Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Are you with me? Leaving Facebook.
105 points by ihodes on May 1, 2010 | hide | past | favorite | 139 comments
I'll be deactivating my Facebook account (tainting what I need to) and removing as much information there as possible within the week.

I'm not a hardcore privacy advocate, but I joined Facebook with the understanding that some of what data placed there would stay private. That is what we agreed to.

Facebook has repeatedly violated that trust.



Nope. I'm not.

Yes, privacy is important. However, the only information that I've ever put on Facebook is information that I'd want everyone else to know. That's why I have a Facebook; to give people who don't know me an idea of who I am and what I'm like, and get a little bit of personal branding out there. For instance, there's at least one little portion of my life that I don't want to be broadcast out to everyone, so it's conspicuously missing.

I don't feel that Facebook told anyone that their data would be private. Maybe I'm just naïve, or a little bit of an exhibitionist.


"I don't feel that Facebook told anyone that their data would be private. Maybe I'm just naïve, or a little bit of an exhibitionist."

This was actually how Facebook got popular in the first place. The whole point was that it was more private than the other social networks out there. As the site grew, one of its big selling points was its privacy control panel, which gave you granular control over how your content was shared.

Perhaps the perception has changed in the last year or two, but I think a lot of people signed up under the impression that Facebook is a safe/private site.


I think you're conflating privacy with exclusivity. Facebook was originally only for those in college because it was an electronic version of a book that was put out by Zuck's college.

Secondly, I don't think that Facebook's privacy controls were ever a big selling point. The fact that it was for cool kids combined with the fact that all of your friends were on it was a huge selling point. Yes, people use the privacy controls, but never the fine grained stuff, it's all "don't show info to people that aren't my friends."

Or maybe my perception was skewed. Facebook came to my school in September of my freshman year of college, so I'm literally in the exact cohort that grew up with it.


"Yes, people use the privacy controls, but never the fine grained stuff, it's all "don't show info to people that aren't my friends."

Exactly. People didn't care much about the granular stuff, just that only their friends could see what they were posting. With the changes FB has made to its settings (namely, the 'Everyone' setting that is now the default), that's no longer true.

For what it's worth, I was in the exact same group as you — Facebook came out while I was in college and I joined the day it came to my school. Exclusivity definitely played a part in helping it catch on, but I think Facebook's reputation as a "safe" site is what helped it make the jump from high school/college kids to everyone else.


As I said to someone below, though, it's not surprising that Facebook makes everything public by default. Facebook is highly incentivized to get people sharing with each other, and the more public things are, the better it is for them. I'm not sure what the answer is to this, if it needs answering. It's possible that the privacy people are in the minority.

That's another thing, though; we've both really only got data from our own anecdotal experiences and interpretation of our friends' descriptions of what makes Facebook valuable to them. Who knows, maybe we're both outliers, and the vast majority of Facebook's users use their ACL based system heavily.


Well, the "it's for cool kids" selling point took a big hit when they started letting high schoolers on it, and lost all credibility when I started getting friend requests from senior citizens and friends' parents.

And most of my friends don't actively use it, though most of us at least have a FaceBook account. I find that I'm getting bombarded by sheep from weak connections that aren't really doing anything with their lives, while most of the people that I actually care about, I either see in person or they have busy lives and don't spend much time on FaceBook either.


It's true, but by that time, they were so big and huge that it didn't really matter.

I don't actually log on to Facebook that much either. I do have my Twitter hooked up to post status updates, and I generally get as much engagement as I do on Twitter itself, so I log in to continue discussions with people commenting on my status. But that's about it.

If you're getting bombarded by sheep, try clicking the 'block updates from this application' button next time. I've been happily bullshit-notification free for a while now.


I'm similar. I use it to keep in contact with some far-flung family, but without Facebook I'd be using Skype more than I already do, or I'd just go oldschool and pick up a phone and call on a weekly basis.

Facebook is a mild convenience to me, like finding a good time to make an international call was a mild inconvenience. Once it becomes a mild inconvenience, facebook will be long gone.


Hm, if I remember correctly, what made Facebook popular at first, was that it was aimed at a more "mature" audience, as opposed to MySpace which was (and probably still is) infested by teenagers. For example, it didn't, and still doesn't, allow you to configure your page with auto-playing music, videos, custom backgrounds and fonts, and lots of animated GIFs. It also had a higher age limit at first, for what it's worth.


I agree with a lot of what you're saying, and I'll miss Facebook for the very reason you like it, too.

But I'm often more worried about what my friends do that can effect the amount of information out there, about me. Facebook makes it easy to inadvertently share information about your friends. That, I don't like.

I'd love a replacement Facebook, one that is a little bit like Facebook used to be: relatively simple, unintrusive and benign. I want fine-grained control over what I can share, and not to have to worry about what will be given away. Or at least know upfront what will be. Opting IN to things is great.

Basically, Facebook has treated me (and those who feel similarly) like crap.


Even with the way Facebook used to be (I signed up in 2004), people could have still shared information about you. One wall post is all it takes.

For that matter, this could happen anywhere on the Internet. Someone could write a blog post about you, or tweet about you, or any number of ways to publish information about others. The web is increasingly becoming read/write, and Facebook privacy settings aren't going to change that.


Writing a wall post or tweet takes active action on behalf of the friend. Hmm, this is on Jarek's Facebook profile -- let's paste it somewhere where others can see it too.

With the recent app privacy changes, all they have to do is use an app. The programmer can take care of the rest. Different level altogether.


Much of the talk I have been around has been that Facebook is adjusting societies mores as it concerns to what information you share about oneself and how one judges others. The result of this could be that Gen Y and Z will have a better integrated outlook on people.

I'm not sure if this will actually be the case, there could be a backlash against this (much like the backlash against the sexual revolution of the 60s/70s) or simply that "oversharing" will be done by a section of society while the rest continue to judge as we do today.

I have unfettered access to a rather large social graph so I should make some studies of this.

Anyone know some good reading on the subject to get me started?


Yep. I think this is what's happening. I wrote a bit about the topic on my blog a while back: http://blog.steveklabnik.com/the-burning-question-of-reputat...

