I am a software engineer at Facebook. Bear with me because I don't have any PR-quality answer to give you. I am not on the platform team, but I have built apps before in the wild-west days.
The app requires explicit permission from the user in order to post activities automatically. The idea, if you watched Mark's presentation, is called "frictionless sharing." A lot of people don't share because it's another step, but if they could install an app like the Washington Post Reader (a great app--even Mark has it installed), they are happy with sharing articles they've read with their friends.
I understand you might be concerned, for example if you added that app without realizing that it will post content. If you are concerned about the privacy implications, you can always change individual permissions for an app by going to your account settings, then selecting the 'app' tab on the left, or by going to https://www.facebook.com/settings?tab=applications. If you are concerned about spamming your friends' news feeds, that's why we built ticker, for the light-weight activities like "watched a movie" or "listened to a song" or "read an article".
If I remember correctly, the exact wording of the app permission request was alarming enough to get my full attention ("I, the application, can post as you" or something like that), so I'm worried less about a user missing that part. In my known experiences, the app was installed with the knowledge that it will share your experiences--because the idea is you want to share your activities with your friends. As soon as I read an article, my first action is to either send the link to specific people who are interested, or post it on my wall if I think everyone is interested.
We operate under the assumption that users will not do what they don't want to do, as long as we make it explicit what might happen. And if they make a mistake, they can always go change their settings. So I'm not so worried about users who sign up for the Washington Post Reader app, which is marketed as a social reading experiment, and subsequently complain that it shares your read articles.
You might still be concerned, in which case, please let me know why (users being misinformed?), and I'll try to pass it onto the platform folks, who were really heads-down the past few months.
The reason why this bothers me is that there is no longer any EXPLICIT confirmation that I want to post something. Not sure who said it but I read it in a TechCrunch article, "Just hit play in Spotify and it will share with your friends".
No, any sharing I do HAS to REQUIRE an EXPLICIT action on my part. I have to be in full control. Visiting a web site does not mean that I believe it will be interesting to my friends NOR do I want that information shared with people on Facebook.
A like button that shares, much like the Google+ 1+ button is perfectly fine, I have to hover over it, and choose my circles to share with, and then share. It is not automatic once I visit the site.
I don't want articles automatically being linked just because I visited a page, or clicked play in Spotify, or put the toilet seat up.
It is not just privacy concerns, it is the image I try to convey while using social media sites where it is common place to be friends with your boss and or co-workers. I don't need them knowing I like the Bloodhound Gang or that I read articles about atheism in the NYT but have never read a single article about religion.
Eventually all this collected data will be used against me. What if I do a simple Google search for cancer and I end up reading an article about it, that is now shared publicly, my insurance company a few years later gets a claim for cancer they claim it was a pre-existing condition and deny me coverage.
These are all scenarios going through my head. I am all for the interconnected web, and making it easier for me to introduce my friends to new content across it, however it has to be done on my terms, it has to require explicit authorisation and must never do something automatically without my consent. If I like the content enough I am extremely likely to copy and paste the URL into my social networking sites, I don't mind that extra step. Create a bookmarklet that fills in some of the forms ahead of time for me (I have a reddit bookmarklet that fills out title, URL and the sub-reddit to post in (personal one for me to share links with friends)). I am more than happy to continue using the platform, but this frictionless sharing scares the crap out of me, and will see me closing my account sooner rather than later if it continues down the path that it looks to be going down.
It's eminently possible to just live life without Facebook. I stopped using it a few years ago, although more because I was being drowned with useless information from other people ('hand stuck in toaster again, LOL') than out of privacy concerns.
I agree with you there. I hated Facebook because I made everyone I ever knew a "friend", and it was depressing because of how dull these people were. I canceled my account and haven't thought about it again; Facebook provided me with no value. I still don't see why other people like it so much; if you want to chat with your friends, why not go get some coffee or beer together?
Maybe because not everyone lives 10 minutes from each other and is 100% independently mobile? And gee... occasionally even people that you really enjoy spending time with have to move to other areas of the planet.
As much as I'm not a fan of FB re all the privacy stuff (not to mention a history of horribly under/wrongly-documented and semi-broken APIs), it's done wonders for a large generation of web users in terms of allowing them to easily (and consistently) share their lives with a lot of their friends and family. I see that aspect as a good thing.
I have no car, a lot of my friends are several hours away by public transport (even here in San Francisco), my birth family lives on another continent, and my wife's extended family lives on a different continent again. I couldn't manage without the internet, but somehow I manage just fine without facebook. I've kept a FB as a sort of notebook in case I need to find someone, but I think I've only logged in once or twice this year. At this point, I think everyone I care about is on LinkedIn.
I'm not for or against FB; it's not my cup of tea, but I might not be like the typical user. What I don't understand is the 'forced to use facebook' meme that comes up every time someone is unhappy with some changes there.
People could easily share lives with their friends and families long before Facebook. Email, IM etc. But not a whole lot of people seemed to bother with it. Now Facebook brainwashed everyone that it's almost irresponsible not to share.
As much as I want to agree with that, no, it wasn't as easy.
If I wanted to share a picture with 12 people, I had to send 12 emails, or CC 12 people, or BCC them because they didn't want their emails shared with people they didn't know.
Not everyone understood IM, and not everyone was on at the same time.
The bigger question would be why more people didn't latch on to friendster or myspace before facebook. It's as much a social trend as much as a technical one. As computers got cheaper and more people got net connections (or faster ones), there was more of a need/demand for sharing info. Facebook hit at the right time to capitalize on network effects amongst 'regular' folk.
I'm self-aware enough to know that if I weren't single, I wouldn't use facebook at all. As with many things in life, facebook is attractive to women, and the men follow the women.
I think it's why facebook really rules. It's the most casual place to ask a girl for a cup of coffee. If you sms it's a lot closer to harassing. And you can assume that you find practically any girl on facebook that you have met.
