You’ve no doubt heard that Facebook says it was tricked into allowing a professor at Cambridge University to collect data on 50 million users, who in turn passed that data on to Cambridge Analytica, who then gave it to the Trump campaign.
The professor collected the data using an app called “This is Your Digital Life,” which offered people a personality profile in exchange for answering some personal questions. About 270,000 people downloaded the app, but the reason it affected 50 million users is because Facebook allows app developers to get a limited amount of information about the friends of people who use such apps.
Personally, I think this is a bad practice, and I’d like to see Facebook turn this off as the default setting, but there is a little-known privacy setting that allows users to turn off this permission so that “apps that others use” can no longer expose your information.
A lot of people are understandably angry, and some have already deleted their Facebook accounts. If that’s what you really want to do, read on and I’ll tell you how to either permanently delete yours or deactivate it with the option of reactivating it later. But before you do that, consider tweaking your privacy settings, including reviewing and possibly removing installed apps or changing their permissions. It isn’t always obvious, but there are several ways you can control your Facebook privacy settings.
I wish it weren’t necessary for me to write this column, because Facebook users would be better off if privacy were engineered into the service with more restrictive default settings and the option to loosen them through informed consent. And, based on a recent statement by Facebook CEO Mark Zuckerberg, that may soon happen. But until then, a guide like this is necessary. But first a disclosure. I’m CEO of ConnectSafely.org, a nonprofit internet safety organization that receives financial support from Facebook. I’m also on Facebook’s Safety Advisory Board.
Let’s start with app control.
You can view and control the data apps collect by going to the Apps settings page as follows:
From the web: Click on down arrow at the upper right of any Facebook page, select settings and then select Apps in the left column. That brings up a page that lists your installed apps. Click on an app to see and edit its permissions.
Mobile: Click on the three horizontal lines (upper right Android and bottom of iOS screen) to bring up the menu. Scroll down and click Account Settings and then Apps. Tap on an app to view and edit its privacy settings.
You’ll see a blue check mark next to each permission that you have (possibly unwittingly) granted. In some but not all cases you can uncheck that mark to remove that permission. Note that one option is “Friend list.” This is where you’re giving that app access to at least some information from all of your Facebook friends. If you can’t remove a permission you care about or in the likely event you’re not actually using the app, go back to the main app page and click the X next to the app to delete it.
You can also control the information that your friend’s apps can reveal about you. This is important, because it’s the reason why 50 million people’s data was disclosed to Cambridge Analytical even though only 270,000 downloaded that app. It’s not as though people deliberately disclosed information about their friends, it’s just part of what happens when you click that permission box that most people neither read nor heed.
This is possible because, unless you change your default settings, apps can collect at least some of the information you share with a friend. So, if you share your “interests, things I like” with me, I can wind up passing that on to an app developer without your having to give your permission. It’s a bit hidden, but there is a way that you can restrict this by configuring settings in Apps Others Use.
To review and restrict those permissions: Click down arrow on top right of any page, select Settings, click on Apps in the left hand column, scroll down to Apps Others Use, click Edit. You will then see a list of different things about you that they can pass on including your bio, birthday, political and religious views, your app activity, things you like and possibly even your religious and political views. Not all of these will be checked by default, but it’s a good idea to see what is checked and uncheck anything that you don’t want your friends to pass on to apps.
There are of course other things you can do to protect your privacy. You can begin by making sure you’re only posting to people you want to share with. Each time you post, there is an icon such as a globe for public or other image to indicate if you’re sharing with friends, friends of friends, only me, specific friends or a custom list. This gives you an enormous amount of granular control. You could, for example create a list of friends or family members and send a specific post just to them.
Note that this setting is sticky so it stays in place until you change it. If, for example, you decide to post something to Public, you’ll need to change it back to Friends or whatever you prefer, the next time you post — otherwise that post too will be public.
There are also some general privacy settings that you access by clicking the down arrow on the top right of any page, select Settings and select Privacy in the left column of the Settings page. These include whether your Facebook profile can be accessed via a search engine such as Google, who can send you friends requests and more. One option lets you control “who can see your future posts,” but beware that if you change this when you post, that change overrides whatever you select here.
Of course, anything that is digital can be copied and pasted, so if you truly want to keep something out of view, don’t post it online or even send it by email unless you’re 100 percent sure that everyone who can access it can be trusted not to deliberately or accidentally share it. Good luck with that.
Finally, there is the ultimate Facebook privacy setting — deleting or deactivating your account. Deactivating is reversible. Facebook saves your data and friends list and lets you re-activate later. Deleting is permanent. To deactivate, click on the down arrow at top left of any page, select Settings, click in the general tab in left column, select Manage Account, scroll down to Deactivate your account. You’ll be asked to re-enter your password.
If you’re truly ready to #DeleteFacebook, go to the Facebook help center by clicking the question mark (?) on the top of any page and type in Delete Account. You’ll get a full explanation of what to do and what it means to delete an account, including the caveat that your data doesn’t go away immediately.
For more advice, including how to block users, visit connectsafely.org/facebookprivacy.
Larry Magid is CEO of ConnectSafely.org, a nonprofit internet safety organization.
Published at Wed, 21 Mar 2018 07:00:54 +0000