Facebook privacy changes - a missed opportunity?
Posted on 07 October 2010.
Facebook announced yesterday that changes are coming soon to the Facebook interface, in particular to the 'Groups' system. According to CEO Mark Zuckerberg, Facebook will, for the first time, make it easier to share information with smaller and more intimate groups of "friends".

Among the changes announced, Mark Zuckerberg revealed tighter control over Groups and a dashboard amongst the Facebook privacy interface to show what Facebook applications have access to users' data.

Computer security experts at Sophos, however, are concerned that although these changes suggest a step in the right direction towards protecting personal information online, they may add complexity, rather than improving online safety.

Paul Ducklin, Sophos's Head of Technology, Asia Pacific, argues that the latest changes implemented by Facebook may well simply be another missed opportunity to get the fundamentals right.

"Adding more security-related dashboards, buttons and knobs is a start, I guess," says Ducklin. "But I, and many others, think that Facebook would do better to make a real grassroots change to its security."

Ducklin wants to see Facebook adopt a completely opt-in model, in which you can sign up as easily as you can today, but can't do much at all on the site until you have decided to open up each feature. In a poll conducted by Sophos earlier this year*, 93% of those asked said that they would prefer to "opt-in" rather than "opt-out" of sharing their information with others.

"No doubt Facebook shareholders looking forward to the IPO will want to maximise the number of users and the openness and availability of the information posted," continued Ducklin. "But Facebook is influential enough now, I reckon, to make bigger long-term gains by getting ahead of the regulatory curve than by waiting until legislators force them to change their opt- in/opt-out attitudes."





Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //