The slacker's guide to Facebook privacy

The settings keep changing, but if you'll take even a minute to check some things, you can make yourself safer.

By Mar 13, 2014 1:45PM
This post comes from Bob Sullivan at partner site on MSN MoneyIf you are really concerned about privacy, then you probably shouldn't use Facebook. But if you are like a billion people on the planet, you've decided that Facebook's tradeoff between sharing and privacy is worth it. That's certainly reasonable.  Plenty of non-Facebookers today complain that they miss out on a lot of social activity -- from spontaneous happy hours to wedding announcements. So if you are a Facebook user, is there a safer way to use the tool?

Social Networking Website © Steve Meddle/REX
As a privacy expert I get this question all the time: Are there two or three things I should do to make my Facebook account safer?

Like any thoughtful technology writer, I never offer such advice without layering on the caveats, so here goes. The most irritating thing about Facebook is the way the service keeps changing its tools and its rules. I've doled out Facebook privacy advice before, and each time I look at what I've said six to 12 months earlier, I find it's pretty out of date. 

Frustrated by that, I went to a much better expert than I -- Graham Cluley, a longtime security researcher at Sophos who now runs his British-based company. Here's what he told me:

"I wrote (privacy guides) for Sophos in the past, but gave up a few years ago as it was SO hard to keep updated. (Facebook) changes their settings so much," he said. "They love pulling the carpet from underneath folks."

Steered by this reality, I will not offer a lot of granular Facebook privacy advice in this column. There is a very good, very detailed instruction kit available from Sophos, but I warn you -- you’ll lose half your day following its advice.

Instead, I'm going to make you aware of three Facebook paradigms that threaten to nudge you in directions you might not want to go, while offering you three steps you can take in the next 60 seconds to make yourself safer.

1. Understand your past

We tend to think of losing privacy as a single, embarrassing moment. A private message made public. A photo accidentally shared.  But in truth, privacy melts slowly over time, like snow in February.  I mean this: Sure, it matters little that Facebook knows you logged in from this Starbucks or that hotel on any particular day.  It matters a lot that Facebook knows you log in from the same Starbucks at 1:15 every afternoon, except on some Fridays when you are probably sneaking out of work early.  Think an employment background company won't want to know that someday, and sell it to a potential employer? It’s not the data, it’s the Big Data, that hurts your privacy.

So it's always revealing to see everything that Facebook knows about you in one fell swoop, and keep that in mind whenever you use the tool.

Right now: You can see most of what Facebook knows via a single click. Glance up at your cover photo or pick the settings button on the right and click on "Activity Log."  Here, you'll see everything you've ever liked, all photos you've been tagged in, etc.  Take a minute to scroll through this collection of data about you. If you have a lot more than a minute, you can click through each item, one by one, and change the audience for these things -- make some only viewable by friends, for example, or hide them from all other Facebook users. 

There is a capability to delete or unlike some items, too, but don't get too excited. Un-liking a "like" doesn't mean Facebook removes you from its databases.

2. Don't accidentally disclose your location

As Facebook users migrate to mobile devices, it’s becoming critical that you understand the differences among using Facebook on each platform. Facebook users generally don't like disclosing their location to others; that became obvious when Facebook pushed its "check in here" feature hard, and users pushed back. So Facebook has now opted for more passive location-disclosing technologies. Desktop users often see a city name next to the box where they type in updates or private messages. The city name is a pretty good context clue that you are about to tell people where you are, and you can click to avoid the disclosure.

On mobile phones, however, the clue is much more subtle, and it's EASY to accidentally reveal location data. On many devices, Facebook places a tiny arrow next to text you are about to enter (designed to evoke a compass) that is either gray or blue. If it's blue, you are revealing your location. Facebook even offers the recipient of messages a handy map showing where you are. Yuck.

