Paul Walsh, the Irish Opportunist

Does this image provide you with more trust in how Facebook manages and shares your personal information? Do you trust this ’site validation’ assertion?

I read an interesting article regarding Facebook’s most recent privacy breaches on the Wall Street Journal site yesterday. It’s well known that Facebook has a complete disregard for users’ privacy by sharing personal information with third-party applications and making assumptions about the type of information they want to share with friends and the general public. Most readers of this blog are well versed on this subject, so I won’t bore you with the details or even talk about Facebook itself. Instead, I’d like to comment on the lack of solutions that help encourage companies like Facebook improve their privacy policies.

In particular, I’d like to comment on TRUSTe and how I don’t think the company is doing itself any justice when it comes to providing confidence in its own brand and its seal programme. Instead of launching new products that support mobile, TRUSTe should focus on getting its main product right. Trust is fragile and when lost, it’s almost impossible to win back.

TRUSTe is one of the most widely recognized seals used by organisations that want to demonstrate their conformance and commitment to privacy policy best practices. To demonstrate this commitment, organizations place a TRUSTe privacy seal on their Web site. Users can click on the seal to authenticate the trustmark and find out more information about the best practices. Check out Facebook’s authenticated seal.

According to Fran Maier, TRUSTe Chair

While TRUSTe certifies the privacy practices of Facebook.com, we do not certify the privacy practices of third party applications on the site like those referenced in the WSJ’s article.

Here’s TRUSTe’s biggest shortfall and something they must address if it is to be taken seriously long term. By asserting that Facebook.com lives up to the TRUSTe code of conduct, it is asserting that all applications and content live up to the same standard.  Companies are responsible for content and applications that users access through their site if it is perceived that they control or own that content. That is, according to legislation in countries such as the UK. Even if this didn’t fall under country-specific legislation, it’s quite obvious that TRUSTe’s seal should cover this aspect when almost everyone on the planet is unhappy with Facebook’s approach to privacy.

According to Chris Babel, CEO of TRUSTe in a post by ZDNet

Facebook has complied with TRUSTe’s policies in that it has quickly responded to the data leak and it suspended some of the applications. “That’s exactly what we want to see.”

Chris’ statement tells me that TRUSTe is now allowing big corporations to break the rules as long as they “have a process”. Sounds like ISO9000 to me - it’s a ‘get out of jail free’ card - it’s ok not to documented processes as long as you have a process for documenting them in the future. Shouldn’t TRUSTe revoke the seal until they have fixed the actual problem?

Either Facebook should live up to the code that the TRUSTe seal asserts, or TRUSTe should remove the seal.

If you look again at the TRUSTe page above which validates Facebook’s privacy seal, you can ‘Positively Endorse’ the assertion with one click of a button. Don’t do what I did and click the button to see what happens - or you’ll give the wrong impression by increasing the number of endorsements. To file a complaint however is a different story. You must first contact the site owner and then complete a form on TRUSTe’s Web site. I understand why they have this process, but why not allow the community to counter the endorsement also, so we can see a balance? I’m guessing it’s because the vast majority would vote against Facebook. If you’d like to file a complaint about Facebook’s use of your personal information please do so using this form.

Do you now trust Facebook given that you know it’s trusted by TRUSTe and now that you know it complies with its privacy seal?

The most interesting conversation to come out of SXSW for me was Sarah Lacy’s unfortunate interview with Mark Zuckerberg. Paul Carr (by the way, welcome to Twitter Paul!) captured the moment succinctly

Sarah Lacy (SL): “Thank you - thank you all so much. Now let’s hear it for this guy - Mark Zuckerberg everyone! So, I wanna start by asking - as I did in my book - why do you think Facebook… which I use like all the time - is so great?”

Mark Zuckerberg (MZ): “Well…”

SL: “What I mean is - what is it about Facebook that has attracted not just me but millions of other people like me to sign up?”

MZ: “Terrorism.”