If you find any other people discussing this, I'd be interested in reading, too.

Edit: It's kind of funny reading old things you've written. At the time, I felt like I might have said "asshole" one too many times when writing this post, and now I _definitely_ feel that way. Oh well, I apologize for the moderately excessive profanity.


Facebook's new Open Graph makes it easier for a "replacement Facebook" to help you find your friends!


> However, the only information that I've ever put on Facebook is information that I'd want everyone else to know

Congratulations, you already demonstrated your agreement with the author and effectively stopped using Facebook then.

The whole point of Facebook is to enable a you to form a private community of friends that share things. If you've degraded that to "only what I will share with everyone in the universe" then you've essentially withdrawn from Facebook already.


Maybeyou've assumed facebook is for private things. I assume anything on the internet is public, at all ties, except for my bank.


I'd say that's a pretty common assumption. Back in the day Facebook really did use to be a pretty walled garden and I have no doubt things were said that would not be said on Twitter or elsewhere on the web. I'm sad to see that aspect go.

Maybe it's different for people with 300 or 600 friends.


No, I'm really happy with the service that they provide. If there's something that's actually private, I'm not going to be posting it on the Internet in the first place.


I agree with you generally, but the most damning information about me that's on Facebook was posted by other people.


I had a fraternity brother in college who was gay. At some point in time, he realized that he was gay, but didn't want to come out.

An incriminating picture was posted on facebook and he was forced to reveal his sexual orientation to all of us (well we kinda suspected anyway) before he was ready in a pretty awkward way. He had to do the same not that long after with his family and it didn't go well at all.

All because someone posted a picture on facebook that was up for less than 30 minutes. I put the blame mainly on the person who put up the picture, but still, he should have had control over this kind of thing.


> I put the blame mainly on the person who put up the picture, but still, he should have had control over this kind of thing.

Facebook isn't special; it's just a subset of the Internet. If the people at your college had had, say, a mailing list instead, and someone had sent that picture to it (thereby putting a separate, cacheable copy in every person's inbox), would you reason similarly that "he should have had control over this kind of thing"? Just because it's one website, not millions, doesn't mean that anything put onto it won't be leaked back out by bullies, trolls, rumor-mongers or busybodies. There's no such thing as privacy in a network where even a single person is less than 100% trustworthy, no matter the medium.


In theory, yes; but in practice, Facebook seems to be the main nexus of these sorts of things. There are things that people will post "publicly" on Facebook that they would never dream of making a separate website for to post publicly. You might assume that nobody would post Photo X on Facebook if they wouldn't also be willing to make www.hereisphotox.com, but it's certainly not the case in practice.


> There's no such thing as privacy in a network where even a single person is less than 100% trustworthy, no matter the medium.

Agreed. The issue w/ Facebook is that these "identity collisions" (when an aspect of your identity is exposed to a group of your friends that formerly didn't know, i.e. parents find out you're gay) can happen accidentally far too easily.

In other words, it's not about maliciousness... and even if someone did want to spread information about you maliciously, it'd be a hell of a lot more challenging to do so over a mailing list (finding your boss', former co-workers', parents', siblings', friends', etc's email addresses vs tagging a photo or note).


The problem is that nothing he could have done could have stopped the picture being posted Even if he had no account it wouldn't have stopped people he knows posting and seeing pictures of him.


I put the blame on narrow minded family members.

You should be able to 'come out' if you are gay without that kind of nonsense, presumably you have enough to deal with in a situation like that and your family should be supportive.

Especially your family.


And me leaving Facebook solves that problem how? At least now I see when that kind of stuff happens.


It's a good point - leaving Facebook won't solve things like drunken pictures posted by your friends. It will, however, stop things like "Yooooo, did you hit that last night? Wasssuppp!" on your Wall that your family, colleagues and potential employers can see.


You can choose to make your wall read only.


I always thought the best solution to all this is if we had multiple Facebook accounts, e.g. "Bob Smith (1)", "Bob Smith (2)", etc, and then invited family only to (1), close friends to (2), old high school classmates to (3), etc.

This way, if any of them posts something stupid on your wall, only that subgroup will know about it.

Then, of course, you'd need an app that lets you post the same status update on all your accounts.


If you have friends like that it is your own fault. Expect duche friends to pull duche moves.


Ditto. I created an account because people kept sharing family photos, etc. with me. For the most part I've set my profile private.

However, when my sister started scanning pictures of our childhood and posting them tagged as me, public for the world to see I started get uneasy. Nothing compromising or unusual in them but there's that part of me that wants a say as to when crap like that is posted online.

It turns out of course I can "hide" photos tagged of me by other people - but still... Despite having my account private, other people can post pictures and tag them as having me in them. Frustrating.


Hear hear to that! I'm always puzzled by all these privacy nuts that go on and on about privacy problems with social media sites like Facebook. If something is absolutely private and you do not want to share it outside of one or two people, DO NOT put it on a social media site! Period.

In fact, I would go as far as to say never put any critically sensitive information on the web.


Absolutely. I sum it up as: "What happens on the internet, stays on the internet".


"What happens on the internet, sprays on the internet. Fast. And Forever."


The sum total of a bunch of innocent stuff posted about you by others can add up to a lot more than the parts if someone decides to put it together.

I read this a few days ago:

http://www.wired.com/vanish/2009/11/ff_vanish2/

Privacy is even more dead than I ever suspected.


So in your view, people should just have "one or two" friends on Facebook? How many people do you know who actually use Facebook like that? Do you really think that is the intended purpose of Facebook?


well sometimes its your friends.. that will put pictures up of you without knowing, or will tag you in and can't remove it yourself


"well sometimes its your friends.. that will put pictures up of you without knowing, or will tag you in and can't remove it yourself"

As many have pointed out, this happens already in blogs and email, on twitter, in various forums, etc., and not joining facebook will do nothing to prevent it from happening on facebook.

But more importantly, if you don't want your friends doing X or Y to you on facebook, you have a very powerful method of ensuring that at your disposal: make it clear that you find this unacceptable when it happens. Over time, people get the message before making the mistake, and these expectations harden into social norms. Ultimately, relying on these social norms is much more robust than relying on technological solutions, in my opinion.


