Language selection


A flaw in Facebook’s new privacy controls

This page has been archived on the Web

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

This week, Facebook launched new privacy control upgrades and, for the most part, the news reports have been positive.

But are these new upgrades a real improvement over past control settings? Chris Soghoian at Surveill@nce St@te points out a critical flaw in the new control settings, noting that Facebook claims its new privacy settings allow certain users to select which type of strangers can view their profiles. For instance, an undergrad student at an American university can specify that her profile can only be seen by other undergrads and grad students, but not faculty or administration. While it sounds like a great idea, Soghoian points out that Facebook has no way of verifying one’s university status:

“The company is only able to verify that the user has a valid .edu e-mail address, which could mean that the person is a student, staff member, professor, or alumni. As a result, Facebook asks users to self-report this information. Given an example situation where a student doesn’t wish for the Facebook-using professors at their university to be able to view their profile, it would be trivially easy for a professor to log in, and change his or her own status to that of an undergrad.”

While it’s nice to see Facebook responding to increasing concerns over privacy, the bigger question is whether anyone will actually use them. According to Facebook’s own figures, only 25% of its users have bothered to use existing privacy settings.

Date modified: