Facebook again taken to task on user security

Facebook today was reprimanded by a coalition of ten privacy groups, which urged the popular social-networking site to close several outstanding security loopholes. For Facebook, it's déjà vu all over again.

Facebook has come under fire by a coalition of privacy groups, which say Facebook is still not doing enough to protect users. In May, Facebook greatly simplified its security settings – a move widely seen as a concession to a growing wave of anger over Facebook's security policies.

And Facebook thought the worst was already over.

On Thursday, a group of ten privacy groups, including the ACLU of Northern California and the Electronic Frontier Foundation, sent an open letter to Facebook, asking the site to close several outstanding security loopholes. The letter comes weeks after Facebook simplified its security settings, in an attempt to pacify thousands of critics, who claimed Facebook was carelessly exposing user information.

The open letter includes a range of suggestions, according to Information Week. Chief among them: Give users more control over in-site applications. "One issue that must be resolved is the 'app gap': the fact that applications and web sites that use the Facebook Platform can access a user's information if that user's friend – and not the user herself – runs the app or connects with the site," the letter says.

Facebook should also require users to opt-in before they share their profile photo, name, and network affiliations, the coalition argues. Facebook currently makes that information public, and requires users to flip a handful of switches to hide their profile information.

"We are glad to see that Facebook has taken steps in the past weeks to address some of its outstanding privacy problems," the letter says. "However, we are writing to urge you to continue to demonstrate your commitment to the principle of giving users control over how and with whom they share by taking these additional steps."

This isn't the first group to slam Facebook on privacy grounds. Earlier this year, the Article 29 Working Party, a group of European data protection authorities, weighed in on Facebook's "Open Graph" proposal, which greatly expands the reach of Facebook, but also potentially publicizes information that many users would rather keep private. The Article 29 Working Party said Facebook's security policy was legally "unacceptable."

But in late May, Facebook simplified its security settings, making it easier for users to control how much content – including wall posts, "likes," and photographs – is visible to the public. The one-size-fits-all switches were meant to be an olive branch to Facebook critics, including the European commission.

"The number-one thing we've heard is that there just needs to be a simpler way to control your information," Facebook CEO Mark Zuckerberg wrote at the time. "We've always offered a lot of controls, but if you find them too hard to use then you won't feel like you have control. Unless you feel in control, then you won't be comfortable sharing and our service will be less useful for you. We agree we need to improve this."

Related: Why you won't quit Facebook

You've read  of  free articles. Subscribe to continue.