There will eventually be a great turning point on the web when everyone finally understands most of the privacy issues and makes a decision on whether they really want their lives to be private or not. If they go for privacy, Facebook will fizzle out--their business model depends fundamentally on invading privacy. If not, Facebook may just take over the world.
It's also worth noting that a lot of facebook's initial appeal, especially when compared to Myspace at the time, beyond its aesthetic improvement, was the fact that it seemed to stand for privacy. The status quo, myspace, was a public-only profile. A facebook profile was accessible only to your contacts or to your school. The available options have slowly but continuously drifted away from that simple promise. A lot of the site's initial traction was driven by huge demand for a reasonable set of privacy controls: myspace was useful but creepy. The argument that the web has moved on in the past six years and that the demand for privacy has lessened is perhaps a red herring, though only time, consumer demand, and viable alternatives will tell: there might be more of an opportunity here than people realize.
Overall, I think this is a really interesting question that society is confronting and it will be fun to see how it plays out.
Side note: I think a lot of the tech press and blogosphere miss a lot of the subtleties here because, well, people like Arrington, Scoble et al. weren't in school at the time, making the cautious decision to open an account. This has been a revolution led by young people, who are often surprisingly concerned about their privacy and don't depend or plan on Internet celebrity for their livelihoods. It feels a bit like eternal September except in reverse: as the demographic ages, the basic tenents erode.
I remember when all my friends joined Facebook - it happened between high school and university. A couple of them had MySpace during high school but everybody had Facebook by the end of the first year of university. Back then I distinctly remember some friends motivating their getting Facebook when they didn't have Myspace by explaining how Facebook only let your friends and university peers see your profile - as per the excellent parent comment.
I recently explained to these same non-tech folks that applications they have installed can see and now store all their data. They didn't realise this and I don't think they really believed me - perceptions, once formed, take a lot to change! And when only the tech media really discusses API access etc. it's not surprising that most people have not registered the change in how Facebook treats their data.
I quote a non-tech business major friend who was in the above conversation: "It's unintentional bait and switch man - he got everyone signed up by making things better than the other sites and then his investors realised how much money they could make, changed the way data is handled and all the clueless users won't realise it until its too late and Facebook runs the internet!"
Can you enumerate on how the privacy settings are dwindling? Which ones? I feel like I've had greater control over my privacy with more recent changes to Facebook.
As an example, "Likes and Interests," "Education and Work," and parts of "Basic Information" used to be text in your profile with a search link. That search would only show people who had chosen (via privacy settings) to display the relevant part of their profile to you. They are now group-like "Connections" to community pages, whose membership is not secret.
The privacy options have gotten really complicated. Under the original iterations of the model, the user always knew what the deal was. Now, it is impossible to know what exactly what is exactly going on. The original submission exemplifies this.
I don't mean to sound critical. It's not easy to innovate while aso supporting the needs of 400m+ users.
Obviously. a team of smart people have put a lot of time and effort into this system, but it won't ever be perfect. Again, it's been an exciting area to watch evolve and I suspect this will continue to be the case for quite some time.
I think it's worth pointing out that on Twitter, there is only one privacy setting, when you set up an account, and you have complete access to who sees your tweets. Unless I missed a major news story about this, I don't think Twitter has yet violated anyone's trust there.
Facebook, on the other hand, by either incompetence or some skewed sense of openness, at some point has made a choice that it wants to put all your information out there while giving you the illusion that you have some control over it.
The point is that privacy isn't impossible. It's simple. You have an element in a database that is flagged as important to someone, so you make sure that before you ever pull that element out and put it on the web, the proper controls are in place. It is just a choice a company makes of how high of a priority to make something, and Facebook has demonstrated that privacy means more to them as a PR issue than a real concern about user data.
Obviously some people will choose one way and some people the other. And Facebook will continue to serve those that are willing to trade privacy for convenience/connectedness.
