10 Ways Facebook Can Improve Privacy and Security

By Don Reisinger  |  Posted 2010-05-24

10 Ways Facebook Can Improve Privacy and Security

Facebook is in a world of danger. The world's largest social network has been facing increased pressure from privacy advocates, legislators and its users over what some see as an unacceptably weak level of privacy and security on the site.

Facebook CEO Mark Zuckerberg said recently he understands what the critics are saying and plans to improve the company's privacy settings to make them easier to use. The CEO said in a recent e-mail exchange with well-known tech blogger Robert Scoble his company has "made a bunch of mistakes," and he plans on correcting them. But it won't be easy.

Users are growing increasingly concerned about the overall security of the site and the privacy of their personal data. Although Facebook says it wants to do everything it can to safeguard users, it also has to remember its business model, which relies on the free exchange of personal information. That said, something needs to be done.

For too long now, people have been criticizing Facebook for its seeming willingness to share as much information as users will allow. All that needs to stop now. Facebook has a responsibility to keep user data safe and private. And it needs to remember that.

Here are 10 things that Facebook must do to increase user privacy and security.

1. Listen to users

Facebook needs to spend more time listening to its users. Although the company realizes that it can't always give in to users' demands, it also needs to realize that the users need to be happy with the way things are going. That can only happen if it starts listening to what the users want. They don't want to have to deal with complicated privacy settings. They also don't want to have to worry about security when talking to friends. If Facebook started listening to its users more often, it would have a much easier time running its business.

2. Ads aren't everything

Part of the reason Facebook is facing all this trouble today is its desire to increase its bottom line through advertising. The company fully understands that the more open profile information is, the easier it is to attract advertisers that want to target a specific portion of its user base. Although that's entirely understandable, it's also starting to come back and bite Facebook. Advertising revenue can still be a key component in its revenue, but it can't dedicate its operation to that. Facebook Credits could be even bigger for the company and that feature doesn't inherently call Facebook's privacy and security settings into question. Look beyond ads, Facebook. It's safer that way.

3. Third-party partners can't always be trusted

Facebook has started sharing profile information with some of its third-party partners. Several privacy advocates have railed against this policy, saying that type of transfer of personal information isn't helping users in any way. They make a solid point. If Facebook is truly dedicated to increasing the privacy of its social network, it can't simply trust that the information it shares with third parties will be handled responsibly. That's not to say that third parties can never be trusted. But as consumers have learned time and again, the more companies that have their hands on a user's information, the worse it could potentially be for that user.

4. No users means no money

Facebook is in a dangerous position. The more the company alienates its user base, the more uncertain its future becomes. It can't forget that Facebook won't exist without users communicating with friends. Recently, a group was formed that plans to "quit" Facebook by the end of May if things don't get better on the site. So far, more than 10,000 folks have signed up. Granted, that's not a huge number, considering Facebook has 400 million active users. But it could be the start of something much bigger. Facebook should be concerned about its future. And it needs to realize that making users happy should be its first step.

What Facebook Needs to Remember

5. Make things easier for users

Currently, Facebook's privacy features are quite good. They allow users to control almost every facet of their profiles, including who can see the content they or others share with friends. But they're too difficult for the average, novice Web user to find. And when they finally find those settings, there isn't enough information to help users adequately determine what to do with each setting. That could be a serious problem. Facebook needs to work hard at making its privacy settings more available and much easier to use. That will not only give its users more options, it will get back the political capital Facebook has lost over these past several months.

6. Establish a quick-response security team

One of the first things Facebook should do is establish a quick-response security team. Although the company currently has security teams in place, it needs to come up with a top-notch team of professionals that are constantly sniffing out issues across the social network, such as searching for phishing scams and for malware that has found its way onto the site. If Facebook can demonstrate to users that it's serious about security and has a quick-response team in place to limit the impact of potential privacy breaches, it could significantly improve its chances of regaining user trust.

7. Start educating users
This one won't be easy, but it's necessary. Facebook needs to do a better job of educating people on the dangers of using social networks. It also needs to help users understand how they can improve their own security and privacy. Admittedly, it will be tough for Facebook to do that. But it needs to try. Educating users is an extremely important step for a company that's trying desperately to look like the good guy in the security and privacy battle. If it can make the point that it's attempting to educate users to help them find problems before they wreak havoc on their own computers, it might be able to keep from alienating its core base.

8. Make privacy and security controls more business-friendly

Consumers might not care about how Facebook's privacy and security controls affect corporations, but the enterprise certainly does. Nowadays, more and more people are accessing social networking sites from the office. Although they don't see the dangers of that, the IT staff does. It's a constant struggle for IT professionals to stay ahead of social network use. But if Facebook added security controls designed specifically for IT administrators to use in their operations, that would change everything. Not only would it make users who want to be able to access social networks at work happy, it would make it easier for companies to safeguard their networks if trouble erupts on the site.

9. Make security a community project

Facebook should tap into the knowledge of its international community to improve the site's security. As Linux, Google and other open-source advocates have shown throughout the years, relying on the intelligence of the community is a smart strategy. Typically, folks across the globe can contribute more to a solid security strategy than a handful of so-called experts sitting in a room somewhere discussing how to improve a platform. By drawing on its users, Facebook can not only improve its security, it can give the community a vested interest in making the site more secure.

10. Always remember the responsibility

In recent months, Facebook might have lost its way. It became too complacent, believing that its success would continue indefinitely. It also figured that its users wouldn't care nearly as much about privacy as they actually do. It was a mistake. Going forward, Facebook needs to remember that it has a responsibility to keep its site secure. It also has a responsibility to keep its users' privacy intact. If it can achieve both of those goals, everything will be fine. But if it loses sight of those goals again, more trouble will certainly await it.

Rocket Fuel