Facebook's Privacy Settings Are Actually "Evil Interfaces"

Facebook is in a quandary: they want to sell their users’ data for cash, but they don’t want to look like doucheshnozzles. What’s a social network to do? Design a byzantine apparatus for opting out of the privacy-invasions that confuses and discourages the user from using it effectively, while still appearing to be user-friendly and functional. That way they can have their cake and eat it and sell it too. In other words, it’s an “evil interface,” and Facebook’s privacy settings are full of them, argues the Electronic Frontier Foundation:

…a good interface is meant to help users achieve their goals as easily as possible. But an “evil” interface is meant to trick users into doing things they don’t want to. Conti’s examples include aggressive pop-up ads, malware that masquerades as anti-virus software, and pre-checked checkboxes for unwanted “special offers”.

The new Facebook is full of similarly deceptive interfaces. A classic is the “Show Friend List to everyone” checkbox. You may remember that when Facebook announced it would begin treating friend-lists as “publicly available information” last December, the change was met with user protests and government investigation. The objections were so strong that Facebook felt the need to take action in response. Just one problem: Facebook didn’t actually want to give up any of the rights it had granted itself. The result was the obscure and impotent checkbox pictured here. It’s designed to be hard to find — it’s located in an unlikely area of the User Profile page, instead of in the Privacy Settings page. And it’s worded to be as weak as possible — notice that the language lets a user set their friend-list’s “visibility”, but not whether Facebook has the right to use that information elsewhere.

A more recent example is the process introduced last week for opting out of Instant Personalization. This new feature allows select Facebook partner websites to collect and log all of your “publicly available” Facebook information any time you visit their websites. We’ve already documented the labyrinthine process Facebook requires users to take to protect their data, so I won’t repeat it here. Suffice to say that sharing your data requires radically less work than protecting it.

Apropos of the discussion, there is a big Consumers Union-sponsored conference going on today at CUNY all about Facebook’s privacy issues, called “Social Insecurity: Risky Consumer Behavior during the Era of Social Networks.” You can tune in here on Tuesday May 4th at 12:30pm ET and watch the livestream, via Facebook, natch.

Wigged out yet? Maybe it’s time to think about deleting your Facebook account forever (here’s how).

Facebook’s “Evil Interfaces” [EFF]
Social Insecurity Livestream [Consumer Reports Facebook Page]