All Things Digital

Who says Google (GOOG) is hoarding Silicon Valley’s tech talent? In August of 2007, Gideon Yu, a Valley train-hopper with stints at Yahoo (YHOO) and then YouTube, resigned from his position at the video-sharing site shortly after it was acquired by the search engine to become CFO of Facebook. A few months later, Benjamin “bling” Ling, described as one of “Larry and Sergey’s golden boys,” left Google to run Facebook’s platform program. Then this past March, Sheryl Sandberg, Google’s vice president of global online sales and operations, bailed to join the social network as chief operating officer. Ethan Beard, Google’s director of social media, followed shortly after, taking a job as Facebook’s director of business development.

Now another prominent Googler has train-hopped to the popular social-networking company as well. As first reported by BoomTown, Elliot Schrage, vice president of global communications and public affairs at Google, is leaving the search sovereign to become Facebook’s vice president of communications and public policy.

“[Elliot Schrage] will be responsible for developing the key messages we want people to understand about our products, our business and the growing global importance of social networking and what we do,” Facebook CEO Mark Zuckerberg said in an email to employees announcing the hire. “The goal here is to help people understand how the Internet can strengthen people’s relationships. Elliot will direct our efforts to work with users, media, governments and other entities around the world to ensure that Facebook’s policies are transparent, responsive, effective and are recognized as being those things. … This is a really important role for us and one that we’ve been trying to find the right person for a while. Elliot’s role will be critical to helping us scale based on our culture that values transparency, openness and honest internal communications.”

“Elliot’s role will be critical to helping us scale based on our culture that values transparency, openness, and honest internal communications”?

Clearly, Zuckerberg meant “build from the ground up a culture that values transparency, openness and honest internal communications.” Because it’s only been about six months since the Beacon fiasco, which demonstrated how grievously the company was lacking in those qualities (see “DiaperFetishFactory.com Is Sending a Story to Your Profile,” “Epicurious Has Added a Potential Privacy Violation to Your Facebook Profile,” “Fiascobook,” and “Fiascobook, Redux“).

Perhaps if Facebook recruits enough former Googlers, it too will be able to lay claim to a silly informal motto like “Don’t Be Evil.”

The ability to control how much information is available to the public has long been one of Facebook’s core principles. It was this very feature, for example, that Facebook used to distinguish itself from other social networks back when it first launched.

Of course, the ensuing years proved that protecting the privacy of its users was not exactly Facebook’s strong suit–especially when it came to digging up the advertising revenues necessary to justify its fantastical $15 billion valuation. There have been privacy issues with Facebook’s news-feed service, with its controversial Beacon advertising system, and with its terms of service, which granted popular applications access to far more personal user data than is necessary.

And now there’s another. A bug in permission restrictions in Facebook Groups allows members to upload content without first receiving permission from a Group admin. I know this firsthand, because over the past few days videos, photos and blog posts have been appearing on the All Things Digital Facebook Group, and neither Walt, Kara nor I–the only three people with admin privileges to the group–put them there (see screen below). Worse, while I was able to delete the photos and blog posts, I was unable to pull the videos off the page. There was no mechanism to remove them.

Worse still, the bug that makes this possible is not specific to the All Things Digital Facebook Group alone. It affects all Facebook Groups, site-wide.

We alerted Facebook to the issue and the company quickly identified the bug. Said spokesperson Brandee Barker: “Engineering has pushed out a fix that should go site wide shortly.”

UPDATE: Facebook engineers fixed the permissions bug, and we were able to remove the rogue videos from our page.

The controversy over Facebook’s Beacon advertising system may have been laid to rest last December, but its memory lingers on.

Today brings news of the first lawsuit over the service and, oddly enough, it wasn’t filed against Facebook. It was filed against Blockbuster. Facebook member Cathryn Elaine Harris is suing the video chain Blockbuster (BBI) for its participation in the Beacon program. Her complaint alleges that Blockbuster violated the federal Videotape Privacy Protection Act when it shared information about her movie rentals and sales with Facebook without her consent. It seeks class action status and $2,500 for each violation of the 1988 statute.

It’s been nary a month since Facebook CEO Mark Zuckerberg apologized for the social network’s first privacy scandal, and already the site seems poised to embark on its second.

According to a new study from the University of Virginia, many of Facebook’s most popular applications access far more personal user data than is necessary. From the study:

We performed a systematic review of the top 150 Facebook applications in October 2007 and examined their information needs. We found that 8.7% didn’t need any information; 82% used public data (name, network, list of friends); and only 9.3% needed private information (e.g., birthday). Since all of the applications are given full access to private data, this means that 90.7% of applications are being given more privileges than they need.”

And what sort of user data are we talking about here? Pretty much all of it, according to the company’s terms of service.

In order to allow you to use and participate in Platform Applications created by Developers (”Developer Applications”), Facebook may from time to time provide Developers access to the following information (collectively, the “Facebook Site Information”). … Examples of Facebook Site Information: your name, your profile picture, your gender, your birthday, your hometown location (city/state/country), your current location (city/state/country), your political view, your activities, your interests, your musical preferences, television shows in which you are interested, movies in which you are interested, books in which you are interested, your favorite quotes, the text of your “About Me” section, your relationship status, your dating interests, your relationship interests, your summer plans, your Facebook user network affiliations, your education history, your work history, your course information, copies of photos in your Facebook Site photo albums, metadata associated with your Facebook Site photo albums (e.g., time of upload, album name, comments on your photos, etc.), the total number of messages sent and/or received by you, the total number of unread messages in your Facebook in-box, the total number of “pokes” you have sent and/or received, the total number of wall posts on your Wall™, a list of user IDs mapped to your Facebook friends, your social timeline, and events associated with your Facebook profile.”