SL: “I totally agree. Can you say more?”

MZ: “Sure…”

SL: “Can you believe this guy? Wow - I mean his answers are so short - seriously I think he’s the biggest loser I’ve ever interviewed. Hey Mark, can I tell the story about the first time I allowed you to be interviewed?”

MZ: “Sure… I guess.”

SL: “Ok, so, like, I’m interviewing Mark - and we’ve been talking for like twenty hours and Mark was like ‘I need to pee’ and I was like ‘that’s so interesting and sexy’, tell me more and he’s like ‘no I really need to pee’ and I’m like talking about my book and like the next thing I know he’s peed all over the floor and it’s like so cute and hilarious.”

MZ: “Thanks for sharing that.”

(Audience break into spontaneous standing ovation, in awe at Zuckerberg’s razor sharp retort. Fat guy at the front screams and faints. Twitter crashes.)

SL: “Ok, so getting back to Facebook, I wanna ask you about privacy and Facebook Beacon.”

MZ: “Ok, well, let me say that Beacon isn’t something we’re really focussed on as a company right now - I mean it’s like not something I’ve even really heard of. What people don’t understand is that it was developed by our platform team and not our advertising team - so really it’s not advertising at all. I mean, in the Lebanon, kids are actually using it to interact with Coca Cola which - and this is unbelievable - makes them realise what they’re missing by not being in America and that’s why there will never be another nine eleven. But we’re not the only company delivering world peace through invasive advertising, we’re just one of the people in the space. We want to focus on building the platform for world peace and let others build on that.”

SL: “Ok, stop talking now. Jeez! It seems to me anyway, that Beacon is not really the issue. In fact, I shouldn’t have even mentioned it. The big issue is the news feed, what can you say about that?”

MZ: “Well, it’s just something we’re not really focussed on having to explain right now.”

SL: “Ok, that’s fine. Now - last night you told me you were gay and like to fuck squirrels - can I tell that story?”

MZ: “Er…”

SL: “Ok, well, I guess I should have let you make that announcement, gosh darn I’m so ditzy (giggles). So what’s it like to be rich and to have journalists, like, really want to sleep with you?”

MZ: “It’s just not something I’m focussed on right now.”

SL: “How about if I do this?”

(Lacey begins to fellate Zuckerberg but, remarkably, is able to keep talking….)

SL: “Well, sure, that makes it so much easier.”

(Three rows of fat guys at the front of the room orgasm as one at the incredible comedic timing of Mark ‘Bill Hicks’ Zuckerberg as Lacey switches position for a reach around.)

SL: “Ok, well, that’s all we have time for - if you want to know more about how awesome - but dorky - this rich guy is, I guess you’ll all have to read my book. It also has the story about how I famously poured water into Serge Brin’s laptop on my show at Yahoo.com. That was sooo funny. And when I hyped Kevin Rose on the front cover of Business Week and then sold a book to Penguin on the back of it about overhyped web 2.0 companies. Don’t worry, Mark, I’ll give you a discount. And I’ll even throw in a copy for your girlfriend. What’s her name?”

MZ: “Uh…”

SL: “Ok, great! Well thank you very much Mark - it’s been a really insightful conversation on one point five billion levels. And, to the audience, I just wanna say thank you both for staying.”

Session ends.

Paul’s original post from which I stole all of his content can be found here. Please subscribe to his blog. He’s hilarious!

As a result of the poor interview, Mark called for a second interview which Jemima Kiss articulates very well.

To his credit. Mark Zuckerberg has acknowledged that a lot of people were frustrated by the wasted opportunity of yesterday’s keynote interview with Sarah Lacy. He did the interview on the condition that she was the interviewer, so whose to blame there?

In the rather more tropical surroundings of a safari-themed bar, Zuckerberg announces that he thought he’d drop by “because yesterday’s keynote just wasn’t enough fun”. That media training has really been paying off.

