Have you noticed that you're now apparently eavesdropping on conversations that your Facebook friends are having with their friends who are not your friends? I've noticed this a couple of times recently, and it's quite uncomfortable, as I'm seeing conversations going back and forth which are clearly not designed for public consumption. What's causing it, and what can you do about it? I've been doing some digging and found a good explanation over at Sophos Naked Security. If what I say doesn't make sense, nip across there and try it a second time - as with anything Facebook, it gets complicated quite quickly and I'm not even sure that I've got my head around it properly.
The problem arises from the fact that there's a 'Friends of Friends' option when you post stuff - which you choose either explicitly, or which is set in your privacy settings. When you go to post a status update, check the following:
Before you post, check the box to the left of 'Post' and see what's in it. If you make something public then it really IS public, but we all know that, right? If your setting is Friends of Friends, then any of your friends friends can see what you're writing, and that could potentially be thousands of people. If you're posting from a list - that is to say, you've created a list of contacts and you're viewing that list, your post defaults to that list, rather than everyone. I think. You need to change the setting to just Friends.
Alternatively, or as well, you need to go to your Privacy option (top right) and choose to control your default privacy. You should see a page like this:
I have mine set to Custom, but that's just my choice. Click on Edit Settings for anything and everything and change as appropriate - pay particular attention to anything set to Friends of Friends or Public and consider changing them to Friends. You CANNOT affect the eavesdropping effect on other people if they have set privacy to Friends of Friends. You can only affect YOUR settings. If you find that you're listening in on other conversations that you'd rather not, I'd suggest a gentle comment to say that the discussion is actually semi public, and was that intentional?
If you're reading this and having an OMG moment because you realise that you've made something public that you really shouldn't have done, there is a solution. Scroll further down the privacy listing and you'll see this:
Click on the link and you'll be able to manage visibility. However (with Facebook there is always a caveat!) this will affect ALL of your old posts. The only other approach is to go back to the conversation and change the privacy on each posting. Simply click on the link in the top right hand corner thus:
Are you confused yet? If you are, well, that's because that's how Facebook wants you to be. The simple answer is to change ALL your privacy settings to Friends. And tell all your friends to do the same thing. What Sophos are suggesting is to post the following to your status: "If you don't want your actions broadcast to everyone via the news ticker/News Feed please set your privacy to 'Friends' and ask your friends to do the same."
Now, you may think that you've already taken care of the problem if you've posted this to your status:
"Please do me a favor and move your mouse over my name here, wait for the box to load and then move your mouse over the "Subscribe" link. Then uncheck the "Comments and Likes". I would really rather that my comments on friends and families posts not be made public, thank You! Then re-post this if you don't want your every single move posted on the right side in the "Ticker Box" for everyone to see!"
Unfortunately, this doesn't work. It looks as though it has, but it hasn't. As Sophos say "This option stops you seeing when other people have broadcast a message to a wide audience. It does *not* stop your actions being broadcast by your friends!"
So - remember - not 'Friends of Friends' - change everything to 'Friends'.
We're not done yet I'm afraid. Now, you may be surprised to wander onto a webpage and see that one of your friends has liked it. How does that webpage know? After all, you don't have Facebook open in a tab do you? Unless you SPECIFICALLY log out of Facebook, you're still logged in. Closing the tab, closing the window, turning your browser off and on doesn't do it. You have to choose to LOGOUT of Facebook. However, that used to work. It doesn't any longer. An Australian techie has discovered that Facebook is tracking you, even if you DO log out. rather than deleting its tracking cookies, the site merely modifies them, maintaining account information and other unique tokens that can be used to identify you.(More on this story at http://www.smh.com.au/technology/technology-news/facebook-tracks-you-even-after-logging-out-20110926-1ksfk.html#ixzz1Z9AnZPEr)
So, if you visit a webpage that has a Facebook button or widget on it - it will know who you are, and is sending data back to Facebook. This builds on the concept that I mentioned the other day when talking about the passive sharing of information, only they've taken it to an extreme and in my opinion entirely unethical stage. The only way that you can get around this is to delete every Facebook cookie on your browser AND then to use another browser just to look at your Facebook stuff, and nothing else.
Welcome to 1984, just a few years too late.