The people I know that get the most utility out of Facebook, are attempting to keep in contact with a large base of friends/family once they've move away from them.
This has always seemed so "burger without the meat" to me.
Unless your friends are conveying intellectual stimulation that stands on its own, you're just reminiscing and should probably just some make new friends and call your mom now and then.
I think you're wrong in that department. It's become a fundamental in online identity, especially for younger people. I watch my younger siblings (teenagers) who depends on that for their social lives. Sure, they wouldn't die without it, but it's an essential part of being a part of their community. I could say the same for myself, I don't like Facebook and what they do, but if I wasn't on it during college and especially grad school - I would have missed out on a lot of the experiences with my colleagues.
I have no idea on how you live, how old you are and who you keep as company, but I think you're going to be in the minority or already are) soon enough. It's a social organizer that everyone has opted into which means breaking from it makes it infinitely harder to remain social.
That's more or less saying: "Let's do this because everyone else is doing this."
There's some merit in your argument. I've argued elsewhere that 500,000 daily Android activations means that the kids growing up now form their first impression of a "computer" to mean "smartphone" and not a desktop. This world-view is totally different, and as people who create products, we have to stop and think, are the things we are doing now relavent in an age where "computer = smartphone"?
Applying this with Facebook, we have kids growing up and learning how to socialize through Facebook. It suggests that that, unless I dive deep into Facebook, I will remain on the other side of this generation gap. As a product creator, I would make products suited for the older generation -- already obsolete. It extends outside of making products. We've already seen policy makers make bone-headed moves, attempting to restrict internet access for its citizens. That's like grounding a teenager from using Facebook. Grounding a teenager and making sure they can't use Facebook? Really?
However, on deeper reflection, this points to a huge flaw. It comes back to, "let's do this because everyone else is doing it."
I've written about this as an answer on Quora. We used to have rites of passage conducted by elders and parents. Now these rites of passage form from peer interaction. That's not such a good thing.
You're trying to describe network effects without using that term it seems. It's a pretty well documented area and the fundamental idea is the more users, the more value generated (with some sort of exponential benefit). I don't think there is a flaw in the logic that the value of the service is immense when every single person in your community is on it. If you do, could you please explain further?
It might be sad or disappointing in your mind that people behave like this, but that's not a flaw in the logic of the behavior, just an opinion on how people tend to behave.
I've never framed it that way. Analyzing this as "network effect" is an interesting thought. But no, network effect is not the key insight I'm attempting to communicate.
I'm talking about a generation of kids growing up with technology. This isn't about the value of the network increasing as people use it. It's about a fundamental shift in one's worldview by encountering the technology during formative years. I'm basing much of this on Clotaire Rapaille's work, as described in his book, The Culture Code (http://www.amazon.com/Culture-Code-Ingenious-Understand-Peop...).
Rapaille conducted a study for Nestle. Nestle wanted to open up the Japanese market for hot chocolate. Using his research methods, Rapaille found that adult Japanese never formed early childhood impressions of chocolate, and so introducing chocolate products to Japan would fail miserably. As a result of the study, Nestle shifted its marketing strategy towards introducing chocolate to Japanese children, with the idea that twenty years down the road, they can sell chocolate products when they become adults.
Half a million daily Android activations means that a generation of children grows up encountering a personal computer in the form factor of a smartphone. Having come from the older generation, I still picture a desktop computer in my mind when I see the word "computer", despite working primarily with web technologies and cloud servers. To make sure my products do not become obsolete, I have to step into the shoes of someone who grew up picturing "smartphone" when someone says "computer". It means that any web/cloud application I make must be delivered on a smartphone first, with the desktop experience being an after-thought. I can live with that. That will mean twenty years from now, software development will mean keyboard-less IDEs, but I can still live with that.
I apply the same frame to these Facebook announcement. What is it like growing up where your first impressions of social dynamics is Facebook? I can separate my online identity because I entered my teenage years in the era of text-based MUDs and email. I had access to the internet when most of my friends do not know what it is. I could and did interact with adults. But a pre-teen or a teenager growing up now, knows that you can't separate the social identity like that. What, are you crazy?
What would a society with the unexamined assumption of "Facebook = Social" look like? One that accelerates the general trend for the past several generation: further isolation from the deep wisdom of previous generations; rites of passages conducted by clueless peers that end up in tragedy; a new life stage to describe young adults in their 20s to describe an extended childhood, much the way "teenage" was invented to describe the emergence of an extended childhood.
I do not like what I see in this thought-experiment. So while I might embrace the future when it comes with mobile devices, to this ... travesty ... called Facebook = Social, I say, "bah humbug."
(And next thing you know, I'll be walking out my front door with a cane, shaking a fist, "Dang kids! Get off my lawn!")
You make some interesting points and I will probably have to check out that book at some point.
I will skip the computer/phone stuff, I don't really think we have an disagreement about changing consumer behaviors.
Facebook=Social, your conclusions are a bit different than what I perceive. Further isolation from the deep wisdom of previous generations is not the conclusion I would necessarily make. To me it seems they could actually be the most connected to older generations simply because they are sharing a social space (facebook) with them. Sure, not everyone is going to be friends with older generations, but the opportunity is greater, the barrier for communication is lower and older generations are watching them closer than before.
Each generation has to go through its own unique rite of passage given cultural, technological and social standards of the time. I think they'll figure it out and make it work, somehow that always seems to happen.
"To me it seems they could actually be the most connected to older generations simply because they are sharing a social space (facebook) with them."
You make an excellant point here. I have not seen examples in the wild of the kind of "deep wisdom" being shared across the Internet by private family groups, but that doesn't mean it does not exist. However, I know certain wisdom cannot pass on through the internet, can only pass on by face-to-face. They are typically transmitted through body language, physical motion, and sheer charismatic presence.
"Each generation has to go through its own unique rite of passage given cultural, technological and social standards of the time. I think they'll figure it out and make it work, somehow that always seems to happen."