“One of the big pieces of feedback from yesterday was that people didn’t get a chance to ask enough questions. People were more interesting in product development and technical questions - I’m really interested in those issues like scalability but we thought we’d open up for another 20-30 minutes today.”

So in the midst of the developer garage, what did his home crowd really want to know?

Data portability is a big issue. Zuckerberg said that he wouldn’t necessarily commit to signing up to the same open standards as the other big social networks. “Beacon is a first iteration of that approach to help people share information. We are philosophically aligned with this openness and efficiency in the community but, at the same time, we don’t know what other people are doing and whether our policties are aligned.”

Robert Scoble got kicked off the site (albeit for just one day) because he appeared to be scraping data, rather than ’sharing it’.

Balancing the advantges of data portability with people’s privacy concerns is tricky: “We think sharing information is good, which is why we started this whole platform thing. But these are some of the questions that need to be worked out.”

Music: Is music a focus for the site? Not especially. The site didn’t predict how causal games like Scrabulous would take off (Zuckerberg plays it with this grandparents, aw). The great thing about having a platform is we don’t need to be editorial.

“We don’t need to say what will be the right applications because the market will sort that out for us, and the people that build the great products and applicatiosns will be able to build the great companies.”

It’s a very clever business model, because it lets the users determine the trends and leaves all the R&D to external companies. Nice.

Spam: Facebook will be cutting down on application spam, as he said yesterday: applications will be encouraged to focus on the level of proper engagement they have with their users rather than the number of installs, and the more popular apps will be able to send more invites.

China: He also said that he doesn’t look at time spent on the site as an important metric: Zuckerberg thinks that, like Google, the site should make communication more efficient and help people do what they need to do.

Facebook is looking at the issues of moving the business into China, said a very confident and relaxed Zuckerberg. He’s very open about it forom the start: “Making sure that people’s private information is private is a really important thing for us to do,” he said, explaining that there are only really two options in China; either have the government censor your site and impair the performance of traffic to it inside the country if it doesn’t like you, or have servers inside the country which will be shut down if you don’t follow their policies.

“There are ways to position these things make decisions and set them up to create minimal exposure,” he said. Now that China is on the verge of overtaking the US as the world’s biggest internet market, this strategy is increasingly important.

And has it been a strain for you, Mark, being under such scrutiny because of the success of Facebook? He’s now the world’s youngest billionaire, according to Forbes.

“That’s an interesting topic for a develop garage! I have a small group of really good friends and going through this whole experience of building the company has often been a strain but has helped build interesting friendships.”

Jemima’s original post from which I mercilessly stole her content can be found here. Jemima is also one of the few bloggers that I’m subscribed to, so make sure you’re tuned in. She has her finger well placed on the UK digital pulse.

I’m not sure I like either of Mark’s two options to expand into China. I don’t like the idea of filtering content on behalf of the government, full stop. But what’s the alternative?

Also, check out Rebecca Caroe‘s post on the BIMA blog about panel put together to discuss online advertising for newbies.

James Corbet made a wild assumption which I’d like to address. In summary, James blogged that I violated a friend’s privacy by streaming live to the Web using a mobile video service called Qik.

I’ve pasted James’ blog post along with the comments left by other bloggers. I’ve done this because James doesn’t have email subscription to posts which means commentators aren’t informed of other comments being left. I really wish all blogs had this feature, including TechCrunch.

James said

So you’re out with a group of friends in a pub, enjoying a few drinks, letting your hair down. As you do. And then one of them pushes a camera phone in your face and starts streaming video live to the web. And immediately announces the fact to 518 other people. Not only that but he’s oblivious to your protestations and pleas to stop.

I don’t mean to pick on Segala’s Paul Walsh because I’ve certainly enjoyed and appreciated his video coverage of events like the inaugural Irish Digital Industry Association Dinner in Dublin recently. But Paul is a guy who writes regularly about online privacy and is CEO of Segala, a company developing technology which, among other things, is designed to help you find websites which follow best practices for privacy and copyright.

