Acclaimed US technology writer Steven Levy starts his long-form history of Facebook's newest product—Graph Search—by describing it as a feature that “promises to transform its user experience, threaten its competitors, and torment privacy activists.” Though it takes quite a lot to torment us these days, Graph Search does raise a few eyebrows.
The new feature allows users to structure searches that can filter through friends, friends of friends, and the general public. Now one can more easily search for “My friends who like Global Voices” or “People who like Human Rights Watch.” Facebook then returns a list of individuals whose public or shared aspects of their profile match the search terms.
All of a sudden, what people once thought was shared only with their Facebook audience—whether friends, friends of friends, or member of the public with a specific reason to look you up—is now readily available via Graph Search.
There's nothing inherently wrong with being able to look at information that is either public or that users have chosen to share. But there's a difference between posting information for anyone to find and posting information to be searched and sorted. Graph Search allows strangers — anyone from casual acquaintances to government actors — to discover information about you that you may not have intended them to find.
There's a difference between posting information for anyone to find and posting information to be searched and sorted. If you walk down a crowded public street, you are probably seen by dozens of people—but it would still feel creepy for anyone to be able to look up a list of every road you've walked down. This is why Google Street View, for example, obscures the identity of people photographed on public streets, even though the information was not private or secret.
Facebook's Graph Search presents the problem of “discoverability.” One can have a good balance of privacy and openness if information is available, but not easily discoverable. Consider a blogger who writes political criticism. She might not mind if her followers were to search her Facebook “likes,” but she probably wouldn't want a government person to do the same thing. This feature has rolled everyone, by default, into a dating service, a marketing database, and a trove of valuable easily searchable by government actors and other individuals with unfriendly motives.
Your privacy…in the hands of “Friends”
By adjusting your privacy settings, you can help prevent your information from appearing in searches run by strangers and protect your friends from showing up in results. But even when you've set all your settings to “Friends” only, you can still appear in strangers’ search results.
Some unwanted search results are through your associations with—and are therefore solely controlled by—your friends and family. This violates the principle of control of the Bill of Privacy Rights for social network users. EFF urges Facebook to fix the problem by letting people opt out.
On Actual Facebook Graph Searches, blogger Tom Scott has compiled a number of unnerving—and in some cases, humorous—examples of Graph Searches.
A few stood out to us:
- Family members of people who live in China and like Falun Gong
- Islamic men who are interested in men who live in Tehran, Iran
- Mothers of Catholics from Italy who like Durex
These Graph Search results provide, as security expert Bruce Schneier has labeled them, “incidental data”—data about or associated with you that other people post. The issue lies in the fact that the people who show up in such search results have no setting that will allow them to control when these data appear. As Facebook explained in a recent blog post, “You control who can see your friend lists, [but] your friends control who can see their friend lists.”
Facebook's answer to this dilemma is for you to take it up with your friends. On Facebook's Graph Search privacy FAQ, it says, “If you're concerned about people searching for info about your friends, you can ask your friends to limit who can see their friends list as well.”
This is not a solution. First, you have no way of knowing your friends’ settings—whether they publicly share their Likes, Friend lists, or any other of the myriad pieces of information on a Facebook profile. Second, you have no easy way of dissociating with your friends and relationships. No way, that is, except to unfriend them, and that hardly seems like a solution to this problem.
Tom Scott's Falun Gong example is a good hypothetical. If you and your family live in China, and sister appears on your “Relationships” list. You have the ability to make that relationship status as private as you'd like (e.g., visible only to friends); however, your sister could make it visible to the public. You may never know that sometime down the line she decides to publicly “like” Falun Gong—and never have the opportunity to “ask your friends to limit who can see their friends list.” The first notice that your friends’ setting are too public should not be a knock on the door by the secret police.
This is a fundamental privacy issue. Before Graph Search, it was impractical and time-consuming to look through profile after profile to find the people who meet certain criteria—even if the information were set to public. If you tried to automate the search, you would run afoul of Facebook's anti-scraping defenses. Now that the search functionality is so easy, there is nothing you alone can do to stop it.
So how do you fix this problem? The obvious solution is to allow users to opt out of Graph Search results. There is no way of knowing what search queries lead to you as a result, and working to ensure that each of your friends uses the same privacy settings you do can quickly become futile.
Perhaps Facebook should also let you choose whose search results you show up in. Already you have fine control over individual pieces of information about you—your phone number could be visible to only your friends, but your listed websites could be made public. Why not extend this control to search results? Facebook's privacy settings already has a “Who can look me up?” section. Unfortunately the offered settings don't quite answer this question the way you think they might.
As Facebook's Graph Search develops, it will be a wake-up call, encouraging people to examine—and rein in—their privacy settings. On Facebook, things are more available by default than people may think. But even beyond specifically public settings, actions and photos that were once hard to find after some time had passed, are now more easily discoverable by strangers with loose ties. This may force us to reassess what we actually think is private and what is not.