Facebook Privacy…. Not!

There have been a few posts bouncing around Facebook related to privacy and your Facebook data.   With that being said, I thought I would spend a few minutes and discuss online privacy and Facebook privacy in particular.

Here is an example of one of the posts:

As of today, Facebook will automatically index all your info on Google, which allows everyone to view it. To change this option, go to Settings –> Privacy Settings –> Search –> then UN-CLICK the box that says ‘Allow indexing’. Facebook kept this one quiet. Copy and paste onto your status for all your friends ASAP …..

To which Facebook responded:

There have been misleading rumors recently about Facebook indexing all your information on Google. This is not true. Facebook created public search listings in 2007 to enable people to search for your name and see a link to your Facebook profile. They will still only see a basic set of information.

Let me start by saying that I believe that Facebook is being pretty diligent in their attempts to keep our data private.  They give us MANY privacy settings and they seem to do a pretty good job enforcing those settings (to both other users AND search engines like Google).   However, you need to understand that if you mark any part of your data PUBLIC, it’s not really Facebook’s problem if that data is indexed by Google or whoever.

Now for the gory details.  In the quote above it states that “Facebook is going to allow Google” to access your data.  In truth it’s a bit more complicated than that.  You really have to have a basic understanding of how search engines work to realize just how difficult Facebook’s job is.

Consider for instance that you have your photo gallery set to public but you have your profile set to private.  People can’t get to any of your data…. Right?   Not quite, you marked your photo’s public so they are public, fortunately most people (and search engines) won’t be able to get to them because they don’t know where to look.  However, as soon  as one of your friends (who has their profile marked public) links to one of your pictures the horse is out of the barn.  Google now knows HOW to find one picture in your gallery and can back track to the album that picture is in and then back to a list of all of your albums.  Now all of your pictures are truly PUBLIC!

So, how does Facebook keep your PUBLIC data from being indexed?  Well, there are 3 basic ways that any web site can block being indexed by any search engine:

  1. Robots.Txt – this is a file that can be put on the web site asking the search engine nicely NOT to index certain parts.  This is the most common method of blocking indexing but it only works if the search bot obeys the request.  Google is a good net citizen and does obey the robots.txt file, other engines are not so nice and simply ignore it.
  2. Block the engine based on name provided by the bot.  For instance, you can block all connections that say that they are GoogleBot (not the real name, but you get the point).  Again, this is only as good as the search engine – if a search engine really want’s to index you, they can say they are Internet Explorer and few sites will block them.
  3. The last method is to block by IP address.  This works as long as you KNOW the IP addresses the bot uses to crawl your site.  Again, if a search engine really wants to index your stuff, they can simply use different IP addresses and the only way a site owner can block them is to manually block the IP addresses they THINK are from the search engine AFTER they identify them.

What this means is IF there is a search engine that wants to index Facebook, there is really little that Facebook can do to keep them from indexing your PUBLIC information (remember, Facebook doesn’t present private info, so even if the search engine avoids all 3 of the above measures it still won’t be able to index your private info).  Basically, if you mark anything PUBLIC, you need to assume that it’s going to be indexed!  Short answer, now would be a REALLY good time to review all of your privacy settings on Facebook (and other sites) to make sure that you know exactly what could be indexed.

Here are a few other posts with additional info on Facebook security:

Oh, and on a slightly different note, I just saw a follow up to the first message making a bit of fun of us all for getting upset by this bit of human engineering:

If you don’t know, as of today, Facebook will automatically start plunging the Earth into the Sun. To change this option, go to Settings –> Planetary Settings –> Trajectory then UN-CLICK the box that says ‘Apocalypse.’ Facebook kept this one quiet. Copy and paste onto your status for all to see.

It’s good to know that someone still has a sense of humor about all this stuff.  🙂

Leave a Reply

Your email address will not be published. Required fields are marked *