Facebook doesn’t seem to know the difference between privacy and security?

I was excited to read today’s post on Facebook’s blog. It starts off with

This Friday is Data Privacy Day, an international effort by governments, businesses and advocacy groups to raise awareness about the importance of staying in control of personal information.

This is exciting, as Facebook doesn’t have a very good track record in regards to privacy. In fact, they’re notorious for the opposite. The advantage of being a monopoly in the social networking space is that users still stick around even with this history. So what privacy forward steps is Facebook making today? None.

Instead, they’re making a couple of security changes. Don’t get me wrong, these changes are great, and a long time coming (specifically the option to require SSL). Also don’t confuse this with generosity on the corporations behalf, it is likely the speculation that hundreds of thousands of accounts have been compromised since the release of firesheep are probably true, and it’s time for Facebook to mitigate that risk. Regardless, it’s better late than never, and we welcome to the change! Also, it comes at a cost to Facebook, and that should be acknowledged. You should request every website that takes your personal information require SSL.

How you can use this new setting:

  • You can find this new option for SSL (https://) under the Account Security section of Account Settings. At least until they move it.