Social networking giant Facebook has a history of backtracking. On numerous occasions, the company has made an important move--especially with regard to user privacy--only to reverse its course after a public outcry. This isn't surprising, given Facebook's shoot-first-and-ask-questions-later approach to making strategic changes to its service.
In an interview at the Web 2.0 Summit in San Francisco last year, Facebook CEO Mark Zuckerberg acknowledged that he has made a lot of mistakes with his company over the years. In response to a question from the audience about being a young entrepreneur, Zuckerberg said: "Oh man, I've made so many mistakes running a company so far. If you can think of a mistake, I've probably made it or will in the next few years."
"The Facebook story is an example of if you're building a product that people love, you can make a lot of mistakes," Zuckerberg added.
It seems, though, that even when Facebook is forced to back down, it rarely backs down completely. The net result is that, almost every time, a little more of our data at Facebook is made "public."
Here's a brief history of Facebook's most notable flips and flops. Let's start in 2011 and work our way back.
Giving It Up to Developers
Flip: You know that screen that pops up the first time you play a game like FarmVille? The one that asks you if it's okay to give some of your personal data to the developer? Facebook announced on January 14 that it would be giving its developer partners the right to capture your home address and mobile phone number if you say yes at the bottom of that permissions box. The same permissions window pops up when you use your Facebook ID to log in to a third-party Website for the first time, so Facebook's many Facebook ID partners could have a shot at the data, too.
Flop: After hearing complaints, Facebook reversed its decision to serve up home addresses and phone numbers to developers and partner sites. "Over the weekend, we got some useful feedback that we could make people more clearly aware of when they are granting access to [their home address and mobile phone number]," Facebook said in a blog post on January 17. "We agree, and we are making changes to help ensure you only share this information when you intend to do so. ... We look forward to re-enabling this improved feature in the next few weeks."
Jousting With the Germans
Flip: In August 2010, Hamburg's Data Collection Authority questioned Facebook's use of the e-mail addresses of non-Facebook users who were invited to join the site as part of Facebook's Friend Finder feature. Not only did those people not know how Facebook got their e-mail addresses, but it was unclear how Facebook would use the addresses once they were in the Facebook servers. Would Facebook hand them over to partners? Or would it just continue to pester the owners of the e-mail addresses to join Facebook?
Flop: Facebook reached an agreement January 25 with Germany in which it backed off--somewhat. Facebook said that it would give the non-Facebook users a chance to opt out of further invitations to join Facebook. The company also said that it would explain to the owners of the e-mail addresses why they were being contacted. Facebook did not agree to stop capturing and keeping the e-mail addresses, however, and it became clear that Germany would have to sue to make that happen.
Still More Data Made Public
Flip: In April 2010, Facebook decided to widen the set of Facebook user information it classified as public, or sharable with partners or advertisers. Not only was users' basic personal information now public, but so was their current city, education, work, likes, interests, and friends. Privacy groups went into overdrive. In a letter to CEO Zuckerberg, the Electronic Frontier Foundation, the ACLU of Northern California, and the Center for Democracy and Technology asked that users be required to opt-in to Instant Personalization before their data could be used in it, and that more privacy options be provided, including allowing users to "control every piece of information they can share via Facebook."
Facebook insisted that making the data public would make Facebook a more social community and would ultimately benefit users. The reality, of course, was that Facebook--a free service--had simply raised the cost of using the site, not by asking for users' money but by asking for more data that the company could share with its advertising clients and partner sites.
Flop: After a noisy backlash, Facebook announced that it would overhaul its privacy settings. During a May 2010 press conference at Facebook headquarters in Palo Alto, California, CEO Zuckerberg said that Facebook had radically simplified its privacy changes: The previous 50 privacy settings were reduced to fewer than 15, and the number of sections in the privacy settings was consolidated from ten settings on three pages to seven settings on one page. In the end, the widened set of public data remained intact.
Privacy Changes Make More Data Public
Flip: In November 2009, Facebook decided to update its privacy settings, ostensibly to make them simpler and more user-friendly. The changes included the ability to assign certain privacy settings on a post-by-post basis.
But as is often the case with changes in terms of service that Facebook announces as being benevolent to users, the revised policy offered a big benefit to Facebook as well. Here's what the Electronic Freedom Foundation had to say about the revisions, in a December 2009 blog post: "These new "privacy" changes are clearly intended to push Facebook users to publicly share even more information than before. Even worse, the changes will actually reduce the amount of control that users have over some of their personal data."
Specifically, the new privacy controls set many key personal data points--including the user's list of friends--to "public" by default, meaning that thenceforth anybody could view the data. The changes also completely removed the users' option to keep private their gender, their hometown, and the names of pages that they had become a fan of.
Flop: Facebook again relented only somewhat, reinstating a privacy control that hid friend lists on users' profile pages.The friend lists remained fair game for applications developers, however.
The Beacon Blunder
Flip: Facebook launched a program called "Beacon" in November 2007 that permitted third-party sites to distribute "stories" on Facebook about users who expressed an interest in a product or service at the partner site. Less than a year later. a group of plaintiffs filed a class action lawsuit "alleging that Facebook and its affiliates did not give users adequate notice and choice about Beacon and the collection and use of users' personal information." The suit also named a number of Facebook partners that had participated in Beacon, including Blockbuster, Fandango, Gamefly, Hotwire, Overstock.Com, STA Travel, and Zappos.com. This all happened amid growing discontent among Facebook users over the program.
Flop: In early December 2009, Facebook, without admitting any wrongdoing, chose to shutter the Beacon program and give $9.5 million to an online privacy nonprofit, to settle the lawsuit. Beacon remains Facebook's most famous misstep.
We Own You...Or Not
Flip: On February 4, 2009, Facebook updated its terms of service to specify that the company retained ownership of a user's profile data indefinitely, even after the user canceled an account. The policy change amounted to removing two crucial lines from the Terms previously in force: "You may remove your User Content from the Site at any time. If you choose to remove your User Content, the license granted above will automatically expire, however you acknowledge that the Company may retain archived copies of your User Content."
After the Consumerist Website noticed the change and reported it, howls of protest commenced.
Flip: By 2007 it had become common for people to mourn the deaths of friends by posting memorials to the deceased person's Facebook page. But Facebook's policy had been to deactivate the profile pages of deceased members 30 days after they died. Facebook cited privacy concerns for not allowing the pages to remain as memorials.
Flop: After numerous complaints, Facebook changed its policy. Its new privacy verbiage on the issue reads: "If we are notified that a user is deceased, we may memorialize the user's account. In such cases, we restrict profile access to confirmed friends, and allow friends and family to write on the user's Wall in remembrance. We may close an account if we receive a formal request from the user's next of kin or other proper legal request to do so."
The Site Was My Idea, but Here's $65 Million
Flip: Flipping and flopping have beena big part of Facebook's history since the very beginning. Mark Zuckerberg denied that he took the idea for Facebook from fellow Harvard students Tyler and Cameron Winklevoss after the Winklevosses and their partner Divya Narendra filed suit in 2004. In 2003, the twins and Narendra said, they had hired Zuckerberg to work on their social networking site ConnectU (originally called Harvard Connection). Shortly thereafter, Zuckerberg launched a similar site called thefacebook (and later just Facebook).
Flop: Zuckerberg strongly denied that he stole the idea from the Winklevoss twins, and at first he refused to settle. Eventually, however, Facebook paid a $65 million settlement.