This has been true only within the past several generation, and only due to Moore's Law. In other words, this uniqueness for each generation is an aberration.
Tribal wisdom used to be told through folklore, myths and initiations. These days, in the mainstream and in geek subculture, we use the word "myth" to mean "superstitious", and "something to dismiss" in contrast to "facts." The surviving stories appear in the better science fiction and fantasy novels and pop-culture TV shows. Comics. Anime. Some movies. A tiny handful of video games. Often tainted by consumer lifestyle values.
An example of what I mean, that's meta enough to discuss this within the story: Neal Stephenson's Diamond Age
It comes back to what I wrote in that Quora answer. Today, peers, not elders, conduct modern rites of passages. Elders today cannot keep up with Moore's Law, so peers conduct them. You end up losing things that still remain true, generation to generation regardless of technological changes (hence, "deep" wisdom), and you learn them from your clueless peers.
Out of curiosity, can you describe what sort of 'deep wisdom' you think isn't/cannot be passed along? It's a rare thing to be deeply moved by what someone is saying (at least in my experience), but I don't think the times I've truly been moved by information being imparted on myself is exclusive to the realm of 'real life.' There are wonderful movies, books, even conversations I've had that have had profound impacts on me as a person. I am not sure if perhaps you think this isn't possible or we are thinking about fundamentally different experiences?
I actually thought about this point when I wrote my response, that perhaps it may be limited to the past hundred or two hundred years. However, I am not sure if that's the case or not, I don't know enough history/sociology to make any sort of qualified statement on the subject. The pace at which technological change is happening has certainly increased since the industrial revolution, and I presume that has been a major driver of cultural change as well.
I am still not really sure what you mean by learning form clueless peers. It isn't as if all the elders in a society disappeared - most children still go to school, have parents, get jobs, are exposed to role model figures. In fact what do you think of most western countries where population is actually getting older and there is a lack of young people?
"Out of curiosity, can you describe what sort of 'deep wisdom' you think isn't/cannot be passed along?"
I assume you mean, "cannot be passed along Facebook, or other Internet-like communications network".
Mindfulness is one example. It's difficult to convey over the internet, and still challenging in person. It's the kind of skill that requires someone present to point out when you're being mindful and when you become distracted. You can't force someone else to be mindful. Hell, you can't force yourself to be mindful. Many stories disguise lessons of mindfulness.
Fear and dealing with fear is the biggest example. All fear roots back to existential fear. Some (not all) older people have a peculiar attitude because they see their own demise coming, accept it, and live on. The TV show, Breaking Bad is a great example, a man who saw the end of his existence, stripped away all the BS and decided to leave behind a legacy.
However, it's one thing to watch characters on the screen deal with fear, and quite another to deal with your own. The mind plays many tricks to comfortably avoid fear. Another person in the same room witnessing your discomfort has significant impact; if they are able to mindfully witness and convey a sense of safety, such interaction helps you gain insight about your fear, and possibly change habits and actions resulting from that.
"The pace at which technological change is happening has certainly increased since the industrial revolution, and I presume that has been a major driver of cultural change as well."
Venkat's blog post led me to a book, Lever of Riches ... which I think has a lot of useful insights yet seriously flawed. But, it is interesting as a survey of technological history and look at changes within culture as well. I did not know, for example, that clockwork mechanisms reached high art before the invention of moveable type. These clockwork mechanisms directly paved the way for industrialization, and accounts for the obsession some cultures have for gadgets and gadget making.
I've also asked this series of questions on Quora. Perhaps you might have some insights:
"In fact what do you think of most western countries where population is actually getting older and there is a lack of young people?"
I have not studied up on Western cultures as much as I did American and East Asian cultures. I'll think about this.
As a distraction, I offer this story. Japan has a cultural value in which the elders (now mostly from the WWII generation) believe that they can and should sacrifice themselves for the future generation, the children. It's a sort of a, strange mix of bushi and Confucian values. Another interesting thing: the Japanese Shinto values of spirit ex machina leads to a great obsession with robots and androids ... and exoskeletons to help the rice farmers continue growing rice. Because many of the younger generation do not want to farm. There's big problems with social recluses.
Yet, I have also read reports of the attitudes of the generation just now entering ... post-high school. Unlike their older siblings (about half a generation older), they ... don't quite outright reject their boomer parents workoholic attitude, yet don't seem to run and hide away in a closet. I look forward to the stories coming out of this generation. Maybe I'm wrong about "rites of passage conducted by clueless peers" after all.
Thanks for clarifying what type of things you think cannot be passed along. I think that's a good example. I guess my biggest question becomes - can we design ways to pass that information along more effectively? Sure the world isn't just facebook, I think of more as a nexus for organizing and documenting social lives. It doesn't take away from the fact that most of the 'actual' socializing happens in the presence of others physically.
The blog post was very long and I think he missed some of the major historical points (especially about finance). You should checkout The Ascent of Money for a good history of corporations and the financial innovations that made them possible. It would argue spain/portugal didn't become irrelevant because they weren't as good, it was almost because they were too successful. The flood of physical wealth prevented financial innovation which allowed the dutch and brits to get ahead.
Japan is especially fascinating to me (I am half Japanese) and the culture is very bizarre in a lot of ways. It's probably one of the most (if not the most) homogeneous society on earth. I do wonder what the effects of that are on determining people's beliefs and behaviors. For instance, would the willingness to sacrifice and contribute to the greater good be diminished in a less homogeneous society? The recluses, while a problem, I am not sure what percent they ever actually made up. There is a lot of social problems in Japan for so many different economics, political, cultural reasons. However, I do wonder how much they were blown out of proportion in the media as a scare versus a real threat to the very fabric of society. I have a number of japanese friends who would be in your recluse age group, even the worst off one (I don't want to tell their personal story here, but it's not good and probably sounds like many great struggles to find identity for young people), ultimately became a salaryman. I think they are finding their way eventually, most of them at least. It's always been strange for me to try and understand Japanese culture. I am Japanese but I don't think I would ever be considered Japanese, so it still feels almost like an outsider looking in, with maybe a slightly less foggy window.