However, it seems to me that during last night’s broadcast Paul crossed the line by invading the privacy of at least one friend. If someone asks you to stop, puts their hand in front of the camera and looks clearly uncomfortable when you refuse is that not a blatant violation of their privacy? I don’t presume to know Paul’s friends so perhaps I’ve misread the situation but if someone did likewise to me I’d be very tempted grab their camera phone and dunk it in my drink!

Comments left by other bloggers

In particular, the live aspect means there is no opportunity to undo the posting of something you immediately regret doing. I can imagine a similar problem with Shozu when people are out on the tear. Qik Content Labels? “Warning, this video may contain scenes of drunk people”

Posted by: Conor O’Neill | Feb 6, 2008 12:26:35 PM

Damn, that last line would have been a much better post title than mine! Yeah, I only bring the issue up for discussion because I think it’s something that we’re going to have to be increasingly concerned with. As I say I thoroughly appreciate informative videos like Paul’s other ones and your Cork OpenCoffee ones and Pat Phelan’s travel ones, etc. But I’m thinking ahead here and realizing we’ll probably have a few QIKers at the Irish Blog Awards and similar sociable events this year and wondering if we’re going to have people streaming video from inappropriate situations? What are the ground rules? What etiquette applies?

Posted by: James Corbett | Feb 6, 2008 12:47:48 PM

It’s a discussion that has to happen and I think it’ll be a major issue as services like Qik are adopted by the greater web community. Over time, though, people will become comfortable with such invasions the same way we don’t think twice now about the plethora of CCTV cameras watching our every move.

Posted by: Eoghan McCabe | Feb 6, 2008 1:09:17 PM

Having had people shove cameras into my face and say “Can I put you on my Flickr?” I’m pretty used to this, but there is a time delay between the act of recording and the act of uploading. Qik, and others like it, destroy that delay (as you point out), and without immediate web access - like in a bar - you can’t delete something that fast, and even if you could it would be already online. Once on the the Internet, always on the Internet, right? Mind you grown-up, ‘digital savvy’ people in a bar will pale beside what will happen when more nefarious people get hold of this mobile tech. Interesting post!

Posted by: Mike Butcher | Feb 6, 2008 2:20:59 PM

My response

@James - I think you’re right. We do face a potential problem and a lot of care should be taken when streaming live to the Web. I’ve since removed my videos of last night but for different reasons.

Please note that everyone around the table were aware up front, that I was going to stream live. In fact, I spent about 5 minutes trying to change the SIM from my iPhone to the N95 so I could do it. With this post in particular I think you should have asked if anyone genuinely didn’t want to be filmed.

Some people put their hand in front of the camera when in fact, they love it. No, I’m not saying that no means yes or maybe

Do you use Qik and if so, do you worry about the privacy you just happen to capture in the background?

[Update. After actually seeing the paper for myself, I can tell that my blog wasn't 'awarded' anything as the title of this post suggests. It was featured in Blogspot of the week, which I'm just as happy with.]

I’m absolutely over the moon about this. We all like our egos stroked from time to time and I’m no different to anyone else. This is particularly true because Segala (or I) have never been nominated and therefore have never been in with a chance, to win an award. Segala has purposely stayed below the media radar until now. My partner in crime, Asheesh Dewan and I have spent the guts of €1m on our new business model and technology so that it would be fit to take to investors. I’m hoping that 2008 is the year that everyone will be talking about Segala and our method of enabling more trust on the Web.

To win best blog of the week by the Irish Times is a great start to 2008. My thanks go to Damien, my new Head of Communications for suggesting that I decouple it from the Segala blog (notice I didn’t say Marketing Director, that’s old school). I must admit, I felt liberated when I started writing here. It’s as if I felt that bit closer to you, as a reader/contributor. Kamrul also did a great job building it within 2 days of Damien’s suggestion. Let me know if there are any features you particular like or dislike or if you think I should implement something.

