Facebook privacy changes a missed opportunity, says Sophos

Facebook's announcement of planned features to create groups and see how personal information is used, do not go far enough to improve privacy, says Sophos.

Facebook's announcement of planned features to create groups and see how personal information is used, do not go far enough to improve privacy, says Sophos.

Mark Zuckerberg Facebook chief executive, claims the groups feature will give users tighter control over who they share information with.

Facebook also plans to enable users to download all the information they have put on the site and see how individual applications are using that information.

But, while these are a step in the right direction they may add complexity rather than improving online safety, said Paul Ducklin (pictured), Sophos head of technology, Asia Pacific.

The latest changes implemented by Facebook may well be another missed opportunity to get the fundamentals right, he said.

Facebook would do better to make a real grassroots change to its security than adding more security-related dashboards, said Ducklin.

Facebook should adopt a completely opt-in model that requires users to agree to the terms and conditions of each feature before they sign up to them, he said.

Some 93% of respondents to a poll conducted by Sophos in May 2010 said they would prefer to "opt-in" rather than "opt-out" of sharing their information with others.

"No doubt Facebook shareholders looking forward to the IPO will want to maximise the number of users and the openness and availability of the information posted," said Ducklin.

"But Facebook is influential enough now to make bigger long-term gains by getting ahead of the regulatory curve, than by waiting until legislators force them to change their opt-in/opt-out attitudes," he said.

Read more on Web software

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close