Not having a Facebook account will not prevent people from posting pictures of you on their own, and even including your name in the picture description (thereby "tagging" you in every way except the notification.)


Not having Facebook will not prevent people from posting pictures of you on the web. The horse is pretty far out of the barn on that one.


I thought that one could now veto tags for yourself in pictures? Doesn't prevent you being named in the description.


Are you ready to share your online behavior with everyone, including all the sites you visit and videos you watch? Are you ready to have your picture used in ads your friends see? Because that's where this is going.


Seriously. I can't believe how differently others view facebook compared to me. I log in every now and then and talk to some old friends who I wouldn't be able to contact otherwise. What info is everyone so scared of getting out? What's the harm in targeted ads? Not like most of us are going to see them anyway.


Dear god, a post about Facebook's privacy change that's logical, non-extremist and generally makes sense. Thank you.


It sounds pretty extremist to me. This person is apparently so paranoid they will not use any form of hosted service, email, etc, or if they do, they only put things in there that they trust the entire universe to see. I would say that puts them in a tiny minority of people - ie. quite extreme.


I wonder how many of the hackers here who want to remain private take chances and look to create innovative things that are out of the normal(i.e.Twitter/Blippy)? They seem adverse to change.


I never went in - i still don't understand the point of FB or others of their ilk.

If i really want to keep in touch with far-flung family, friends - i pick up the phone or drop an email. If they are important to me i will make the effort. I also don't find the need to advertise on a daily/hourly basis what i am doing or tell people about the cool car/bike/tv/ipod etc. i bought. May be its just not for people like me.


Facebook is highly efficient for communicating with a large number of "fringe" acquaintances.

Things you suggest - picking up the phone, dropping an email - require 1-on-1 contact. I am limited in the amount of time I can devote to 1-on-1 contact.

But I can post on Facebook and people that know me but aren't necessarily people I want to devote a lot of 1-on-1 time to - more distant relatives, old friends, etc. - can see what I want to share. And I can skim my feed and see what they want to share.

The level of time and contact is proportional to the relationship. They're not my inner circle, they're outer circle. Facebook is the single best improvement to my "outer circle" relationships ever invented. For low effort, I get to have some contact instead of no contact.

For some people, Facebook is all about the time wasting activities, but that's not the core of the experience unless you make it so.


I can see your point but my take is - that's what New Year, Christmas, ${Special_Occasion} are for, keeping in touch with fringe acquaintances. Send an email on those days.


You're stereotyping facebook users pretty bad.

It's a great way to share photos. It's also an ad-hoc mailing list between you and your friends. Post what you want; it's literally up to you. I post photos and links to interesting stuff -- mostly nerdy but my friends aren't terribly surprised by that.

That's it. Seriously, it's not calling you at home and asking what you're doing every hour. You make it what you want.

People like to talk about their lives. You may not care, but it's no different than normal smalltalk.


Spot on. That's also why a lot of people who get annoyed by smalltalk gripe about Facebook.


I too was a FB-absente for a long time, but a friend of mine (non techie) explained its usefulness to me in a very good way.

"It lets you keep updated on what your aquintances does on a daily basis". Not your good friends (because you call them). Not your collegagues (because you chat/mail them). But all those highschool and childhood friends you dont see on a day-day basis because they're in another country/region/world/whatever.

Now, I could argue that that information is quite, uninteresting, and in many ways, it is. It is however quite nice to know that if I want to reach those people, I can.


Facebook makes everyone a celebrity in their social circle. It makes you and your friends "newsworthy". It lets you check out people you secretly like and gives you another chance to laugh at people you made fun of in school.

It's not about keeping in touch. It's about hanging out and gossipping.


I left and advised everyone I know to do the same. Privacy was never an issue for me, but Facebook keeps changing the rules. I can't keep up.

http://www.eff.org/deeplinks/2010/04/facebook-timeline/ http://www.eff.org/deeplinks/2010/04/facebook-further-reduce...


I've stopped using mine, removed all apps, unfollowed (er, unliked?) all pages.

I'd guess the market is ripe for a fb-type site that, for lack of a better phrase, isn't evil. And doesn't have a horrible ux.


My reason isn't entirely the privacy concern, though, I just think their UX and some of their design/application decisions are _horrible_. It's an excruciating site to use if you want to do anything other than the two or three things they _want_ you to do.

* Sharing information: Easy!

* Removing information: Okay, not _too_ hard, but not as easy as sharing it!

* Adding applications/pages: Easy!

* Removing applications: Good luck doing it in less that four clicks, even assuming you know where to look!

* Unliking pages: Where the heck... oh, there it is in little tiny letters way down the left column...

And so on.


It's because their incentives aren't aligned with yours. Of course they want to make it easy to share, and hard to wall yourself off.

I'm not sure how to properly align those incentives, but you can't really blame them.


That's true.

But I'm not necessarily talking about walling myself off; it should be _just as simple_ to remove an application as to add it.

Anyways, you're right, but still; if they're going to continue pursuing their own incentives and not their users, I predict they'll (eventually) lose their users.


What features should it have? (Or not have?)


I mentioned a few things that bug me in the above reply-to-myself...

Should: - Be able to export all friend/contact information anytime. CSV is fine.

- Be able to _easily_ block/remove applications & notifications. It's fine people can create "which star trek appliance are you?" quizzes, but let's make it _easy_ for these to be removed from my feed if I don't want to see them.

- Maybe have a more twitter style follow where it does not need to be a mutual follow. Obviously less information is shared if I don't follow back; etc. Just pondering this, it might or might not be better.

I actually don't think there's _that_ many things. There are a few key things that, if done right, would make it a better facebook. I'm just stabbing in the dark though.

Can this post be considered a YC application? ;-)


Better than removing the deluge of unwanted app notifications individually would be a list, off to the side, of apps your friends have used that you haven't opted in or out of yet. Opt in and they all show up, opt out and it's added to a list of unwanted apps in your profile that you can edit later if desired.

Obviously this would make users happy but not app makers, because the way it currently works is free (obnoxious) advertising for them.