Quite a list–and one that the social network’s users could recall the next time Facebook asks them to agree to “allow this application to … know who I am and access my information” …

This morning Ask.com became the Internet’s least intrusive search engine. Too bad it’s also one of least used. Because with a 2.9% share of the search market, few are likely to pay much mind to the title.

That said, “AskEraser,” which allows users to delete their search queries and related data (IP address, user ID, session ID) from Ask’s servers, is a stride for consumer privacy on the Internet–especially in these days of Facebook Beacon and the AOL data Valdez. “Anywhere that you log into, anywhere where you put in personalized information, there should be a way–an easy way–to control how that information is used and retained,” Doug Leeds, Ask.com senior vice president, told The Wall Street Journal. “We are giving users the ability themselves to take control of their privacy.”

Well, some control, anyway. Ask.com recently signed a five-year sponsored search and advertising agreement with Google, so it sends user data to Google even in cases where it’s been deleted with the AskEraser function. So while Ask might not retain its users’ data, Google does. But then Google probably already had their data anyway, right?

So while AskEraser might be a nice gesture, it’s not really a grand victory for consumer anonymity on the Web. And because of that, critics say it’s not likely to be much of a selling point. “My gut tells me that basically it is not going to be a competitive advantage,” Larry Ponemon, chairman and founder of the Ponemon Institute, an independent research company, told the New York Times. “I think people will look at it and see it as a cool thing, and they may use it. But I don’t think it will be a market differentiator.”

What Facebook CEO Mark Zuckerberg lacks in foresight, he certainly makes up for in disingenuous hair-shirt remorse. After two weeks of hue and cry over Facebook’s month-old Beacon advertising system and its disregard for member privacy, Zuckerberg today apologized for the company’s misstep and announced some of the fundamental changes to Beacon that users have been calling for.

“Once every 100 years, the way that media works fundamentally changes,” Zuckerberg stated … (kidding ….)

“We simply did a bad job with this release, and I apologize for it,” he wrote. “…When we first thought of Beacon, our goal was to build a simple product to let people share information across sites with their friends. … At first we tried to make it very lightweight so people wouldn’t have to touch it for it to work. The problem with our initial approach of making it an opt-out system instead of opt-in was that if someone forgot to decline to share something, Beacon still went ahead and shared it with their friends. … It took us too long after people started contacting us to change the product so that users had to explicitly approve what they wanted to share. … Instead of acting quickly, we took too long to decide on the right solution. I’m not proud of the way we’ve handled this situation and I know we can do better.”

And the company is trying. Today it released a privacy control to turn off Beacon completely. Said Zuckerberg, “If you select that you don’t want to share some Beacon actions or if you turn off Beacon, then Facebook won’t store those actions even when partners send them to Facebook.”

That’s a pleasant assurance, but one that some say doesn’t go nearly far enough. “So essentially he’s saying the information transmitted won’t be stored but will perhaps be interpreted,” writes Om Malik. “Will this happen in real time? If that is the case, then the advertising ‘optimization’ that results from ‘transmissions’ is going to continue. Right! If they were making massive changes, one would have seen options like ‘Don’t allow any Web sites to send stories to Facebook’ or ‘Don’t track my actions outside of Facebook.’ ”

Facebook may be worth $15 billion after all–not in future advertising revenues (which are apparently suffering at the moment), but in future legal fees.

A CA security researcher reports that the
site’s controversial Beacon online ad system, which transforms member transactions on affiliate sites into product/service endorsements, collects information about member actions on affiliate sites even if they’ve opted out of Beacon and logged off from Facebook. Stefan Berteau, senior research engineer at CA’s Threat Research Group, explained how in a post to the CA Security Advisor Research Blog:

I created an account on epicurious.com and tried saving three recipes as favorites. The first recipe was saved while logged in to Facebook in the same browser session. An alert appeared allowing me to opt out of Facebook’s publishing this as a story on my feed, which I did. The second one was saved after I had closed the Facebook window but had not logged out or ended the browser session. The same alert appeared, and I opted out again, selecting ‘No thanks.’ I then closed the browser entirely and launched a new session. After confirming that I was not logged in to Facebook, I saved the third recipe. No alert appeared.

“I then checked the network traffic logs and was dismayed to find that in all three cases, data about where I was on Epicurious, what action I had just taken, and what my Facebook account name is [were] transmitted to Facebook. The first two cases involve the transmission of user data despite ‘No thanks’ having been selected on the opt-out dialog, and are causes for deep concern. They pale, however, in comparison to the third case, where Facebook was receiving data about my online habits while I was not logged in, and was doing so silently, without even alerting me to the cross-site communication.”

Unsettling, such data collection practices. Though Facebook, of course, claims they are all on the up-and-up and conducted with proper privacy safeguards. “When a Facebook user takes a Beacon-enabled action on a participating site, information is sent to Facebook in order for Facebook to operate Beacon technologically,” the company said in response to Berteau’s report. “If a Facebook user clicks ‘No, thanks’ on the partner-site notification, Facebook does not use the data and deletes it from its servers. Separately, before Facebook can determine whether the user is logged in, some data may be transferred from the participating site to Facebook. In those cases, Facebook does not associate the information with any individual user account, and deletes the data as well.”

(Photo via FSJ)