Just want to address your "500,000 daily Android activations" comment.
During the C64's lifetime, sales were around 15 million units in total. The C64 was "relevant" between 1981 and 1991. So, roughly 125,000 units sold a month. "Making it the best-selling single personal computer model of all time." -Wikipedia, with sources.
Computers have never sold as much as phones. Phones of any variety. So what?
I don't equate "Skateboard = Automobile" because they both have wheels. I don't change my thinking from skateboard to car because cars sell more.
I like skateboards. I like computers. Neither are going away any time soon.
I think you are confusing "relevant" with "popular" or "big piles of money i'd like to take a bath in." I applaud developers who broaden what they are doing. I applaud investors who want to make money investing in whatever makes money. But, businesses come and go. Commodore, in fact, is a perfect example of botching the business, while others continued to make the product, improve the product, and the product is still relevant.
Furthermore, Facebook didn't invent the "generation gap". It's the same thing over and over and over dating back thousands of years. "Being social" is "being human" and not necessarily "being Facebook." There's a bigger picture here.
Apparently I was not very clear in my writing with what "500,000 daily activations of Android" means. I elaborated my reasoning in a followup post. Feel free to rebut that.
You can be mindful or mindless in "doing things other people are doing." Many people choose to mindlessly "do things other people are doing." Leaders take a step in a direction, and the crowd may or may not follow them. If they do, it's because people tend to follow, rather than to lead.
Which is interesting, considering that many of us are here because we want to take some risk as entrepreneurs, to step out and do what people are not doing. Does that mean entrepreneurs are not social?
It is definitely possible to live without a Facebook account and also have a social life. If that is not the case, there is something seriously wrong with the society you are in.
You're probably not a member of a community which has fully adopted it. I also wouldn't impart your judgement so easily without considering what it would be like to enter into a community that had 100% adoption of a service and how you would behave in that instance. I am not saying it's impossible to live without it, but it certainly makes it more difficult and adds friction to your life that could easily be removed by just joining.
Not only that, but I have a feeling that if Google and Facebook fail at providing some institutionally-derived level of default sharing by users, the next company is going to try something else. And there will be a "next company" to try this, just as there has been in the MySpace > Friendster > Orkut > Facebook > G+ > etc. chain.
This is an institutional desire, probably by the advertising industry, that will not stop.
Yes I agree. I don't currently have a win-win solution in mind. A great solution would be one that allows facebook to still gather information provided that the "correct" privacy controls are in place for users.
I think, since this is so new, there is no clear understanding of what the "correct" privacy controls are. That is why I love the fact that G+ exists. Competition will help solve this problem.
Agreed. Once privacy becomes the driving issue of social networks, either Facebook, G+, or the next evolution, will offer users what they consider to be proper security/privacy. Although we can be seen as the products and not consumers of Facebook, if we are being harvested for social data, we will require proper care and growth to deliver a good product.
To clarify on Spotify, there're options to (a) connect with Facebook (i.e. use it for login purposes) and (b) send the music you play to Open Graph. One does not depend on another, and (b) can be turned off without impacting (a).
I've been using ShareMeNot (http://sharemenot.cs.washington.edu/) for a few months now. I don't know if it's a perfect solution to go around but it's a solution nonetheless.
If you don't want to share anything, then don't use the app. Nothing is automatically sharing unless you tell it to. Nothing can magically share the fact that you read a Techcrunch article unless you install a "Techcrunch Reader" app or something, in which case it would have to ask your permission to share that information. If you didn't like it, you can remove that permission. For example, here's the relevant permission from the Washington post app:
Add app activity to your timeline
Washington Post Social Reader may publish your app activity to your timeline.
If you don't want the app to automatically publish something, then just x out that permission.
The amount of stuff that is starting to require Facebook Connect or access to Facebook is what worries me. Most of them ask for every single permission under the world and only ask me once.
For example, Spotify, it is practically neutered unless you connect it to Facebook, but as soon as it is connected to Facebook it can send data to Facebook as me.
There was an app not too long ago that required Facebook to login, it too asked for those permissions. Now it can without my permission start sharing content based upon actions in the webapp. I am not okay with that.
First of all, when I go to spotify and "log in with facebook". The site sends me to a facebook page asking me to "log in to spotify" with my facebook. On this page, it specifically says "This app will not add activity to your Timeline." In other words, the basic spotify login with facebook isn't social. If you "Connect" your spotify account to facebook, it pops up a permission dialog asking you for various types of access. This is the social portion. Don't do this if you are concerned.
The second part of the application is the social part. Again, if you don't trust an application you can always go to your app settings page on facebook (https://www.facebook.com/settings/?tab=applications), select the application you are worried about and deny specific items that you don't want the app to have access to.
If you "x" out too many things, you might cripple the application, but that's the way it works.
I don't want to first opt-in to something and LATER have to deny it those permissions. I want to deny it those permissions and only give it some permissions to start with.
How much damage would it be possible to do in the 3 - 4 minutes it will take me to go back to Facebook, go to my account settings, look at my app settings, find the app in the huge list, and then start removing permissions I don't want to grant it?
After that I have to go through the effort to find the post content in my timeline, one by one delete the items and hope that my friends have not yet seen the content (and it being posted to the ticker makes that unlikely...)
My point was that most pages hopefully will have two levels (like spotify). One to log in and do basic things, and the second level a social one.
So, if you don't do the second part, you should be fine?
Also, I personally would be careful in installing apps. This goes for any application (not just facebook). If you trust an app, go ahead, if not, just avoid it. This is going to be different for different people.
Edit: Ok, I think I see your point. You don't want an app to ask for too many permissions right off the bat and then you having to go back and remove them.
