More Isn't Necessarily Better When It Comes To Preferences

from the keep-it-simple-stupid dept

Facebook has unveiled a new set of privacy settings that have been getting some positive reviews in some quarters. While I’m always happy to see a company that’s not afraid to experiment with new privacy protections, I think Facebook has some more work to do on this one.

One problem has been identified by Chris Soghoian: if you’re in an academic network, you can theoretically limit access to your profile based on each viewer’s academic status at your institution. So if you’re an undergrad, you can set things up so that your friends can see those pictures of you doing body shots, but your professors and TAs can’t. The problem is that apparently, peoples’ status is self-reported, and can easily be changed. So a nosy grad student could temporarily switch his status to “undergrad” and to get access to an undergraduate’s photos. This seems like a problem.

The more fundamental flaw, I think, is that there are now way too many options. The exact options I see on my Facebook account are different from the ones Chris sees, presumably because he’s a student and I’m not. But on my version of the preferences, there are a dozen categories of information, each of which have 6 to 8 different options. For example, there are separate privacy settings for “profile,” “basic info,” and “personal info.” Do you have any idea what is in each of those categories? I don’t. And then you have to decide whether each category will be available to “Only Me,” “Some Friends,” “All Friends,” and “Friends of Friends.” And you have to decide which of your “networks” will be able to see that information. And you can provide a list of people to exclude.

This is a bewildering array of options, and it’s likely to retard the usefulness of Facebook’s privacy features. When it comes to user preferences, a handful of carefully chosen options is better than allowing users to adjust every conceivable setting. A well-designed user-interface should economize on the user’s valuable time and attention by giving him a reasonable number of options that encompass the most likely use cases. If you give users a huge number of options, most of them will give up in frustration, leaving them in a much worse position, privacy-wise, than if you’d given them a smaller menu of easy-to-understand options to choose from.

Filed Under: , ,
Companies: facebook

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “More Isn't Necessarily Better When It Comes To Preferences”

Subscribe: RSS Leave a comment
illegalprelude (user link) says:

I very much agree with this. Facebook is starting to offer way too much options and even me as a techie, look at it and just dont wanna sit there and figure out what the hell is going on. Its the same problem when you add a new application to your profile, it asks you to “send out alters to others, add to your box” do this, do that etc etc etc.

Why soo difficult

Anonymous Coward says:


isn’t creating confusion in facebook’s interest? if it becomes too complicated, then people will simple stop caring and just go with the flow (eg. making more information available). this lets facebook make more ad money and capitalize on that social network “snooping on acquaintances” value.

Of course, this assumes that there’s a trade-off between a desire for privacy and the hassle of actually getting it, versus the versus the real threat of having the information out there. at some point its too much a hassle to care anymore. if i set my privacy settings wrong, i have no idea what other people see until it bites me. if i wear a tinfoil hat i’ll probably double check things, but what, i’ll probably have to register a second facebook account to check unless i rely on friends to tell me. most people won’t and won’t notice they’ll be sharing more than they thought. And, to boot, all the in the name of more power for the user!

creating confusion is the only way they can get beacon (or whatever their ad plan is) to work without pissing people off.

i think the problem is that no one knows what these categories mean. right, what is the difference between basic and personal info? this is lawyer crap, where you throw an innocuous term in a contract, one that everyone generally understands to mean one thing, and then only once you reach the definition of that term later on do you realize that term has a substantially different meaning in the contract. sneaky lawyer crap.

will says:

great idea, why did i have to think of it?

i think one of the most useful things for any of these social networking sites would be this:

more than one password allowed. what i mean is this, an admin account with full access and one or more user accounts with access limited by the admin acount.

why? a few reasons,

1. a business using the site could give employees a user account to do whatever they like but NOT change the password or delete the entire page. this way when they got pissed off or left they couldn’t screw things up for there old company.

2. an individual could give friends access to there account so they could load pics and such but they couldn’t screw up the entire thing to badly as your admin password would supercede there user acount and you could go in and lick them out without having to worry about your stuff.

3. (and this is the biggest reason) phishing. if you set up an admin account with full access and then give yourself a user account with access MINUS password change or deleting capabilities you could use the site without worrying about getting phished. just use the “user” account whenever you log in and if a few days later you notice your page has been phished just log in using the “admin” account and change the “user” password and the phishing site is now locked out again! EASY!!!!

so why don’t facebook, myspace, etc. do this?

buckykat says:

too many options is impossible. admittedly, i haven’t seen this facebook thing, but take the package compizconfig-settings-manager for an example. it has more options than pretty much any settings utility i’ve ever seen. (think the entire windows control panel, but just to change fancy display settings.) it’s pretty awesome, as it lets you set every preference just the way you want it. i have five sliders to change exactly how the windows wiggle.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...