them show you content you might like.

How to Disable "Instant Personalization" on Pandora, Yelp, Docs.com

With Instant Personalization, if you visit one of the three partner Web sites—Pandora, Yelp, or Docs.com—you'll see a blue bar across the top of the site that lets you know the new feature's kicked in, as shown here.

Yelp

Unless you click on the "No thanks" link, that site will use your public Facebook data to tailor the site's functionality to you. Your public Facebook information includes your name, profile picture, gender, and connections. To access non-public information, the Web site is required to ask for you or your friend's explicit permission.

For example, if you're a fan of a certain musician, Pandora might automatically start playing tunes from that musician. It's a nifty feature, but it's opt-out versus opt-in. While you used to have to click on a Facebook Connect button to enable any sort of connection between a third-party site and Facebook, now you have to click "No thanks" to disable the feature.

Want out of instant personalization entirely? To avoid seeing that blue bar at all, while you're logged into Facebook, click here. Uncheck the "Allow" box in the "Instant Personalization" section. When you do, Facebook will prompt you with an "Are you sure?" dialog, as shown here.

Facebook

No one ever actually reads that much text when it shows up in an "Are you sure?" dialog, but this one is worth reading. Because even though you're opting out of sharing your data with third-party sites, your friends still can. Here's the relevant line:

"Please keep in mind that if you opt out, your friends may still share public Facebook information about you to personalize their experience on these partner sites unless you block the application.".

The details of a potential situation in which a friend of yours could share your information with a third-party site even if you yourself have opted out aren't clear. If you don't want to learn firsthand, you have to individually block the three partner applications that enable Instant Personalization. To do so, on the application pages, and click on the "Block application" link, as shown here.

Facebook

Click on each of the three partner application pages to block them: Microsoft Docs.com, Pandora, and Yelp.

Once you've unchecked the "Allow" box and blocked each of the three applications, you've opted out of Instant Personalization. (Note to Facebook: Four separate actions—and more, as you add more partners—is too much. MAKE THIS A ONE-SHOT DEAL.)

How to Opt Out of Social Plugins

Social plugins add Facebook controls to non-Facebook sites, such as a "Like" button and comments. There's no way to explicitly opt out of social plugins: Once a site adds one, everyone sees it, no matter what. (Check any movie, like How to Train Your Dragon on IMdb, to see a Facebook "Like" button on an external site in the wild.) However, if you just don't interact with the plugin, nothing posts back to your Facebook wall.

It's important to understand that Facebook isn't actually sharing information with the third-party site when they show you social plugins; they're just embedded widgets that don't interact with the parent site. That said, social plugins do have the potential to fool you into thinking you're doing one thing but actually doing another—such as "liking" something other than what appears on the Web page. Facebook news feed spam, anyone?

To avoid social plugin functionality entirely, log out of Facebook before you visit sites that have them.

De-authorize the Facebook Applications You Don't Use Anymore

Another announcement that's great for Facebook developers but a potential red flag for users is a change to Facebook applications' offline data storage limits. Used to be that a Facebook application couldn't store data for more than 24 hours; now that time restriction has been lifted, which means Facebook applications can maintain databases of user information indefinitely. There's nothing inherently risky about this—many applications ignored the 24-hour restriction anyway—but it's still worth cleaning out old Facebook applications you've got installed that you don't use anymore.

To do so, when you're logged into Facebook:

  1. Click on "Account" at the top-right of the screen and click "Application Settings."
  2. Change the "Show" drop-down box to "Authorized" to list the applications you've ever given permission to access your Facebook information.
  3. Click the "X" button on the far right next to each app you want to remove to uninstall it. In the dialog box, click "Remove" then click "Okay" to confirm app deletion.

The Ultimate Opt-Out: Deactivate or Delete Your Facebook Account

Facebook can't do anything with your data if you don't have an account. To deactivate your Facebook account, from the Account drop-down choose "Account Settings," then click on "Deactivate." Facebook will tell you how many of your friends will miss you if you go—complete with guilt-inducing photos!—and you can confirm. Note that if you just deactivate your account, Facebook will keep all you information just in case you change your mind. To irreparably delete your Facebook account, click here.

Add New Comment

10 Comments

  • Back2DLab Creative

    Great information complete with anchor links.  Thanks Gina, I'll post this on our Facebook page!

  • Andrew Vaughan

    @Theo Clark:

    You missed the entire point of the article though. This stuff is opt OUT by default. Facebook connect is (a really really useful) opt IN feature. Fastcompany doesn't go out and grab your info until you make 2 clicks (the connect button, and then the confirm button).

  • Didier Durand

    I am highly surprised that the big privacy issue raised by the new Like button did not raise more rants: Facebook can now identify the name of the user behind each impression of a "Like-equipped" page and doesn't even share back with the site owner.

    All details at http://media-tech.blogspot.com...

  • Theo Clark

    The purpose of this comment is to point out the irony of this post being on a website that allows one to "connect with facebook". It is of course a double irony in that my choice of commenting was to register with this site (annoying) or to click one button to use my facebook identity. Those scheming and evil geniuses.

  • Hanna Goldstein

    At least you have the option to opt out and control your privacy with some (badly designed but at least present) security and privacy settings. The http://www.dirtyphonebook.com won't even remove my phone number or despicable personal comments from there!

  • Thomas Costick

    I don't currently use Docs.com, Yelp or Pandora but, if I had been considering using them, their dealings with Facebook would make me think twice.

    Facebook's attitude to openness is unbelievable. When they add more apps to the list for Instant Personalization, how are we (who choose to opt out) supposed to know, so we can block the apps?

  • Melani Gordon

    I don't necessarily want to audit all of my Facebook settings. I'm liking the enhanced experience on Yelp.