Again, I think this is going to be developer and users driven. The more people ask for apps to start off with minimal permissions the developers will have to comply. Does that make sense?
Why should this be developer and user driven? Facebook on their permission page when I first visit it should be more than capable in allowing me to change what permissions are given.
If they can retroactively remove them, they should be able to do so before I even grant any permissions.
Give me two columns, one "Allow" and one "Disallow" and I can drag the permissions to the columns as I see fit. Can an app give me a template or ask for certain permissions by default, yes, absolutely, but let me change them.
I think it has to re-ask you for new permissions, it doesn't get any permissions 'grandfathered' in. But yeah, the fact that many apps ask for too-many permissions is a pain :/ Means I always have to go back and remove the permissions I don't want, and hope I don't forget.
How is Spotify "neutered" without Facebook? I've never connected it to Facebook and everything works fine for me, including sharing playlists with other users.
Reportedly the Washington Post reader gleefully designs around the Facebook opt-outs.
If you have your privacy setting in Facebook on "only me," then what you read within the app will not go to Timeline or be seen by friends outside of the app. However, _inside the app_ friends who have also downloaded Social Reader _will_ be able to see what you’ve readhttp://www.forbes.com/sites/jeffbercovici/2011/09/23/relax-f...
If that isn't a violation of the spirit of Facebook's privacy settings, I don't know what is.
Of course it's been possible to build newsreaders that spy on people's browsing habits and share them with Facebook friends (or anyone else) since the early days of the Facebook API, but this particular app is promoted by Facebook themselves as a flagship for the way new passive sharing apps should be.
I rarely use my FB account and never install apps or post anything on it, just use it to follow a couple of friends/family. I've got all privacy settings (that I can find) set to the most restrictive settings.
I checked the list of "authorized" apps from the post upstream (https://www.facebook.com/settings?tab=applications) and there were 4 things in the list (Bing, Pandora, Yelp and one other that I'm forgetting) none of which I'd ever explicitly authorized for facebook access. If I ever use OAuth for anything, I use my twitter account, never facebook.
Any idea how those got in there, and what setting I can use to never let them back in?
Actually, Facebook's 'publish_stream' extended permission, which has existed for 1-2 years, already gave developers the ability to publish on your wall, without getting explicit confirmation on each article.
Similarly, for Spotify to do this Activity stuff, you need to give them an extended permission called 'publish_actions'.
If anything, actions are less dangerous, since the size and visibility of the content is significantly more limited than are wall posts.
Anyone saying otherwise either is linkbaiting or truly does not understand the Facebook platform.
And a consequence of that is my "Facebook stress" everytime I allow an app to publish on my wall. I don't want them to, and I am forced to accept because otherwise I could not get access to the app.
I have to check my Fb profile that nothing gets posted everytime this happens.
In theory you could just not use the app. Also, tell the app owner why you're not using it. However, I'd say that there's generally no consistently way I've seen that FB gives you to give feedback to app owners - certainly ones which you're not actually a user of the app too.
If enough people did that (or started to from now on) the demands for extended app privileges might drop.
I would recommend that app publishers, has a good practice, explicitly put the action as buttons to replace or complement the Like. So, I could click "read" and then it would publish the action. I think that doing so automatically on behalf of the user is asking for trouble.
You do realise you don't have to use these features, don't you? The features are there for those of us who wish to have this information automatically shared with our friends, but if you don't wish to, you can turn the automatic sharing off in some of the applications, or just don't connect/remove the application to/from your Facebook account.
Why complain about features you don't have to use, when many of us like to use them?
Only we care about this. All the privacy invasions facebook has forced upon its users have been readily accepted, and it keeps growing. Facebook knows this. Most people care more about UI changes, rather than this invasion.
I run facebook on the iphone, or in a separate browser, to keep in touch with some relatives in far away countries. It is great for that, and I am very happy to be able to do that.
I totally understand your concern about sharing things that might hurt you in the future. Anyway, I guess the Washington Post Reader wasn't designed for a lot of people like you, so there's nothing lost from not installing the app. But I have lots of friends who do love sharing all the articles they read, so to each his own.
I sympathize with people's concern about apps requesting more permissions than they need to do their job, but here, "sharing articles I've read" is a core part of what the product is.
So if you don't install the app, and I do, what's the problem?
Looking at where we have come from and where we are moving towards...
There are already webapps that require logins using Facebook connect and provide no alternate means for me to login (I've started creating many a fake Facebook account) and require a whole laundry list of permissions. It won't be too hard to in the future see that people are going to gloss over what permissions they are giving away so that they can get to their free article from the NYT or the Post.
This slow erosion is exactly what I am worried about. That is how the United States is slowly losing all forms of civil liberties and are slowly becoming a police state.
Naked scanners at airports didn't just suddenly happen, it was a long process with some fear thrown in from some stupid jackass with an underwear bomb. DHS used fear to allow them to patrol 150 miles inland from the United States border. The patriot act keeps getting renewed and the only reason it passed was because of 9/11.
No, saying "but it's okay right now, it won't do anything automatically unless you give it permission" doesn't help. Soon it will be "What do you have to hide? Permissions? The web is open..."
But I have lots of friends who do love sharing all the articles they read, so to each his own.
Not to cast aspersions, and I really don't mean this personally (which would be impossible since I don't know you), but is it possible that these friends are simply boring people? There's always an unspoken corner-case (perhaps a "center-case"?) where there are people with nothing to hide. I'm not talking about extroverts and exhibitionists who don't care how their personalities translate to the commenting-online world, but those who watch the news, have a couple of kids, go see a Luke Wilson movie, etc. and that's the extent of their external lives. There are lots of perfectly contributing members of society who have no interest in politics or celebrity, play Bridge on Wednesdays with that awesome Chex Mix that Annie makes, and so on.
Visiting an article need not be same as reading an article. Many times I end up clicking link baits with out knowing what they contain. So combined with auto posting, I'm increasing the noise for everyone without meaning to.
