Facebook Privacy (Or Lack Thereof)
There's been a lot of talk recently about the issues regarding Facebook's recent "improvements". Besides the obvious bugs like the one where you could see your friend's chats, the fuss is pertaining to the "instant personalization" mechanism they added. This allows third-party application to retrieve the data about any user that visits the site without the user giving any authorization. Even worse, the application can also retrieve the data about all the friends of the visiting user. This means you can't do anything to stop your data from being taken by an unauthorized third party save for deleting your account.
Even after you delete your account, the information you've provided is still saved by Facebook. In fact, the data you put on Facebook doesn't belong to you. Legally, that data belongs to Facebook. They own you. Scared yet?
Leo LaPorte, a famous tech personality, recently deleted his profile because he noted that by staying on the site, he was encouraging others to use the site. He resasons that while he's savvy enough to know that none of the data put on Facebook is actually private, others may not, and by somewhat encouraging people to use the site, he is therefore also encouraging them to unknowingly disseminate private data.
I feel this is an appropriate symbolic gesture for somebody like Leo to bring attention to the problem, but personally, Facebook is still a useful way to share data with the world. I'll continue to use it as if it's completely public until there's a better alternative.
What does a successful alternative look like? It's hard to predict. I and the tech community generally agree that the best solution is distributed and open source. A distributed solution is not a single site, but rather an infrastructure of standards and protocols for securely sharing personal data. Having a common protocol would allow for the facile communication between "identity providers", or separate applications that can communicate with each other. With a common protocol, it would be a simple process to export one's information from one provider to another, creating a competitive identity marketplace. Also, no company should own your online identity, so the ideal solution would also legally make the assertion that you are the owner of your data. We'll see what happens! The web is still like the old wild west, so anything could happen.