The mixed-access to updates based on bi- or unidirectional association is one of the very nice things about LiveJournal's social scheme. I knew a few people who use FaceBook for one level of communication and retain their LiveJournal accounts for another, because of this.


1: I want ACLs meet Web. I want to publish personal stuff to close friends & family, professional stuff to colleagues, and random miscellany to the world, all via the same tool. I want to be able to customize the layout of my content depending on the audience.

2: I want this without my friends and family having to learn about OpenID or having to sign up for a new account somewhere. (I don't know how to do this, I am just saying what I want. Posterous got this part right.)

3: I want to know that the investment I'm making in generating content will last. This means I need to trust that the host of my content is not going to disappear, or get bought and change its behavior radically. Alternatively, it means that I am given the ability to migrate my content to a well-behaved, API-implementing host elsewhere (including, possibly, on my own server).

Nothing I know of addresses this set of wants elegantly. Maybe because monetizing the social graph requires as much transparency from the participants as possible, at least according to current thinking. But I feel that eventually, what 'sharing on the web' means will inevitably evolve to accommodate this set of wants.

If Facebook decided to be less evil they could do ACLs-meet-web pretty easily, since they already have such a huge installed user base. In fact, they may have already done this a long time ago for all I know; back when I canceled my account, they did not have this capability.


You are describing the Internet. Self-run web sites, blogs, and instant messaging systems:

1. allow you to fine-tune who sees what, 2. do not require extra accounts (save comment systems, etc.), 3. are not tied to any one provider or company and thus will last for a long time.


How do you see the internet providing built-in ACLs? http://en.wikipedia.org/wiki/Access_control_list

Even if it did, your assertion is like equating assembly to a high level language. Just because you theoretically can do anything in assembly that you can in a high level language doesn't mean you would want to. I am trying to specify a set of attributes for a non-existent tool that would let me more fluidly publish what I write and create.

----

edit: if anybody reading this would care to explain why I am getting downvoted & the parent is getting upvoted so much, I would appreciate it.


The internet provides something like ACLs using something similar to a password capability model: I post stuff as "tbrownaw" or "Timothy Brownawell" and anyone can know it's me, but I also have logins to various message boards under pseudonyms, which you can only tie back to me if I tell you.


Thanks. That is indeed an inverted form of what I was wishing for, and I didn't get the idea from the initial response to my post.


note to self (post is too old to edit): apparently Facebook does have a lists capability: http://news.ycombinator.com/item?id=1341787, http://www.facebook.com/help/?page=768


Another interesting question would be: how will it make money?

Websites like Facebook and Myspace are shunning the simple advertisement model. Selling private data will become the new standard. A website similar to scope and feature like Facebook will probably not be able to sustain a positive cash flow or break even without selling people's data. UNLESS...they cut features like photo storage, or make a technological breakthrough.

They are making ~$2/user/year (not including expenses). Since it recently supposedly became cash-flow positive, it would be reasonable to assume that the expenses are also around ~$2/user.

The question then becomes, how much of this $2 is slashed off when you decide to not sell private data? You only have to look at the cost of conventional CPM ads (usually less than $0.01 per impression) and multiply it by how many times a Facebook user opens Facebook each year. My bet is that it is far less than 365/2 since Facebook claims 50% of "active" users login every day.


Can you provide an example of facebook "selling private data"? I work there, and it would be a great surprise to me if you could.


Sure.

http://en.wikipedia.org/wiki/Facebook#Beacon

The prime example that resulted in a lawsuit settlement. I mean really? Opt-in to reveal your purchasing and browsing habits with selected companies and then spam your friends?

http://gawker.com/5426176/facebooks-great-betrayal

Another opt-in that is equivalent to Facebook buying web coverage at the expense of user privacy.

http://gigaom.com/2010/04/22/facebooks-instant-personalizati...

These websites are able to scrape your data to provide you a "personal" experience. Another opt-in. I'm not sure if FB is selling this api, but I'm willing to bet its a certainty.

These might not literally be bundling up personal information and selling it outright, but given the track record here, I wouldn't be surprised if they did another "opt-in".


The claim that facebook has changed defaults in order to indirectly make more advertising revenue is very different from the claim that checks were written to facebook in exchange for private user data. You implied the latter, and it's bogus.

None of these programs involved facebook giving user data to advertisers. Even the dreaded Beacon was strictly one-way: it allowed sites elsewhere on the Web to publish to facebook, not vice versa.

Out of curiosity, do you hold Google's AdSense up to similar levels of scrutiny? You're aware that a little pixel is on about 70% of the web by hits, piping your interests, proclivities, and browsing history to Google advertisers can target you? Or is it not evil when Google does it?


Sure I'll admit that it is not literally packaging private info into a file and selling it. But it sure is asymptotically approaching it.

Your argument is analogous to saying Microsoft didn't really have a monopoly because 3% of computers used Linux and OSX. Plus, how does F8 instant personalization work? I doubt it is solely based on a 1 pixel tracking image.

And I do hold up AdSense to the same level of scrutiny. While it also has privacy issues, it is not of the same level. It does not force browsers to become advertisers to their friends, revealing their purchasing and browsing habits. Your friends do not know that you visited a certain website or bought a certain product and can link you by your name, age, friends, and likes/dislikes and organizations you belong to.

That is the sole reason why people think Facebook can beat Google.


No it isn't analogous to that at all.

You want to make some sort create some sort of moral equivalence between literally selling user data and changing user privacy defaults. Maybe there is some moral equivalent, but I don't think so.

In any case, the way you made your case is by lying. An anti-US activist might want to claim a moral equivalence between the casualties of the Iraq war and mass executions. But, to say that the US executed 100k Iraqis is lying. That is an analogous to your argument.


You are really stretching it if you are trying to say Facebook isn't trying to exploit private data to the fullest extent possible.

A more apt analogy using your theme would be this: Saddam Hussein didn't kill anyone, his soldiers did. Only a pedant would be worried about the literal meaning without looking at the big picture.


Did I say that?


"Websites like Facebook and Myspace are shunning the simple advertisement model."