This is bogus, and a slight of hand meant to further erode privacy while giving Facebook an argument to fall back on other than "it's in our interest to post everything you do into our stream."
The bottom line is that what is actually going to happen here in the real world is that people are going to connect their Facebook account to these web sites, not realize or forget (yes, people forget these things) that this web site has been given the keys to the castle to post whatever it wants on their behalf, and a ton of shit is going to get posted to the internet that was beyond the intent of the user originally clicking buttons just to get past an annoying confirmation dialog.
That said, the people fighting against this are fighting a losing battle. Facebook is basically going to control the world unless someone comes in and tries to beat them at their own game and impose their own vision of how and when information like this should be shared.
orijing (the engineer at Facebook) is right in that you do have to auth the app.
It's not as though could be browsing one day in search of "abortions Chicago" or "genital warts" and have that auto-published to your FB page. You'd have to give an app explicit permission to share activities on your behalf.
I think the point is that you could sign up with LocalTimes' funky new daily deals site using Facebook Connect one day, clicking through a generic permissions screen as you do, because you trust LocalTimes aren't going to do anything spammy. If you know what the signup permissions mean (which if you're an average person, you don't) you decide you can live with some of your friends wondering whether you bought the half price pedicure you perused.
A month later, you're Googling for a local STI clinic and have no reason to believe that clicking on the top result (LocalTimes' eclassified section) is going to share your interest in local STI clinics with all your social network. But it is, because LocalTimes' single signon site which you're already logged into makes no distinction about what is and isn't to be shared, but they have made efforts to adopt this revolutionary new form of passive sharing which is going to push up their pageviews.
But I think the OP's point is that privacy will eventually fade away, so if I'm doing a Google search on "cure for HPV" this will be published publicly to my Facebook profile. I don't really care that "oh, it doesn't publish automatically unless you grant it permission!". I want to be notified when something is posted on my profile.
On another note, I'm seriously considering closing my FB account once and for good and leaving for G+. I have a good crowd of friends willing to do this (and invite their friends), but G+ offers no way to import FB data, which would be a nice feature.
I don't understand. You're afraid that your Google searches will be published to your Facebook stream, so you want to close your FB account and move to G+, because presumably Google is less likely to publish to your G+ profile than to your Facebook profile?
And what if Facebook decides that apps no longer need permission to access profiles? They don't care about using privacy /at all/. They purposely make the privacy controls hard to use.
We operate under the assumption that users will not do what they don't want to do, as long as we make it explicit what might happen. And if they make a mistake, they can always go change their settings.
This breaks down with the deluge of snippets of information, voluminous and arcane privacy settings, and the increasingly complex and cluttered UI. It's simply impossible for a normal user to keep up with.
Frankly, it's this assumption that makes Facebook untrustworthy. Perhaps you should assume that your users value their privacy. Asking for forgiveness rather than permission works for startups, but facebook is not a startup any more. Facebook has the users. They should start acting like they want to keep them.
I'm perplexed. If you find Facebook's privacy settings arcane and its UI complex, how do you get around Linux or Photoshop at all?
I totally fail to see how it can ever be a good business model to encourage users to share embarrassing stuff. Pretty sure, as a private entity who looks out for their own interest, they work to reduce this happening otherwise people would be leaving in doves.
Most people can't use photoshop or linux. I can, but do everything in my power not to, especially for something as trivial as a social network. But, with photoshop and linux, and when a user fails, they get frustrated and ask for help or give up. With facebook, they unknowingly spew semi-private communications all over the web. You're right- it's a terrible business model for an established company, and one that should have been snuffed out years ago when they still had a chance. It's now institutional, and I fear, permanent. Thankfully, Google appears to be ready to pick up the slack.
A lot of people can't get around Linux or Photoshop at all.
I think most people here can probably make sense of the privacy settings, but facebook has 750 million members. I am certain most of them do not even know where to find privacy settings, let alone know how to use them. Yes, they may be idiots for posting personal data to a site they don't fully understand, but it is reality. Simply trusting facebook not to exploit these people seems naive to me.
What ever made you think anyone would want this functionality, other than the sleazier, spammier publishers?
Why would any person _ever_ want to automatically broadcast on Facebook the URL of every web page they read on a particular site? What is the benefit, to them? "How do I publicize a big chunk of my browser history" is not a problem any real person has.
The problem with this feature has nothing to do with disclosure or opting out. It's that it seems designed SOLELY for the benefit of publishers, who get more clicks and promotion, and of Facebook, which gets more social content.
You forget that you are not the customer, you are the product. Facebook do not care what functionality you want, beyond what is required to keep you using the product. They care what their paying customers want, and that is access to as much information about the product (you) as possible.
Indeed. Since the post I was replying to purported to be confused at the negative backlash among Facebook members, I engaged on its own terms. I suspect at higher levels Facebook is at least somewhat aware it is acting exploitively.
One of my clients is a porn site, and we're currently debating whether it would be a good idea to even give users the option to post what scene they're watching on Facebook. Some users will legitimately want that (they don't care if people know), but we would rather err on the side of not publicly embarrassing people.
> And if they make a mistake, they can always go change their settings.
That is a really bizarre response. If a user makes a "mistake" and unwittingly publishes something embarrassing or damaging to their feed because Facebook made that transaction possible, the damage is done.
One of my Facebook friends posted a link to a story from The Guardian yesterday, I thought that was interesting so I clicked to read.
The Guardian pretty much demanded that I installed their app. In the end, clicking 'cancel' turned out to be the non-intuitive way to actually read the article.
Yes 'cancel' let me continue with the action that I had been attempting.
I'm curious, was there any user testing done? It seems odd to me that someone would actually want something shared automatically that they simply read. I understand wanting to make user interfaces more streamlined, but reading something and sharing something with your friends are distinctly different activities.
Seriously! How could this be anything but a crappy user experience? Who would want to share something before they even read it?
