Facebook-Focused Study Finds Existing Privacy Settings 'Fundamentally Flawed'

Existing approaches to online privacy are “fundamentally flawed and cannot be fixed,” a Columbia University study examining the efficacy of social networks’ privacy settings concluded.

According to the researchers, more effective privacy mechanisms would take their cues from how people use social networking sites and enable users to adjust what they share based on the information a post contains, rather than according to the type of data it represents.

The research, which tracked the Facebook use of 65 students ages 18 to 25, found that 100 percent of the participants were sharing personal information online in ways they had not intended.

Though 95 percent of the participants were initially confident their online privacy settings "matched their attitude toward privacy," all 65 wound up reporting sharing violations -- meaning personal data they wished to hide was public or information they wished to share was hidden.

Eighty-four percent of the participants discovered their privacy settings mistakenly concealed details they had meant to disclose, whereas 93.8 percent realized they were revealing information they had wanted to cover up.

Nearly all of the respondents said they had never been negatively affected by these sharing slip-ups, however.

The participants described online privacy as a key way of defending against threats to their social, economic and physical well-being. Concern over physical safety was the most commonly cited explanation for hiding personal information on Facebook, yet when asked about the most important reason for online privacy, 49 percent cited protecting their reputation, 38 percent said it was necessary to safeguard against identity theft and other economic risks and just 12 percent pointed to threats to their security.

The study also suggests that media coverage of Facebook’s privacy issues in particular is changing how members use the social networking site. Less than a third of the participants said their "privacy behavior" on Facebook had not been at all affected by reports on the company's practices, while a full two thirds said they had checked — but not changed — their privacy settings following news reports, adding that they planned to “become more selective regarding future information shared on Facebook.”

Given what appears to be a disconnect between privacy practices and privacy perceptions, the researchers encouraged Facebook to add new privacy tools that would allow users to hide categories of information, rather than types of information.

Currently, Facebook’s privacy settings enable members to control how certain forms of data, such as photos or wall posts, can be viewed by different groups. Instead, the researchers say, Facebook should enable users to hide specific categories of information, from alcohol references to posts of a sexual nature. "For example, in the case of Facebook Places, if a user wishes to hide alcohol related information from everyone, it is reasonable to conclude that all location check-ins at a bar should be hidden from everyone,” the report stated. "The study had success in automatically identifying information categories using a primitive text search algorithm. More advanced approaches such as machine learning, natural language processing, or image analysis techniques may address the liberal nature of the algorithm and drastically improve usability for configuring privacy settings on existing and future Facebook data."

The researchers also suggested Facebook should regularly conduct its own studies to "evaluate their privacy mechanisms, especially as new features are introduced."