? Every one of my facebook pages (feed and profile) always has two or three prominent ads over on the right.


What I mean is they are selling your personal information __in addition__ to regular ads (which are selected by datamining your personal information).

As opposed to just regular ads.


I think Google could do this entirely with blogger, maybe reader, maybe Picassa, and email, and a bit of code. It would be a huge boon to Android phones.

Google groups is broken for some people, and I'd stay away from using it as a building block. Lots of people have negative opinions about Wave, me included. I don't even know if Buzz would help in any of this, the launch was so botched I never looked at it; people have told me it wouldn't work well for anything like this.

Posterous or Tumblr could do it too. Google doesn't seem to be very motivated in integrating their various acquired apps; maybe this would be that motivation. Or maybe Posterous or Tumblr might find some motivation in this.

It need not, maybe should not, and probably could not compete with Facebook. That's not a reason to not do it. Jones Soda does pretty well, yet I doubt if they think of themselves as a Coca Cola killer.

Whether Google or someone else does it, I'd like:

GENERAL

- Total control. I don't want to be a control freak, I want to be a control super freak. I decide exactly what is private, shared and public. Everything that can be shared in any way should be obvious, and the settings interface for controlling privacy should be very obvious in: a) what setting controls what feature, b) what feature is controlled by what setting. If you have to guess how to change a feature's exposure, or what feature a setting controls, then you don't have control.

- Long-lived settings. New features should never expose tomorrow what was not exposed yesterday. That's just so disrespectful on facebook's part.

- New features should begin with the most restrictive privacy settings.

- No apps or third parties. Make your money through advertising or paid features. If you're Google then you already have great advertising revenue and this just ties into it.

- No friend can expose anything of mine to any greater degree than I have explicitly exposed it.

DISCOVERABILITY

- If I want to be invisible at any level, then I should be invisible as long as the rivers run and the winds blow, until I change it.

Invisibility includes:

  - The outside world. I'm either discoverable to anyone outside the system, or I'm invisible, according to my settings.

  - People inside the system. I'm either discoverable inside the system, or I'm invisible.

  - My groups of friends. I'm either discoverable to my friends' groups, or I'm invisible.
EXPOSURE

- I control what parts of my data are exposed, and how far out. This is both independent of discoverability and cooperative with it. For example, no matter how far out I might expose a photo album, it can't be exposed farther out than my discoverability. On the other hand no object needs to be as exposed as my maximum discoverability.

If I'm invisibile outside the system, then I can't set the exposure of a photo album to outside the system. If I need a photo album or something else to be exposed farther out than my discoverability, then I'd need to create that album outside the system (say, as a picassa album in a different, public account). I might be able to link to such an album from inside (and that link would have the same discoverability and exposure protections as any other object).

FUNCTIONS

- Discoverability. Anyone can discover me, as long as they're within one of my discoverability spheres. If I've set my discoverability to "world" then you can find me through search or browse. You can send a message to me if I've enabled that (with enough hurdles to discourage spam). If you're a member of the system you can request to friend me.

If my discoverability is more restrictive, then you might only be able to discover me if you're already a member. Or you might be able to discover me only if you're a member of one of my friends' other groups.

- Exposure. Objects that you post or share have a settable exposure level. Posting objects to a group gives those objects the exposure that you previously associated with that group.

- Chat.

- Alerts. If a friend logs in while I'm in, I want to know it, unless they've set that data to hidden.

- The usual. Can post comments, pictures, music, books, links, "other stuff" and have conversations about them. Post things about yourself in your profile, with different parts of you profile's exposure individually controllable. Be alerted to comments in conversations related to you or your posts, and changes to posted objects.

- A group of one. I should be my own group, similar to how some Linux distros create a group whose name is your login and whose membership is just you. I may want to keep track of things just for myself. I may want to stage new additions, initially to just me, and then exposed to a gradually wider audience as I see fit. I may want to pull some things in to private that were exposed.

Everyone starts as a member of their own group of one ("self" ?), unexposed and undiscoverable. You have to explicitly make yourself more discoverable, and you have to explicitly expose any objects in your group of one.

- Explicit groups of two or more. I should be able to explicitly band together with other people and form a group. Everyone in the group is aware of everyone else in the group. We can all post, converse and share. The group can be invisible or discoverable. I can expose my membership in the group to any group outsider who can see the group, or I can hide my membership from anyone outside the group. The email analogy to this might be cc:.

- Implicit groups of two or more. I should be able, on my own, to place people and groups inside of implicit groups that only I am aware of. If I post to an implicit group, each individual or group member of an implicit group receives the post or other object, and can carry on a conversation or other activity related to the object, but no individual or group within one of my implicit groups is aware of any other members of the implicit group; they aren't even aware that they themselves are part of one of my implicit groups, although they might guess from my style of writing. The email analogy to this might be bcc:.

The names of the two previous group types, explicit and implicit, may not be the best names. I initially described them as public and private, but those terms had too much confusing overlap with the notions of discoverability and exposure.

- Some groups owned by individuals and some groups owned equally by members. Not sure about this. Worth thinking about.

- Group union and intersection. I'm a little fuzzy on this one. Say you broadcast post an object to two groups. Person A is a member of one group, B is a member of the other group, yet the two people A and B have no relationship to each other within the system. If people A and B's discoverability settings would allow it, then they should see each other's comments related to the posted object and be able to take part in that object's conversations with each other as if they were both members of the same group. If their discoverability settings would not allow either to discover the other, then they should not see the others' comments.

If this function were done poorly, then gaps in conversations related to an object might be disorienting.

- Acknowledgement of the outside world. Under my control and choice, I should be able to make automatic tweets, or posts to my external blog, etc, based on what I post and where inside the system. I should also be able to make incoming posts from the outside, like ping.fm to twitter and facebook.

- Data migration. I should be able to export part or all of my data quickly and easily.

- Data ownership. I should be able to change the exposure of data that I post, and to delete it.

- Existence ownership. If I leave, I should be able to totally delete myself. Or, if I want, I could de-activate myself. But it shouldn't take searching outside the system to find a little known method for deletion. If I delete posts or data that are part of conversations, the system should insert a placeholder, but if it's mine I get to kill it.

