What the proposed Facebook privacy changes mean for you and your data

If you've a Facebook account you’ll have received an email in the last few days outlining details of updates that the network is proposing to make. The move follows a $20 million settlement between Facebook and 150 million users who brought a group action over the use of personal pictures, without permission, in sponsored stories.

The email advises users that two documents that describe data-usage (Data Use Policy) and user-information (Statement of Rights and Responsibilities) have been updated with proposed changes to the platform.

Users are advised to “take some time to read through everything and let us know what you think. Feedback should be posted within the next week on this blog post by Erin Egan, Chief Privacy Officer.

Facebook users have been quick to respond. There were 18,000 comments when I looked on Sunday morning.

Facebook and your data

The Data Use Policy runs to more than 9,000 words and is mainly educative, while the Statement of Rights and Responsibilities document is written in a legal-style and runs to 4,500 words.

The documents cover how Facebook uses your data, how it uses data that it receives about you, how it shares data with apps, and how it serves personalised ads based on your data.

Depending on your view of the world, Facebook is either a network that enables you to connect with family and friends, or the world’s biggest advertising platform with a reach of 1.2 billion consumers.

The price of using the network is that your data is shared with any apps that you use and is used for targeted advertising.

Facebook has been much maligned during its short nine-year history for failing to consult users whenever it makes changes to the platform that impact privacy.

This initiative is an effort to consult with users and avoid further flack. It’s also an effort to educate users about what data Facebook has about you, how apps and advertising work, and ultimately how to exercise greater control over the data that you’re sharing.

Highlights from the Facebook Data Use policy

Here are some key excerpts from the Data Use Policy worth noting.

1. Data you provide - Your name, profile pictures, cover photos, gender, networks, username and User ID are treated just like information you choose to make public.  Your birthday allows us to do things like show you age-appropriate content and advertisements.

We receive data about you whenever you use or are running Facebook, such as when you look at another person's timeline, send or receive a message, search for a friend or a Page, click on, view or otherwise interact with things, use a Facebook mobile app, or purchase Facebook Credits or make other purchases through Facebook.

2. Data about you other people provide - We receive information about you from your friends and others, such as when they upload your contact information, post a photo of you, tag you in a photo or status update, or at a location, or add you to a group.

3. Public vs. Private - Choosing to make your information public is exactly what it sounds like: anyone, including people off Facebook, will be able to see it. […] Sometimes you will not be able to select an audience when you post something (like when you write on a Page's wall or comment on a news article that uses our comments plugin). This is because some types of stories are always public stories. As a general rule, you should assume that if you do not see a sharing icon, the information will be publicly available.

4. App data - When you connect with a game, application or website - such as by going to a game, logging in to a website using your Facebook account, or adding an app to your timeline - we give the game, application, or website (sometimes referred to as just "applications" or "apps") your basic info (we sometimes call this your "public profile"), which includes your User ID and your public information.

5. Personalised advertising - Facebook offers a range of products that allow advertisers to reach people on and off Facebook. When we deliver ads, we do not share your information (information that personally identifies you, such as your name or contact information) with advertisers unless you give us permission. We may provide advertisers with information when we have removed your name or other personally identifying information from it, or combined it with other information so that it no longer personally identifies you. […] So we can show you content that you may find interesting, we may use all of the information we receive about you to serve ads that are more relevant to you.

If you have strong views on these points or any of the issues raised in the updated documents, I’d urge you to post a response to Egan’s blog.

Beyond that remember that the best approach to personal privacy on any social network is to exercise control by choosing how you share your data and monitoring how other people share data about you.