> And Facebook will continue to serve those that are willing to trade privacy for convenience/connectedness.
But it won't serve them as well if half their friends aren't there any more. Facebook's biggest strength today is its ubiquity: I am "the awkward one", the odd one out, because I gave up on Facebook a long time ago over privacy concerns.
I have noticed over the past few months that I get an increasing number of e-mails from friends, sent to increasingly large numbers of my other friends as well as me, and mentioning that "X is up on Facebook but for the people who aren't...". At this rates, it's going to go back to being easier to send messages over e-mail and host your photos up on something like Flickr, and if that happens, Facebook is probably toast.
Also I'd dispute your statement "It's business model fundamentally relies on invading your privacy".
Without any invasion of privacy, they can probably make a few hundred million a year from random ads. Using your demographics to target ads better at you probably raises that to a few hundred million more.
So IMHO, invading your privacy is in no way necessary for Facebook to operate. It just allows them to optimize a little better.
I think you're underestimating the difference in revenue potential between targeted and untargeted advertising. The jury is out on whether Facebook actually has a sustainable advertising revenue anyway, but I'd guess that the potential income probably drops by an order of magnitude if you can't target specific demographics.
Even if I take your bait and leap to the conclusion that everybody spends their life pruning their Facebook friend lists, have your friends never said anything embarassing about you? As a prank, in a fight, etc.?
Thanks to Facebook, it can be in a thousand people's news feeds in a minute, and with the permanence of computers and the internet, saved forever on a hundred hard drives, some of which belong to people who are definitely not among your friends (that includes Facebook the company itself).
Its interesting you put things so black and white. I'm not sure its the case.
Take me for instance. I value privacy quite a lot, I don't even read my gmail over http, I'm always on the https site. :-)
However, given that the internet is populated with Ads, I'm more than happy to give the entire world a list of movies, music, bands, clothing brands, hobbies, etc. that I have so I don't keep seeing irrelevant, annoying ads.
I'd be happy if amazon obnoxiously let me know when a new CD from one of the bands I enjoyed came out, or that new movie by my favorite director was released on Blue Ray.
What I don't want, is the web knowing that I commented on such and such's wall, or that I'm attending my sister's surprise birthday party.
I think a internet with ads that doesn't infringe on privacy is possible.
But you could already look at publicly listed events and find out who was attending. This - in principle - isn't exposing any more information than what was previously there. It just makes it easier to access.
Sure, it still sucks. But it's not a major new security breach. All that it exposes is already there.
Whatever you think of Mark Zuckerberg, you have to respect him for this. He knows his information is available through the API, he has chosen to make it publicly available.
It is ultimate dogfooding; equivalent to being able to see Eric's and Larry's and Sergey's searches.
EDIT: blackswan is right; tamed down the comparison to Google in the last phrase
On the other hand, his celebrity is now giving greater exposure to the activities of his associates -- they're getting dragged in without much of a choice. I don't think that's very noble of him at all.
It's actually like seeing only a small selection of Larry and Sergey's searches - not all of Zuckerberg's content is public. He says so in one of his status updates that is public.
I'm not sure why people are so offended by what Facebook has done. They've just made the information people made publicly available already easy to parse for computers. Full disclosure: I had no way to prepare for Facebook's new features and I haven't change a single privacy settings since it launched. I just used this site to check what was publicly available for the first time and none of it was a surprise except my events and I don't feel invaded in any way. Feel free to browse around my profile.
what bothers me is not that people can see what I've rsvp'd to, but that they can see what I've been invited to, but ignored (unless i remove that event, which must be done manually for each event).
My friends invite me to a lot of events that I _never_ want to publicly be associated with, but unless I specifically remove this event, the whole world can see it.
This seems to integrate exactly with your existing privacy settings, so I guess there was no real surprise here. Mine were pretty much on lock-down anyway. I found myself, and every single link except my profile picture and my likes showed "data empty".