Read more…

I wrote a blog post recently entitled ‘Facebook doesn’t spam you, your friends do’. In the comments, I thought I’d argued the point well, by demonstrating with examples, how to disable email notifications. This wasn’t to be the case as Michele and Joe continued to disagree with my view.

Today, via Twitter, Christine Lu complained about receiving silly email notifications even though she no longer had a ‘Fun Wall’. So, I gave her a couple of tips to resolve the privacy issue. I seem to do this quite alot, so rather than continue to type them each time, I’ve decided to write a short tutorial in the hope it will help more users manage the noise to a level that suits them.

Email Notifications

Let’s start with email notifications as that seems to be a bone of contention for a lot of people. Facebook notifies you by email whenever actions are taken on Facebook that involve you.

Each application has its own email notification settings. From your home page, select edit to view the settings for each application.

Selecting edit will take you to the screen below. Click edit settings on the right of each application to change the settings for that application.

Selecting Edit Settings will present you with the screen below.

As you can see from the screen shot above, it’s possible to switch off email notifications. It’s also possible to switch off other forms of notifications such as news feeds.

You can reach the preferences page via unwanted email notifications. The screen shot below shows what a typical email looks like. Most people probably ignore or delete their emails, which is why they don’t know it’s possible to put a stop to them.

Scared of people seeing you in a compromising position?

Facebook’s privacy settings are the best I’ve every seen on any type of platform or application. They’re so granular you can display pictures to certain friends, whilst hiding them from others. You can choose who can see your wall or status updates and who can’t.

Below is a screen shot of your home page. Choose privacy at the top of the page so you can set these preferences.

When you’ve selected privacy, the privacy page will display as you can see from the screen shot below.

Without going through the entire page, I’ve highlighted what I deem the most important; pictures, videos and personal contact information.

Facebook notifies you each time a friend tags you in a picture or video. But if you’re still worried about being caught running down the high street dressed as a chicken, there are precautions that you can take (apart from the obvious; don’t get caught).

1. You can remove the tags as soon as you’ve been notified by Facebook.
2. If this still makes you feel uncomfortable you can always change your preferences so that only your friends see pictures and videos that you have been tagged in.
3. You can even make sure that nobody sees any pictures or videos that you have been tagged in.

Note people who are not your friend, are unable to tag you.

Everything within a private group remains private to members of that group. However, as soon as you tag a picture or video, they become public. I’ve had a friend caught out by this feature.

Do you want people to find you?

Your profile is set to open by default. This means anyone can search for and find you. Your profile may even appear in Google search results. You can either leave your profile completely open, or, you can decide exactly what information you’d like displayed. You can even make your entire profile private, so that only your close friends can see it.

As you can see from the screen shot above, you’re in control of what people see, not Facebook. They leave it open because to close everything by default, we’d end up with a very boring static Web site. It certainly wouldn’t be ’social’.

Show your friends, hide from your colleagues

Some people may not want to be completely open with everyone. If, like me, you like to keep certain things private, such as your wall, status update, pictures, groups, friends, posted items or personal information, then these preferences will be of interest.

Below is a screen shot of the page where you can completely block individuals whilst displaying specific information on an individual basis. You may want to block your boss, show a limited profile to your line manager and allow your work colleagues to see everything.

As you can see from the screen shot below, it’s possible to display as much or as little as you like to specific people.

I haven’t gone through all of the preferences available, but you should be well versed by now and be able to protect yourself from SPAM coming from your friends.

Conclusion

1. You own your data.
2. You are responsible for controlling how much of your data is seen and used by other people.
3. Facebook does not SPAM you.
4. Your friends SPAM you.
5. If you don’t want your friends to SPAM you, ask them to stop or change your preferences.
6. If your friends don’t stop or you are too lazy to change your preferences, remove them from your friends list.
7. Facebook is responsible for protecting your data so other organisations can’t harvest and SPAM you.
8. If you don’t like any of the above, leave Facebook and read a book