IMPLEMENTATION

For this part I'll assume Google is implementing it, because they already have all the parts and we're all familiar with them. Applies equally to Posterous, Tumblr or a player to be named later, acknowledging that they would have more to build.

The fundamental activity in the system is posting objects and having conversations about them. An object might be text, media, a link, etc.

Posting objects could be handled very well by blogger. You can put pictures and links in a post, and there's a comment mechanism. The comments would continue the conversation.

You could also handle posts and reading with gmail, because it has excellent conversation threading. If you use gmail you'll have to be very careful about leakage, in or out.

Slashdot's forum has excellent threading, for inspiration.

Alerts and keeping up to date could be handled by logging in a lot and reading your stream, or via Google Reader, or by email/gmail, or any combination of them. Again, be very careful about leakage in and out.

Be nice to be able to post via email/gmail (hi Posterous!).

Media and albums by Picassa, but not just photos, anything a member has the right to post: books, audio, video.

Implementing some of this might be a challenge. Pick a subset. Iterate.

UI, UX, UXB

If you find anything looking like any part of Facebook, you're probably doing it wrong.

User interface should tend toward minimal. There should be zero or one way to do everything. UI elements should not suddenly disappear, to be found again after a frustrating search. Facebook recently made the logout link hard to find, burying it in the Account menu. Probably because they want to discourage you from logging out. Don't do stuff like that, it's disrespectful, and even if there isn't evil intent it encourages discussions of evil.

You should be able to easily choose where anything will be posted, and not have to worry at all that you might not understand where it's going.

When you view anything, you should get some indication of who else can see it, general by default but able to drill down to groups and individuals if you like.

Name everything well, once, and use only that name, everywhere.

You shouldn't need a help system. But someone will want it, and it should be worth reading. You should also be able to get to help for specific functions, from the context of that function, without having to abandon your context and go into "reading the manual" mode.

There's probably more.


As someone who's just removed all my pages, likes, and interests from Facebook -- I just don't think they have my best interests in mind -- a network like this is, of course, a wet dream.

But there is a tradeoff between privacy and network effects. The network relies on its members connecting and conversing; that's how the network derives its value. Facebook's network is valuable because it is the de facto online identity for many millions of people. And to engender and promote network effects, Facebook must necessarily expose information about you to other users. How else would anyone connect with you?

Sure, it'd be nice for you to make yourself invisible at a moment's notice. But it's a terrible user experience for anyone trying to find or converse with you.


As I mentioned, you wouldn't try to compete with Facebook, since they're the de facto standard. This would be for people who want something different (like Jones Soda). It would likely work best by enhancing the attraction to something existing, like Posterous or like Google's other offerings (including Android).

As for discoverability vs invisibility, you're right, discoverable is more valuable to the network. I think most people would opt for more discoverability than invisibility, but invisibility is a logical setting among a level of settings. And it allows a small group of people who are only interested in staying connected with each other to do only that.


  1 Reasonable privacy
  2 Plausible deniability (like OTR)
  3 Fast updates
  4 Easily customizable
  5 Client-side extensible interface (Greasemonkey style)
About reasonable privacy, the service shouldn't be able to read content. The provider can tell Alice (user on IP 1) sent something to Bob (user on IP 2) but the message content itself shouldn't be compromised. In particular profile-identifying details should be reasonably safe. This requires client-side encryption, of course.

Plausible deniability isn't that tricky, it mostly requires careful use of protocols at design phase and there is OTR to borrow.

With AJAX or dynamic JS scripts updates should be fast. The intersection of updates of contacts could be done in a single API call with multiple parameters (server-side intersection of data.) Or more scalable but a bit slower by doing multiple calls to separate server clusters (could even be calls to fetch plain files on CDN containing latest updates, aka "the wall".)

I've played a bit with zero-knowledge technologies (similar to Clipperz) and I think it's very doable. The big problem problem lies on images and video. Last year I played with HTML5/canvas with encryption but the CPU and delay is prohibitive since it requires to work on decompressed images pixel-by-pixel.

It would be nice if the major browsers started giving encryption and compression primitives to JS. And even nicer if there was an API to manage images, audio and video.

Chrome NaCl looks also very promising for this kind of disruptive technology.

Of course, the non technical problems of getting traction with users and making it commercially viable are still there just like in any other kind of social network service.


Those basic ones allowing communication: essentially directed and non-directed asynchronous sharing.

And those you 1) opt-in for 2) pay for.

There's a long list I have, but that's a startup for another day. (Or for a time a month from now... when school lets out.)


They shouldn't be so successful. They made the same mistake as Goldman. In this case, small, problematic privacy features (people being able to tag you without your permission, etc.) that weren't exhausted + ambitious new platforms and exponential success suddenly caused them to reach a critical mass where people think twice about their service.

It's all about the integrity of the core feature set, and avoiding future, short-term successes that erode into it. Ironically, one only really notices the erosions (which, as with Apple and Goldman, are really not unique within their industry) after a certain amount of success.


Buzz. None of my friends are using it, however.


I really wanted to like Buzz, but so far I haven't been able to really dig it. It's missing a certain je ne sais quois, but I don't know what it is.


There is one actually, it's called spokt.com.


If you share something with your 300+ friends on Facebook, I think it's obvious it's no longer private. I have always considered Facebook a tool for _finding_ interesting stuff intead of _hiding_ it.

A more open, non-evil alternative would be cool, of course. But good luck rebuilding the whole social graph there. Almost anybody who has tried that has failed.

(I view this as somebody who follows the Facebook News Feed all the time, posts several times a day, and often participates in long discussion threads about news, politics etc. with my friends.)


We need a decentralized social graph. I should host and own my data not facebook or any other organization. Maybe browsers should innovate and solve this problem.


