Has Facebook Checked In With Another Privacy Flub?

Facebook's launch of location-based services, Places, has set off a new round of criticisms that the company is too cavalier about its members' privacy. But, unlike prior product launches by Facebook, the potential violations don't appear to be as blatant as in the past.

The feature allows users to broadcast their locations on their profile pages -- which, depending on their privacy settings, are visible to the Web at large. The potential problem is that users also can check in their Facebook friends, which could compromise their friends' privacy.

Facebook has somewhat mitigated this potential pitfall by designing the feature so that check-ins by friends don't appear on the pages of the users being checked in until they explicitly agree.

But there's a potential loophole in that opt-in policy, reports Michael Zimmer, an assistant professor in the School of Information Studies at the University of Wisconsin-Milwaukee. When users check in their friends, that information shows up in the feeds of the users who made the post, Zimmer reports. Additionally, the friends' names appear in the locations' Places-generated pages -- and are visible to some, though not all, other Facebook users.

To test this, Zimmer checked into a liquor store and also checked in his wife, even though she hadn't agreed to broadcast her information and wasn't, in fact, present. "My wife did not explicitly choose to become part of location sharing," Zimmer writes. "She did not give any explicit permission to be associated with this location. Yet, there her name is, and anyone viewing my feed can now associate her with being at this location."

TechCrunch also examines the feature and reports that users can prevent their locations from showing up in their friends' feeds by opting out of Places entirely.

Facebook spokesperson Barry Schnitt tells Zimmer that people were always able to tell people where they see their friends. "If I see friend A at the mall, I may tell friends B and C of that fact in a face to face conversation, letters, phone conversations, email, blog or, more recently, through Facebook, MySpace or Twitter," he writes in a post to Zimmer's blog. "Other than the social norms that have developed over this sharing, there aren't any checks that require me to have friend A's permission to tell others or to even verify that I did see them at the mall."

Still, it doesn't seem accurate to say that Places is completely opt-in when Facebook users can effectively check in their friends without their prior authorization, even if those posts are only visible to a limited number of people.

Tags: facebook, privacy
Recommend (5) Print RSS
2 comments about "Has Facebook Checked In With Another Privacy Flub?".
  1. Paula Lynn from Who Else Unlimited , August 20, 2010 at 6:32 p.m.

    It never ceases to amaze - or not - how stupid people are to think this sharing will not bite them in the ass if not sooner than later.

  2. Clint Dixon from Sem Advance , August 20, 2010 at 9:05 p.m.

    Seems to me Zimmer should not have checked in his wife if she wasn't there. Then there would be no issue. The person at issue is those who circumvent systems trying to show how smart they are. (wouldnt a college professor have been deemed smart to get the job??) Remember professor judge not the splinter in another's eye, till you have removed the tree from your own eye.