What would really suck is googling something private and clicking on a result that just happens to be on one of the sites that has permission to share. Oops.
Thanks for posting that, I have often wondered how Facebook could make such horrible usability decisions but it really seems like you guys have little understanding of why someone would want to use your service. 'You' had a relative spam free replacement for email and wasted that huge opportunity by letting random apps spam the channel. I don't want to share that type of crap not because I care about privacy, but because I don't want to waste the time of people reading my activity feed.
PS: I understand a huge part of FB's appeal and page views is the stalker aspect, but just think of all the people that would love to be able to flag all farmvill traffic as spam or simply ignore all posts by apps.
If there is something in your news feed which you don't want to be there, you can click the down-pointing arrow. If it is created by an app, you can even hide all posts from that particular app.
A hide from all apps would be nice, but I think that would catch updates from cell phones and the like too.
While I have nothing against making it easier for people to share their lives or interesting things they come across, I want these things to be opt-in, not opt-out. Facebook has a history not really giving a crap about user privacy. And honestly, Facebook isn't a company I want to trust very personal information to. That's why my FB profile is pretty much only bare bones stuff and a few pictures.
I prefer Google's approach with G+ - your information is only shared with those who you explicitly allow sharing to. And they never automatically share something. You're in full control. If you're making an online identity, that's the way it should be. There shouldn't be opportunity for things to get out of your control. And I fear that the general public won't realize this is an issue until it's too late.
Now, you can just dismiss the guy as bitter or whatever, but he does have a point. Facebook isn't the company you'd want managing your online identity. I have no problem with competition, but I have issue when one of those competitors acts sketchy and doesn't have the users' best interests at heart. It's even worse when the people either don't care or don't realize it.
Others have brought up the privacy concerns but for me the other issue is this: a share is an endorsement and if I havent had a chance to evaluate the content, I am endorsing it blindly. I may read an article and think it sucks so I wouldnt share it.
> If I remember correctly, the exact wording of the app permission request was alarming enough to get my full attention ("I, the application, can post as you" or something like that), so I'm worried less about a user missing that part.
Users don't read such messages, they press confirm buttons. Even if they read them most users will not understand the implications. It would be interesting to hear if you have done any user surveys related to this.
A lot of people don't share because it's another step, but if they could install an app like the Washington Post Reader (a great app--even Mark has it installed), they are happy with sharing articles they've read with their friends
I can't see the logic in this. I don't know if I want to share something until I've read at least some of it. I don't want it shared as soon as I open it in my browser. There should be another step...
I really have 2 quarrels with this; the larger one is that it shouldn't be acceptable for the behavior to change so radically without reauthorizing these apps. There should have been a separate permission for "automatically post without my action" which was turned on, and then let people enable it if they want.
The second quarrel concerns the design of the page that you linked to. I just checked the link that you sent, and I had about 50 entries, about half of which I don't remember adding and absolutely all of them were "more than 6 months ago" (in reality, some of them were more than 4 years ago).
Using your link, it was multiple clicks with a ~5s delay in the middle to remove a single entry. If you click a second X without waiting for the first response to pop up and click ok, it doesn't visually remove the original thing you X'd meaning you can't just go through and click all the X's.
No way to remove multiple entries at once. To remove all of the entries that I don't want took me something like 5 minutes, which is completely absurd. I have always been in general opposed to facebook apps so the average recent college grad could easily have something on the order of several hundred of these entries.
For anyone who knows anything about UX, it is fairly obvious that the page was explicitly designed to prevent people from removing apps. It is depending on a "laziness" factor to get people to do things that they actively don't want to do, which is horrible. It appears to be deliberately only removing the entry when you click ok on a delayed dialog even when the client side is 100% is sure that the entry is removed (click X, click another X without waiting for the dialog, the first item X'd will stay in the list since you didn't wait for the confirmation). Either a huge UI bug or a deliberate and unethical UX decision.
My issue with facebook is not at all what features they have or what privacy settings they have. The issue is that they deliberately use underhanded tactics to get their users to do what they want them to do. In the past they would change your privacy settings without telling you, and in this case they are using a privacy setting that meant one thing in 2007 to mean something very much different in 2011.
People who aren't as technical as you and I won't even think to look for the page that you linked to to begin with. In fact, people who aren't as technical as you likely won't even realize that the reason that these stream posts are showing up is because they clicked some facebook button on a website 4 years ago.
Existing apps that have been authorized will need to be reauthorized to get any new permissions, so you need not worry about previous apps suddenly doing something that you previously did not agree to.
I'll let the guys who maintain that page know about your comments about the UI. I suspect the one-app-at-a-time design is a combination of:
a) simplicity of implementation due to less code and reuse of components,
b) simplicity of use in the common case (just removing a single app),
c) not expecting people to selectively want to delete a whole bunch of apps (although there is a single "disable all" link),
d) that the platform team wants to collect ratings on the applications when you remove them to reduce distribution of apps that people don't like (and to take corrective action on apps that get bad reviews).
People who see posts on their profile page and find them irritating can easily hide them, and an immediate option is to remove that application. Each post is attributed to the application that made them. I'd say a level of web savviness is required, but not "technical" ability.
> so you need not worry about previous apps suddenly doing something that you previously did not agree to.
Except that pretty much every single app requested permission to post as you, even though almost none of them actually did. I don't know if this was because they wanted to leave themselves open to add extra features, or if there were obscure features that posted as you, but everything from bumper sticker apps to WSJ apps had the permission to post as you. In very close to none of these apps did they actually post without you taking a specific action and answering a prompt saying that yes, you really do want a post. I absolutely do not want any app to be able to post as me under any circumstance, and I have apparently had dozens of apps with this permission so far without me even realizing.
Because there is (apparently) no permission "allow them to post after prompting me", "allow this app to post as me" is the defacto choice for the former. If I authorized netflix to post as me in 2007, and it 4 years pass without it posting as me, then it suddenly starts posting as me in 2011 without me taking any additional action that is a serious problem, and that is the situation as I understand it right now.
