“When you post…on Facebook, you have to figure that it is not going to stay private long.” read the press release from Astoria Police, Oregon. But what was the post they were referring to, and why had it come to the police’s attention in the first place?

An 18-year-old had (stupidly) updated their Facebook status with “Drivin drunk… classic  but whoever’s vehicle i hit i am sorry. “, which resulted in two people tipping off the police about the post. Officers then subsequently inspected the careless poster’s car, and found that damage to his vehicle matched that of two other vehicles that had been hit earlier that New Year’s morning.

However, in the eyes of the law a Facebook post is not sufficient evidence of intoxication, so he could not be charged with drink-driving, but the physical evidence from the vehicles was enough to allow the police to charge the young man with two counts of “failing to perform the duties of a driver”.

While we’d never condone illegal and irresponsible actions such as drink driving, this story serves as yet another reminder that the things we post online often reach a wider audience that we originally expected. Forgetting the particulars of this case, the words of the police press release are worth repeating and remembering:

When you post on Facebook, you have to figure that it is not going to stay private long.

Following the proposed changes to Facebook’s terms of service, two US privacy groups have asked the social network to review it’s position, claiming that the changes violate commitments to protect users.

Many people were up in arms over the fact that Facebook said it was going to remove users’ ability to vote on policy changes after previous votes experienced woefully poor turnouts. However, Facebook is also planning to remove a setting that allows users to control who is able to contact them on its email system, and this is something that does not sit well with privacy groups.

Both the Electronic Privacy Information Centre and the Centre for Digital Democracy have written to Mark Zuckerberg, stating that the proposed changes to Facebook’s terms of service could contravene a deal the social network recently signed with the Federal Trade Commission.

On the matter of the change to Facebook email controls, the letter said:

“By removing users’ ability to prevent strangers from sending unwanted messages, the proposed changes are likely to increase the amount of spam that users receive.”

Other proposed changes that have been met with objections from privacy organisations are the plans to share information between Facebook and Instagram – something that has been likened to Google’s controversial decision to unify data across its services.

As well as US privacy groups, UK organisations have weighed in with their own criticisms of the changes. Jim Killock, Director of Open Rights Group, said:

“Facebook is lobbying the UK government to weaken new data protection laws and reduce our legal rights… It claims that the right to have our data back or to destroy it would be unworkable. But then Facebook go and show exactly why UK citizens need new, stronger personal data laws.”

 

However, it must be noted that none of these changes have yet been implemented. If the proposals generate more than 7,000 public comments within a 7-day period, then a user vote to approve the changes is triggered. Having said that, the result of the vote is only binding if at least 30% of users take part, and given that the turnout in previous votes has been less than 1%, it seems the days of Facebook being a democracy may be numbered.

More often than not, people get irate when Facebook rolls out a new feature that is opt-out rather than opt-in. One such notable example of this was when automatic tagging of photos via facial recognition made an appearance, and there was the predictable privacy uproar. However, this latest opt-out feature should not incur the same wrath as previous updates…

Since January 2011, Facebook has allowed users to opt-in to encrypted HTTPS browsing while on the social network. This only strengthens security and therefore privacy, so why not make it the default setting? Well Facebook said at the time that “encrypted pages may take longer to load”, so it’s possible it didn’t want to inhibit the user experience of everyone at once. Also, almost a billion users is a lot to cater for when rolling out a blanket change.

That being said, the last two years have been spent shoring up the infrastructure to the point where Facebook is this week beginning the transition of all users to HTTPS. They how the improvements made since January 2011 mean that moving users to HTTPS will “slow down connections only slightly”.

If someone values maximum browsing speed over improved security, then they will be able to opt-out of HTTPS browsing on Facebook. However, I think even the more ardent anti-Facebook commentator would have a hard time arguing that making this an opt-out feature is to the detriment of the users.

HTTPS will be rolled out for all North American users this week, with the rest of the world following soon after.

The way in which online retailers collect data from customers, and the manner in which such data is used, is to be looked into by the Office of Fair Trading. There are fears that some of the activities may be illegal.

Speaking on the matter, OFT Chief Executive Clive Maxwell, said that the way in which data collection works is changing constantly:

“It is important we understand what control shoppers have over their profile and whether firms are using shoppers’ profiles to charge different prices for goods or services.”

The OFT has welcomed the prospect of speaking with online retailers and those who provide them with monitoring software, as well as consulting with other international regulators, including the FTC, to discuss commercial uses of consumer data.

While he acknowledges that the collection and subsequent use of customer data might pose some privacy issues, Clive Maxwell does think that it is an inherently bad thing, adding:

“We know that businesses use information about individual consumers for marketing purposes. This has some important potential benefits to consumers and firms. But the ways in which data is collected and used is evolving rapidly.”

Where do you stand on the collection of customer data by online retailers? Is it of benefit to the consumer, or is it an invasion of privacy?

A recent update to the Foursquare iOS app now allows people to check in to a location with friends, even if those friends are not Foursquare users. By accessing a user’s Facebook friend list, people can be tagged in a Foursquare check in which will then appear on their Timeline if the Foursquare user chooses to share the check in on Facebook.

This sort of functionality can be a big privacy issue, and one that Facebook users have previously taken issue with. Being able to check people in without their permission can easily cause a lot of problems. As one commenter on the Foursquare blog entry pointed out, what would happen if he went to a gay bar and checked in some of his friends who have chosen to keep their sexuality secret? There was a similar case recently where two students in America were outed to their families after they were publicly added to a Facebook group for a gay and lesbian vocal choir.

But all sorts of other problematic situations that can arise from someone else broadcasting to your online friends where you are and what you are doing. Say for example that you called in sick to work with tonsillitis and a colleague sees that a friend of yours has just checked in at Starbucks with you… your boss would then have some difficult questions for you. I’m not saying that pulling a sicky is an acceptable thing to do, but if I was undone by a friend posting from another service that I don’t even use, then I’d be pretty angry that they were able to do so.

It’s one thing trying to be sensible about what you yourself post online, but when your friends and contacts also have the potential to create havoc by including you in their own posting habits, it can become a real headache. However, you do have control over your own privacy settings, so maybe take a minute to make sure that they are appropriately configured.