I've seen plenty of reports from users who think they've disabled location data in other places discover they are enabling location on messages, suggesting this little arrow is easy to accidentally click, or its default setting is too information-sharing friendly

Right now: Pull up a Facebook message dialog box on a mobile phone and if you see a location arrow, make sure it is gray. It should stay gray going forward, unless you accidentally brush it, so make sure you notice it each time you use the service.

Bonus right now: iPhones allow users to disable location services at the app level using the phone's settings menu. Just go to settings/privacy/location services and make sure Facebook isn't selected.

3. Don't accidentally tell advertisers what you're doing

Consumers don't like telling corporations where they are or what they are doing, but it happens constantly. Remember, if you aren't paying for the product, you are the product, and nowhere is that saying more true than on Facebook's "free" service. To make money, the company needs to sell you to other companies.

Right now: Facebook has a pretty simple advertising tab that you should click on and declare your preferences.  This link should get you there. Or, from the desktop app, you get there by clicking on settings and ads, then selecting “edit” next to each item. The notices are wordy, but your best choice is simple. Just pick "No one" from the available drop down menus.  The immediate impact? Your name or likeness won't appear in Facebook ads shown to your friends.

More from


Mar 13, 2014 8:55PM
I'm so glad I never signed up for Facebook, Twitter, etc. (I tend to call those kind of websites 'Who gives a rat's a$$' sites anyway) Face-to-face is so much better. 
Of course, I don't have a cell-phone, either. If I need to call someone, I can just wait until I get home. And if someone needs to get in contact with me, they can leave a message - I'll call them back when I get home. 
Mar 13, 2014 4:28PM
I have far more important thing to do then being in fb.
Mar 13, 2014 4:47PM
This article could have started and ended with the opening sentence.  If you want privacy, stay off Facebook and all other "social networking" sites.  If you want to "socially network" then get out and meet people face to face!
Mar 23, 2014 11:31AM
Face Book: One very small level above reality TV shows.
Mar 23, 2014 4:14PM
My guide to Facebook privacy.......never use Facebook.
Mar 23, 2014 8:58AM

The required use of "Facebook" was how The Huffington Post  F-I-N-A-L-L-Y succeeded to force me off their extreme LIBERAL VIEWS ONLY website. GOT TO ADMIT, I do miss posting my comments on their site. Now I don't get see my mailbox fill-up with incoming messages from angry lib-tards I gleefully irritated.





Mar 23, 2014 10:20AM
Never did understand why a word like privacy is associated with words like "social" and "network".
Mar 23, 2014 5:43PM
Don't join Facebook plain and simple!
Mar 23, 2014 9:54AM
Here's reality: "Thinking people don't use Facebook." -Doktor Thomas™, 2009.
Mar 23, 2014 8:22AM
and all this BS is why I very seldom go on Facebook.  I have more important things to do in life than babysit a Facebook account!  Yes, I know I miss things but that is the tradeoff.
Mar 23, 2014 5:00PM
Mar 23, 2014 2:20PM
I am an executive who does not want any employer looking at my Facebook page.  If I don't have one, don't need to worry.  Can't give then a password if I have no account, right?  In the past I had "stalkers" and changed my "name" several times. Also I do not want the NSA following me around and looking for anything to "target" me.   Not worth the effort especially since there are better alternatives out there. 
Mar 23, 2014 8:31PM
Facebook privacy is very simple, just don't join Facebook.  Problem solved.  If you can't live without, Facebook your too far gone anyway.
Mar 23, 2014 9:40PM

One sure way for privacy is NOT using Facebook.......Which I don't.

The world doesn't need to know my personal business, and neither do my friends. LOL

Mar 23, 2014 9:43PM
I have no Facebook account because......I have no friends and I hate everyone!  Very simple! 
Mar 23, 2014 9:34PM
No Facebook Account = Peace and Privacy. 
Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates theCode of Conductplease use this form to notify the moderators. They will investigate your report and take appropriate action. If necessary, they report all illegal activity to the proper authorities.
100 character limit
Are you sure you want to delete this comment?


Copyright © 2014 Microsoft. All rights reserved.

Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.