From what I understand, this is an entirely new permission and is part of the new "Add to Timeline" system. I don't work on that part of Facebook myself, but this is how it was described in the F8 introduction to the system.
As soon as I read an article, my first action is to either send the link to specific people who are interested, or post it on my wall if I think everyone is interested.
Really? You've never read an article that you didn't feel compelled to share with somebody? Ever?
My criticism applies to users of the feature as well as developers of the feature. You wrote:
"As soon as I read an article, my first action is to either send the link to specific people who are interested, or post it on my wall if I think everyone is interested."
In such cases, you are deliberately being selective in your sharing. I think this is as it should be.
Everyone is overloaded with information now, and one of the best ways to deal with that is to be good filters for our connections. This implies being selective in what you send, rather than broadcasting a high volume, low signal-to-noise ratio because doing so is "frictionless".
The more people act as good filters/routers of information, the better signal-to-noise ratio we'll all get.
Ok... i'm miffed, as Facebook has embarrassed me twice this week!
First when I created a new list called "Hotties I still want to X." I thought only I would know what friends were going to be added to this list. Unfortunately, that isn't the case, as Facebook sent a notification to each person on that list. That was very embarrassing, thanks a lot Facebook!
Second is when I downloaded Spotify. The ease of use of installing and starting to enjoy music was great. So much so that when I chose to play my first track I forgot Facebook was notifying my friends what song I was listening to(one i want to keep private due to ex-girlfriends)!
Thanks again Facebook! You have embarrassed me twice in one week! ERRGGGghhhhh!!!!
okay. so, i always wanted to ask this. under privacy settings -> apps, there is a option to turn of all platform apps where i could select a few applications or all, and turn them off. but, the button to click on to turn them off is _always_ unchecked for me!
This functionality is already available by requesting the "offline_access" permission when adding an app. Until now facebook asked developers to cautiously make use of the permission, now it's actively promoting it. By making it the default behavior there is going to be a lot more content than it is today that is posted automatically, thus raising the chances of unhappy accidents. The user dialogs will become transparent to users over time, as they always do.
"We operate under the assumption that users will not do what they don't want to do, as long as we make it explicit what might happen."
That's a BAD assumption. Average users aren't nearly as smart as folks posting here, in that they don't understand things the same way we do. If you've worked on apps with real users, or observed what even average Facebook users do, I would be very shocked if you disagree.
"And if they make a mistake, they can always go change their settings."
Try this out with your 10 non-techie family/friends sometime - ask them to show you a list of apps they've granted perms to. That experience might change how you look at users.
"So I'm not so worried about users who sign up for the Washington Post Reader app, which is marketed as a social reading experiment, and subsequently complain that it shares your read articles."
What about family computers/tablets? Dad wants to share with friends - kid uses iPad and now stuff goes to dad's timeline. Who do you blame? How do you fix this?
> We operate under the assumption that users will not do what they don't want to do...
This assumption is either totally disingenuous or shows an extraordinary lack of self-awareness on Facebook's part.
Possibly it is true, in sensu stricto, that "users will not do what they don't want to do". But for far longer than the internet has existed, the foundation of the advertising industry (of which Facebook is unquestionably a part) has rested largely in convincing people to "want to do" things that are actually contrary to their greater interests.
In other words, Facebook has the critical mass to spawn an "opt-in" culture when they damn well please. And a network as large as Facebook has the potential to be quite corrosive to civil liberties and the social milieu, merely in how it it structured.
Why are users misinformed? Because facebook has only crept more outside the nice boundaries of its own website. There is a line somewhere in between facebook knowing only what I explicitly post, and it knowing absolutely everything about me that users will not accept. Seeing that we're only accelerating towards the "knowing everything about me" side with no sign of braking scares me. Whether that's where you're at now doesn't matter all that much to me. I've seen no sign that this isn't where you're headed, and I don't want to be a part of it when you get there.
Bottom line on why auto-sharing sucks: Just because you read an article on the Washington Post or click play on a random song you found doesn't mean you like it and want to share it. You might be promoting a article you hate, disagree with, or find boring.
You shouldn't stand up for facebook and scummy Mark Zuckerberg so much. You realize he's postponing IPO again and again so he can get you guys to work late nights month after month on tasteless projects like tracking people over the internet, kind of like carrots on a stick for donkeys, right?
The app requires explicit permission from the user in order to post activities automatically. The idea, if you watched Mark's presentation, is called "frictionless sharing." A lot of people don't share because it's another step, but if they could install an app like the Washington Post Reader (a great app--even Mark has it installed), they are happy with sharing articles they've read with their friends.
I understand you might be concerned, for example if you added that app without realizing that it will post content. If you are concerned about the privacy implications, you can always change individual permissions for an app by going to your account settings, then selecting the 'app' tab on the left, or by going to https://www.facebook.com/settings?tab=applications. If you are concerned about spamming your friends' news feeds, that's why we built ticker, for the light-weight activities like "watched a movie" or "listened to a song" or "read an article".
If I remember correctly, the exact wording of the app permission request was alarming enough to get my full attention ("I, the application, can post as you" or something like that), so I'm worried less about a user missing that part. In my known experiences, the app was installed with the knowledge that it will share your experiences--because the idea is you want to share your activities with your friends. As soon as I read an article, my first action is to either send the link to specific people who are interested, or post it on my wall if I think everyone is interested.
We operate under the assumption that users will not do what they don't want to do, as long as we make it explicit what might happen. And if they make a mistake, they can always go change their settings. So I'm not so worried about users who sign up for the Washington Post Reader app, which is marketed as a social reading experiment, and subsequently complain that it shares your read articles.
You might still be concerned, in which case, please let me know why (users being misinformed?), and I'll try to pass it onto the platform folks, who were really heads-down the past few months.