Many people have thought this too. A sort of p2p social network? You solve a handful of problems but create many new ones to overcome. For example, using Facebook on multiple computers is simple right now. Now lets consider a p2p model. How do you handle uploading photos from a computer that isn't your main/home one? You'll need to basically synchronize content between the computer involved and your main one. There's also the case where I want to share a photo and not store it locally at all. What happens when some of the computers involved in your friend network are turned off and those friends want to view photos? I'm not sure you can make it completely P2P. You might need a central 'cache' of new content which then just gets pushed down to your friends once they sign in. And since everyone is disconnected that sounds like everyone needs to have a copy of their friend's data. I'm not interested in storing their photos on my PC. Just some random thoughts that came to mind.


You'd probably like OpenLike: http://openlike.org/

or OpenSocial: http://www.opensocial.org/

Not that OpenSocial took off or anything. And I'm not that confident in OpenLike, either.


opensocial isn't doing too bad. It is supported by Yahoo, Google, MySpace, LinkedIn, and many more networks.


I actually architected something for this on the last airplane ride I was on. Here's the gist.

First of all, there is a basic protocol that any social application can adopt to. It basically consists of a few URIs like /user/login/, /user/register/, etc.

Secondly, since "virality" is key in getting something like this implemented, I propose that there is a form of global identity database that is accessible by anyone. Only email, user_id (depends on provider), and provider_id information is stored (I'll get to the provider bit in a second). Any identifying information is hashed to protect private information. The issue is making this database publicly run (similarly to Bittorrent) and being able to publish the hashing algorithm used. It would obviously have to be more complex than MD5 or SHA1.

Thirdly, there are what I call "providers". Providers are basically apps like Facebook and Twitter. They are capable of deciding what information is public. There aren't any privacy "settings" for each provider. Each provider's privacy policy is static and will not change. I.e. provider A will display to the world your SS#, name, and phone number, whereas provider B will display just your name. This is done to eliminate any gray areas.

Thirdly, the idea of "notifications" and connections. Connections are one-way (like Twitter). So, you might be wondering, how do you connect between two "social networks"? You search for the person you're looking for by email and are given their user_id and provider_id. Your provider then has all it needs to connect with this person (it sends a message to the friend's provider to a notification endpoint, and the friend's provider then can do whatever it wants with that information).

Notifications consist of updates, connections made, and other things (possibilities are endless).

Rules:

1) Users can only use one provider at any given time.

2) Users can choose to delete their profiles on demand.

3) User data can be exported so that provider migration is quick and easy.

I should write a blog post about this. There's way more. I called it OpenConnection.


You've mentioned several restrictions without any enforcement mechanism.


I honestly don't care. People shouldn't have private conversations or implicating pictures on Facebook, period.

If you don't do either of those two things, you'll be fine. No need to dramatically or publicly terminate your account.


Devil's advocate: If you have a facebook account you really can't stop people from tagging you in "implicating pictures" and the like. You can un-tag yourself after the face or delete things on your wall but there's no guarantee you'll get to that before someone else sees it.


I thought it was possible to not allow tagging to your Wall in Settings?


It is. If you set the 'photos and videos of you' privacy option to just yourself, when you're tagged in a photo it appears on your Wall but only for you. Your friends looking at your wall don't see it. That said, I don't think you can block the actual tagging, which is a shame, although you can manually untag yourself, and once untagged you can't be re-tagged.

Incidentally, you can stop your friends posting to your wall, or commenting on any of your items, or even just block specific friends from commenting or posting.


I don't know why I would. I decided early on that I wouldn't use any of their apps, play any of their games, and actually introduce disinformation into the medium from time to time. (I went to the "Barnum and Bailey Clown College", "The School of Hard Knocks" and "How High". No really! I did!)

I view FaceBook as being purely frivolous, for casual interaction w friends & acquaintances, and treat it thus. There are other "social networking" sites (for instance, LinkedIn) for other types of (real/purposeful) networking.


I recently deleted mine.

I had it for a long time, and I just felt like it was keeping the most brain dead relationships barely alive. I was constantly seeing people in real life and saying, "oh yeah, I read that on facebook." I didn't like that, and the privacy concerns were just the last straw.

So yeah, I'm with you.


I'm graduating from university next week at a school with twelve thousand kids and this happens all the time to everyone I know. It's so mundane to learn some new social goings-on around campus that it's cliche to mention you found out on the site. I hate it for the same reason. On graduation day, leaving facebook will signify a new phase of life.


One thing to keep in mind: there are no signs I know of yet that the 'unwashed masses' are going to quit using Facebook: they love it and don't seem to care about the privacy thing overall. So by leaving, you're missing out on a significant perspective of what users (read: customers) experience everyday. It's like refusing to use Windows during the 90s. Not saying you shouldn't, but just that it's a cost to keep in mind.

Also: how confident are you that Facebook won't still be HUGE 10 years from now? Many smart people think FB will only expand in its importance on the web. Again, not saying it will be or that people shouldn't quit if it offends their sense of propriety, but I'd hate to reopen my account 5 years from now after publicly committing a principled FB suicide.


I am torn when it comes to this. In principal I want to. But my friends and family are spread around the world and in many cases FB is the only way I have of keeping in touch with them. My privacy settings are already as high as I can make them but I can't readily leave the silo.


Reminds me of this: http://www.theonion.com/articles/area-man-constantly-mention...

If you want to give up Facebook, just fucking do it... but realize that nobody else cares.

(For the record, I haven't updated facebook in about 5 years, because it bores me. But I don't go on and on about it...)


I did that, except I deleted, not deactivated. I'm not a hardcore privacy guy either, but they got to be a little too much after f8


I think the 'don't put anything you want kept private on the internet' is, generally, a good argument. I will say though, that I do think Facebook encouraged a reasonable expectation that certain data would be 'private,' and that's since changed.


I honestly hate I can be tagged in photographs and cannot turn this off.


Yeah. The same is true of certain actions like '[name] commented on [otherName]'s photo' - you used to be able to control those kinds of feed stories but no longer.


Facebook made the decision for me yesterday. I declined to link all my profile data to business Pages, so everything I'd bothered to maintain was wiped out. It was clear I'm no longer part of their intended user base.

It's fine. I have no interest in participating in an ad network, so I wiped out the rest (friends, photos, etc) and publicized alternate contact info. Gotta keep the account for some of my clients' Pages.

