It seems that Facebook enabled it’s new Graph search feature on my account recently. This reminded me that a few weeks ago Help Net Security asked me to comment on Graph and its implications. Although they only used a portion of what I wrote, as expected, I thought I’d share my full writeup here. And if anyone else needs a comment for a story or announcement, feel free to hit me up via our Contact Us form or on Twitter at @grecs.
As with any new technology Facebook Graph is a double-edged sword that people can use for either good or evil purposes. On the bright side this filtering-based search engine allows users gain more insight into their established networks that they can use for strengthening their friendships. On the dark side however Graph obviously introduces huge privacy implications for those lax about their security settings and friend-accept thresholds. Not only could it be used by “friends” to stumble across previously obscured embarrassing moments but it could turn out to be a stalkers dream tool.
Harvesting this information prior to Facebook Graph would have involved hours to days to weeks of painstakingly manual reviews. Additionally, the data would soon become dated and require periodic rescanning. Scripting could help automate some of this activity however this is often a difficult task due to Facebook’s dynamic environment. Now with the advent of Facebook Graph anyone can instantly discover the goods within seconds.
So how do you protect yourself? With a properly configured and locked down profile, Facebook Graph really isn’t that big of a deal. The real problem is how Facebook continually opens up your profile to more and more people without telling you (e.g., I just discovered my new posts are now public instead of my previous choice of Friends of Friends while researching this topic). And unfortunately there is no silver bullet for limiting how profile information is exposed … besides maybe closing your account.
But if you don’t want to take the drastic of a step of closing your account, Facebook unfortunately does not offer an easy on/off switch for enabling or disabling searches on profiles. Users instead have to navigate the clusterf*ck of pages that make up their privacy and security settings and configure each option individually. And the options do not even specify “searchability” but rather just the traditional limitation of who can see that data (e.g., Only Me, Friends, Friends-of-Friends). So you may also need to trim your Friends list down as well if your friend-accept threshold is lower.
All this gets back to the best advice of all … assume that anything you write on Facebook could end up on the frontpage of the Washington Post and craft your postings accordingly. For those interested in more information on privacy and Facebook Graph, the EFF has a great article that explains all the intricacies.
Is Facebook Graph a useful tool to learn more about your friends … or is it a privacy disaster waiting to happen? Let us know in the comments below. Today’s post pic is from Forbes.com. See ya!