Despite putting effort into revamping its privacy settings and attempting to get all its users to confirm what they’re sharing with other people, the social networking giant just can’t catch a break on privacy issues: a glitch yesterday had the site sharing chats and private account information with a user’s friends, and now some users are finding that Facebook has silently installed applications into users profiles without their knowledge or consent. The problems highlight a growing sense of frustration with the social networking service, whose founder as famously declared privacy is no longer a social norm and is aiming to convert Facebook’s near ubiquity into an always-on, social Web experience.
The glitch that exposed private account information to friends apparently only lasted a few hours, but has not detailed how many accounts may have been impacted. The problem let a user’s Facebook friends see private chat messages and pending friend requests, although the information was only exposed using a particular profile previewing method and was not accessible as a default part of the Facebook interface. Facebook temporarily disabled the chat function to eliminate the visibility of private chats, and quickly rolled out a fix to re-instate the confidentiality of friend requests.
Applications that are silently installed in a user’s profile have even fewer explanations: some sites that use Facebook Connect APIs—including major media sites like The Washington Post and CNet—can apparently have applications silently installed in a Facebook user’s profile when that user visits their site or services. The applications do not appear on a user’s profile page, but are available via Facebook’s applications settings, where users can also see which of their friends have the application installed—and that, in turn, may reveal more about Web browsing habits than a user had intended to share. Facebook’s controls to opt out of “Instant Personalization” do not stop these applications from being installed in user accounts. Users can delete the applications from their profile, but they will re-appear automatically if the users visits a participating site without first logging out of Facebook.
The privacy glitch and silent application installs come at a tense time for the social networking company, which is now at the center of a broader industry debate about how personal information and data is collected by social networking and media metrics companies, how that data can be accessed by other Internet users, and how it is shared with partners and marketers.