Facebook was great for me ca. 2004-5. Now its goals and policies are very different. Maybe more people will get shocked away when tagging + image recognition start imposing on their family photos.


Nope, like many others here, I use Facebook as a public communication medium, which means I don't post private things there. It is not a tool for intimacy; it's a resume that I am handing out to perfect strangers.

Perhaps, over time, had they not compromised their privacy standings, I would have treated it more as a tool for intimate conversations with friends and family. I certainly will not do so now, or ever again. I will treat them forever like a public billboard.


I deleted my FaceBook account yesterday. For me, their absurd privacy policies are unethical, but the real reason is, I find it a complete waste of my good time.


I'm with you. Although my personal problem wasn't with how they managed privacy but with how they used social links between friends and exploited it for marketing purposes. Plus, on facebook everyone is a fan of something and that's all they are and the people that claim their facebook page gives others a sense of what they are like in real life are delusional.


Facebook has certainly gone from being pretty straightforward about privacy to deceptive about it, but the real people who need to worry aren't tech savvy HN denizens, but parents of those types and kids who don't have the first clue or don't know what to check, etc. That said, there are some fairly easy ways to ensure that you're not "exploited" digitally using Facebook. You can't scrub it entirely of your presence, but you can at least ensure that people can't access anything about you publicly without being a friend of yours.

That's fairly reasonable. Now the stuff like making wall posts show up on news feeds and such are somewhere between annoying and intrusive, but that's where we can just choose to ignore it, pair down the number of friends we maintain or other tactics.

For better or worse, the site works.


This is about as interesting as the old "Microsoft sucks" circle jerks that would occur on Slashdot. I deleted my FB account six months ago and it wasn't a big deal. There are plenty of people who will continue to use FB and not care about most of these implications.


I am not only with you, I am ahead of you. I deleted my account(with some effort and patience)when I read that Facebook CEO, Mark Zuckerberg, had declared that"Privacy is Dead". Well he may think so but a of lot of people, including myself think otherwise.


I've never been under any illusions about Facebook's business model or intent, but the expansion of their boundaries and Zuckerberg's stance on privacy mean I feel I have to take an ideological stand. Professionally, I argue for strong access controls, user control over data and the ethics of privacy in web applications, and that's incompatible with my continued presence on Facebook.

It's not just hackers and Internet professionals who are worried by this. So I reckon it's up to all of us to create an easy-to-use, secure, friendly web-based framework for us to share and collaborate with our friends.


I'm a pretty big advocate of privacy, but in order to protect mine, I take certain steps in order to avoid letting people use any of my personal information.

For starters, any social media I use, I use one of my many nicknames. I never use my real name, birthdate, and none of the information I use in any of these sites is accurate. My address, my age, my DOB - NOTHING is real in my profile. Even the picture I use isn't me.

This way, I control who gets my information and what they use it for. If Facebook is using my information, it certainly doesn't represent me in anyway.

If you really want to control the information, you can.


Stop placing your trust in other people.

I considered committing Facebook suicide but decided against it for the primary reason that many casual friends I'm able to keep in touch with/share media with that would normally be quite difficult.

I have my privacy settings locked down, all 3rd party apps removed, and I never...ever say anything on Facebook that I would encrypt/sign in email.

I'm sure people had a similar upset over the postal service when it was first suggested! It has more to do with being mindful of your mouth and being aware of the options you have as an individual for privacy (GnuPG).


97 comments from 8 days ago:

http://news.ycombinator.com/item?id=1289997

Ask HN: Anybody else quitting Facebook over privacy concerns?


I'm not quitting, I've just pared my data and I don't use it much, it's boring. To me.


Sort of, never joined so I guess I'm effectively joining you.


Already done that, but for an entirely different reason. I realized that most "social media" websites are meticulously designed to get people hooked. The "Like" button, for instance, was not added to FB on a whim. It makes sure people keep posting new status messages and keep logging in every day (or shudder every few minutes) to see if someone liked them.

My hosts file currently blocks Facebook, Twitter and Reddit, among other websites.


How about changing your name and birthday a bit

Winston Jonathan Smith -> W.J. Smith

01/03/1980 -> 01/01/1950 (this doesn't even have to be visible)

and not posting any sensitive information on there?


Nope, I'm not leaving.

But what I have done is sanitize my profile info and remove all of my 'likes'. I joined FB to communicate with friends, not to be a cog in another marketing machine. I'll still use it to keep up with friends and share pics, but that's the limit of it.

Their recent announcement that they are going to be sharing their databases with 3rd parties is what pushed me to take these steps.


As soon as tell me how to delete my data for real. Maybe they will let us into the datacenter to help them do it.


I'm already gone. They annoyed me after forcing me to link to pages in my profile.


No. YOU ARE with me. I deleted my FB sometimes back and lived happily ever after.


I've never really used it for much, so I don't see much gain in deleting it.


Relax. Just grow some crops on Farmville and don't worry so much.


I like Facebook, I also like the new features they are adding. I never posted anything under the assumption that the world couldn't see it. So no, I won't be joining you.


I just deleted my 0 karma Plurk account a month ago. I deleted my Friendster account (I'm from the Philippines) last week. I "MIGHT" delete Facebook next.


I will if there is a better place to go. Or even a place that isn't better yet but could be made better by the early adopters.


I haven't had a Facebook account for years. My leaving had nothing to do with privacy.


I've been purging my data every week for 2 years on facebook. It keeps things fresh.


Left it a year ago, but more because it was a time-waster than over privacy.


Isn't it easy just to change your name.


How exactly did they violate it?


I really disapprove of what Facebook has done in the past year or two with privacy. It's disgusting.

However, I don't really "use" Facebook. I have an account but I rarely post anything on it, and I don't use any of the apps. I just use it to see what my real life friends are up to, including many that I don't actually see anymore because they have moved away.

So, their new privacy stuff doesn't really affect me, since I really only use Facebook on a passive level. So I am not deleting my account. But I still strongly disapprove of what they are doing.


I've got two words concerning Facebook (and feel free to downvote):

Fuck Facebook

and for the more adventurous:

Fuck Apple




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: