I’m not ready to give up on Facebook yet, like my friend Jason Perlow, but I can understand why he’s sick to death of it. The simple truth is that Facebook takes lousy care of your personal information and is happy to sell it to advertisers at the drop of a hat.
Now, I lead a pretty public life and I really don’t care if anyone knows, for example, that I like watching Dr. Who; reading the books of Terry Pratchett, or listening to alt.country music. But, I don’t want people ‘listening’ in to my IM (instant message) conversations or Facebook quietly adding applications to my account without me knowing. Facebook is already full of games like Farmville and Mafia Wars that are always trying to get my attention when I have less than zero interest in them. The last thing I need is yet another insecure Facebook App, which I didn’t even ask for.
For now, though, I’m sticking with Facebook. I’m just going to be scaling back a lot of what I’ve made public on my account though. While I’m not going to go as far as Perlow has in his excellent Lockdown or Death for your Facebook Profile, I have tried to make my site a bit more private, and here’s how I went about it.
First, and foremost, when you decide what information you’re going to try to keep private you should keep in mind that Facebook’s security is rotten. If you really don’t want something to be known about you, then don’t just keep it off Facebook, keep it off the Web. If you don’t, you could end up like the woman who lost her job because she had posted about her polyamorous life on Twitter, without realizing that in the brief time she had used her real name on her profile a Twitter search engine had picked it up.
You can argue all you want that she shouldn’t have been fired for what she did outside her job. I’d agree with you. But, the sad, simple truth is that she was fired because her private life wasn’t as private as she thought it was.
Does that scare you enough that you want to delete your Facebook account? Well, as that woman found it may already be too late to hide your deep dark secret. Google, Yahoo, and all the other search engines track down everything public on Facebook just like they do everything else. Even if you decided to delete your Facebook account today, the actual deletion will take at least two weeks and your ‘tracks’ on the search engines will persist for months and even years.
Me? I’m just going to get rid of some information. Yes, an expert can find and drag out most of this stuff from the Web if they know what they’re doing, but that’s the point. Facebook has made it trivial for crackers or advertisers to watch your every move. I just want to make it harder.
That said, head over to Facebook’s Basic Information tab and edit down what you already have on there. Is anyone ever going to need to find your full snail-mail address on Facebook? I doubt it. Out it goes. Do you really want anyone to know how old you are when a potential employer may very well hold it against you that you’re over 50? I don’t think so. Go over your information carefully and unless you can think of a good reason for it to be public knowledge, get rid of it.
Next, you need to be ready to spend a lot of time customizing your Facebook Privacy settings. I’ll make it simple for you though. While Perlow suggests that you use “The most restrictive level [which] is to choose Custom for each of these fields and to set it to Only Me,” I’d suggest that if you feel that way about it you should delete the information in the first place. For everything else, I’d set it to “Only Friends.”
That done, you should pay particular attention to the Privacy Settings Applications and Websites page. This page determines what your friends can share about you. I don’t know about you, but I want to be the one in charge of my information, not my friends. Here, I un-check everything. Facebook, bless their no privacy little hearts, wants to let my friends share everything about me both to Facebook and to other Web sites. I think not.
Another simple, for once, page you should pay particular attention to is the Instant Personalization Pilot Program. This is Facebook’s new toy, which lets Facebook — excuse me, you — share your information with third party Web sites. Maybe you feel the need to share everything that’s public about you on Facebook with, say, Microsoft via Microsoft Docs, but I’m not so trusting. Just say no and don’t allow it access.
The privacy settings let you clean up a lot of the mess, but it doesn’t take care of everything. Let’s say that you want to get out of some groups like, “IAlwaysGetDrunkonFridays.” Facebook doesn’t make it easy to just dump all the silly groups from one page. Instead, you need to go to each group and leave them individually. Look for the “Leave Group” link below the group’s image on its page and click it. Then, move on to the “IalwaysGetDrunkonSaturdays” page and leave it. You get the idea.
Next, let’s get rid of any applications you don’t need. Applications are especially bad about sharing your information with people so you should show no mercy in getting rid of them. To do this, head over to Account, select Application Settings, and then use the “Authorized” filter. Do not, do not, think that you can use the Facebook Applications link to do this. That only shows you a small fraction of all the applications you’ve authorized for access to your account.
If you’re like me, you’ll be amazed at how many applications you’ve given leave to raid your account for information. You could edit each application for how much it can show the world about you, but personally, I found myself zapping almost all of them. The Monty Python Gifts app., for instance, was funny once; it’s not funny for all time.
Once you’ve got all this done, you’ll be relatively safe on Facebook. Of course, Facebook can throw up another security hairball at any time and, goodness knows, we can always make fools of ourselves with our own efforts, but at least this will keep your information as secure as Facebook will currently allow. Good luck.
A version of this story first appeared in ITWorld.
