

Facebook's creepy privacy - jgrahamc
http://www.jgc.org/blog/2009/12/facebooks-creepy-privacy.html

======
tome
I agree that this is appalling behaviour from Facebook, but how anyone could
give a third party website access to their Google Mail account is beyond me.

~~~
jgrahamc
That wasn't hard. I just changed my Google Mail password temporarily while
Facebook needed access.

~~~
bumblebird
Allowing anyone access to your email account, even temporarily, seems like the
problem here. I just wouldn't do it. Ever.

~~~
stingraycharles
I don't think the point of the article is to explain how to prevent malicious
use of your private data, the point is that a big public company like Facebook
should not be doing certain stuff with the data it mines.

~~~
gloob
If you give Facebook your ssh password, there are much bigger problems than
"Facebook shouldn't do such-and-such with the information it gets" - and those
problems are not with Facebook. Same goes for any other password that you want
to actually protect something.

If you give up your password just because a stranger asks you nicely, whatever
happens is your problem, imho.

~~~
stingraycharles
Nobody is talking about giving away ssh passwords: this is about a tool that
Facebook has provides that helps you find friends that are already in your
(Gmail) address book. Heck, just 3 posts above the OP says that he even
temporarily changed his Gmail password.

The problem being described is a shady side-feature of this tool, where it
apparantly stores _all_ your contacts in your address book, even the ones not
on Facebook, and when one of those email addresses ever pop up in the future,
it is being re-used again. That isn't really nice if you're not up-front about
it.

And you can't compare Facebook with a stranger in this context, it's a big
company with a public image to maintain.

------
tcskeptic
_"I'm guessing that what happened here is that these people have my email
address in their address book."_

I don't think this is necessarily true. In my experience most of these
suggestions have come from friend-of-friend commonality. For example, two of
the people you are friends with on Facebook are also friends with these
people, so Facebook thinks you know them. Even if your thoughts on what
happened in this case are correct, this kind of connection making, social
graph building utilities if you will, are so fundamental to the purpose of
Facebook that your objection seems odd to me. This kind of stuff is exactly
why many people join.

~~~
jgrahamc
I would think you were right if it were not for the fact that the email was
sent to an email address that I have not registered with Facebook. That means
that they can't have identified my Facebook profile and must have been going
off on the presence the email address used in the address books of those
people in the email.

------
prabodh
Facebook allows me to see pictures of people who are not in my friend list,
but which are commented by any of my friends...I can their complete album even
if only one pic is commented by any of my friends...How is that for privacy ?
Any thing more private than your pics...

~~~
scott_s
Repeat after me: there is no privacy on the internet. Everything you do or say
is public. Act accordingly.

------
brown9-2
I've always assumed that a part of what _Import your friends from your email!_
did was exactly what you describe - try to invite the non-Facebook users in
your address book to Facebook.

This is one of the reasons why I would have never thought of trying to import
my email account's address book.

------
raintrees
A colleague of mine pretty much came unglued when LinkedIn came up with friend
links he did not supply (he had not used the address book surfing feature). He
actually contacted a rep and had a back and forth argument: "You opened my
address book without my permission," "No, we did not."

I'm fairly sure that people are not thinking through the ramifications of
giving _anyone_ else _any_ data online. This seems to be a similar learning
curve as those who are finding their offline shenanigans haunting them later
in online life.

And it seems quite a business opportunity to offer "reputation clean-up"
services, maybe similar to the "credit clean-up" services existing now.

I am aware of an instance of a non-refundable charge of $1200.00 and the reply
of "there is nothing we can do in your case."

------
socratees
I just feel kind of irritated with this "People who you may know" feature.
Especially on Facebook and LinkedIn.

------
psranga
You forgot to double-highlight the bare "including", which automatically
implies "including but not limited to".

Yep, unexpected. That's why I don't ever take up websites' offer to parse my
address book.

------
youngian
I refused to get on FB for years because their privacy policy was so awful (I
eventually relented). It's always been one of the worst privacy policies
around, which is saying something.

I don't want to be the pedant who says "you should have read the privacy
policy before you signed up," but you _should_ just assume that any site like
this is going to do all sorts of shady things with any information you
provide, until you find evidence to the contrary. This kind of paranoia is
absolutely called for on the web.

------
cake
I'm quite impressed by Facebook's friends suggestions, I discovered a lot of
friends thanks to it.

I'm not sure he received this suggestions solely on his emails contacts as I
haven't allowed Facebook to access my email contacts and I could find most of
them in my suggestions anyway.

I suspect that they also log when you view someone's profile and use this
metric to offer better recommendations.

Anyone know more about how it works and what data they use ?

~~~
potatolicious
I'm perfectly with fine with Facebook recommending new friends based on _their
social graph_ \- it's an entire other story when this involves snooping
through people's emails.

------
staticshock
_Truth be told, you loved Porky's Revenge, but you'd prefer that your five-
star rating stay between you and Netflix. But those situations are rare and
getting rarer._

I'm sorry? Are situations requiring privacy getting rarer? I hope you can back
that up with some kind of numbers, Slate.

