Tag - privacy

What every Facebook user should know about Facebook Marketplace and privacy

What should you know about Facebook Marketplace and privacy? The short form is, you don’t have any by default.

I was idly browsing Facebook Marketplace early this morning when a message popped up from a friend:

Send me the info as I don’t want an auto app on Facebook 🙂

My first reaction
What the heck?!? How did you know I was browsing an item for sale on Facebook Marketplace?

My next reaction
When I read the context, I wondered: why the heck did Facebook post a status update for me on an item I was browsing? Without my permission? Without asking me? Without alerting me?

Here’s the conversation that ensued:

It does, actually make sense
The answer of course, is that at some point, perhaps months or longer ago, I authorized Facebook Marketplace to do all kinds of things on my behalf.

These sorts of things:

Facebook Marketplace permissions and privacy settings

So … what’s the problem?
The only problem: I had totally forgot about that.

Worse, I had no idea when authorizing Facebook Marketplace to do all those things that it would post to my timeline when I was just surfing a listing! My assumption was that it would post to my timeline when I posted an item for sale … which I did recently.

Lessons learned
There’s a few lessons learned from this episode …

5 lessons for users:

  1. Don’t assume
    I’m tech-savvy, build websites, and run marketing campaigns on Facebook, Twitter, Google AdWords, and multiple other places. But … I shouldn’t assume that how I THINK a Facebook app is going to use the powers I grant it is how it will ACTUALLY use them.

  2. Grant minimum privileges
    Don’t let an app do more than it needs to do, to get done what you want to accomplish. That may mean revisiting its privileges after enabling (since you cannot currently be granular about WHICH privileges you want to grant an app, when enabling it).

  3. Don’t install Facebook apps …
    … unless you absolutely have to. Why? Because they have access to your information and your status update and your friends and many more things … and they won’t always do only what you want or expect.

  4. Review occasionally
    Once every month or so, go over the list of apps you’ve enabled on Facebook. You’ll be shocked at what you’ve allowed. Trim as needed.

  5. Be careful what you visit
    Someone is always watching 🙂

3 lessons for marketers:

  1. Don’t require too much
    Go back and check what my friend says in the chat stream. He won’t visit the marketplace because he refused to install the app, which wants more privileges than he wants to grant. So limit the privileges to an absolute minimum. And, be certain you must have an app.

  2. Don’t do unexpected things
    You cross the creepy line when you do more than your users expect. And crossing the creepy line is bad for your business long-term.

  3. Inform users about what you’re doing
    If you’re going to share something, let them know! Give them a chance to reject it. Messages that they accept are going to be much more powerful, and you won’t alienate your users over time.

. . .
. . .


On a related issue, this is why I haven’t (knowingly) installed any apps that autoshare based on activity. For me, it crosses the creepy line when you auto-share for a user that he or she visited a page or looked at an item or listened to a song. Perhaps even more dangerously for the social fabric of the web, it divorces sharing from conscious choice … robbing it of curation and value. This is why I don’t install the Yahoo! app, which autoshares stories its users read. It’s creepy, it’s oversharing, and it’s robotic.

Social media & privacy: Facebook's "basic" is not my basic

Facebook and I have very different definitions of the word “basic.” To me basic means simple, quick, not too detailed. To Facebook, I think basic means more – a lot more.

I’m pretty promiscuous on social networks like Twitter and Flickr … I’ll follow and add just about anyone as a contact or friend. But Facebook is for friends and family, so I’m quite a bit more selective about who I friend.

And I’m also pretty particular about connecting apps on Facebook … especially when they want to access my “basic” information and it includes:

  • my name
  • my profile picture
  • my gender (I think they mean sex but gender sounds more polite)
  • my networks
  • my user ID
  • my list of friends
  • any any other information I’ve shared with everyone

Realistically, much of this is available by simple web searching and scraping. Practically, however, it’s non-trivial to assemble all of this in an actionable, usable, constantly updated manner … unless I connect to an app or brand on Facebook and allow it.

But is this really “basic?”

To me, basic might mean my name, my gender, things I’ve “liked” on Facebook … and maybe a few others. But does it really include ALL my friends, ALL my status updates, and ALL my other information that I’ve shared to my private, personal network on Facebook?

I don’t think so.