Facebook: our hiccups on privacy

When the first steam-powered vehicles arrived on the roads in Britain midway through the 19th century, parliament passed a law which stated that at least three people must be employed to drive them, one of whom should be walking in front carrying a red flag. It was not until 1896 that the Highways Act allowed vehicles to be driven without such restrictions.

Initial responses to new technology often have to be adapted as usage patterns become clearer. That was true on 19th-century British roads; it is true on the internet today. Media regulations to encourage the local production of content are becoming anachronistic with content available to all. Copyright laws are having to be updated to take account of today’s practices. Most relevant for Facebook, the right approach to privacy needs to take account of how consumers actually use social networks and what they want.

Although many internet companies have to deal with privacy issues, this is particularly challenging for social networking sites, whose very purpose is the sharing of information. Facebook has recently been criticised for being cavalier with users’ private data and for not being clear enough about how our privacy controls operate. We plead innocent to the first charge and guilty, up until now, to the second.

Privacy has always been a central focus for Facebook. From the time Mark Zuckerberg launched the service in his college dorm room through to today, privacy has been a core part of our offering. In the early days, Facebook consisted of static pages where people could share some basic information about themselves and a single picture. Over the past six years we have enhanced our service considerably. With these changes we offered increasingly complicated privacy controls, not because we were cavalier about privacy but the contrary – because we take privacy so seriously. The result was that, for many of our users, these controls became far too complex.

We heard this feedback and have made changes. Most importantly, we are putting in place one simple control that makes it easy to share on Facebook with friends, friends of friends or everyone – all with just one click. All new products or features we introduce to facilitate sharing will be controlled by this setting. For users who want more granular control, we still offer it; but for many, a simple master control may work better.

We have also significantly reduced the amount of information that must be visible to everyone. We require users to make public some limited information, like their name and photo (necessary for people to find their friends), but we no longer require that a user’s friends list or pages they like be public. We expect most people will want to make that information public – that is what social networking is about for many – but those who do not want to will not have to.

Lastly we’ve made it much easier to turn off the features which allow a more personalised service for Facebook users when visiting other websites. Many people benefit from the feature allowing websites to use information from Facebook pages about their likes and dislikes, but it’s not for everyone, and those who don’t want it will be able to turn it off easily.

Perhaps most importantly we don’t plan any other changes to our privacy policy. After a couple of hiccups we feel we have got things right and we won’t need to change things for a long while. We want our privacy controls to be simple and easy to operate, and to put users fully in control.

One thing that will not change is that Facebook never has and never will sell the private information of our users to anyone. We allow advertisers to target users by demographic; advertisers can, for example, target an advert for golf clubs at people who list golf as an interest in their profile. This makes advertising more targeted and more useful for people. But we do the targeting ourselves and pass no information about individuals to advertisers. Like a powered vehicle in a world used to horses, targeted advertising was once considered a terrible intrusion; it is now a dominant business model and widely accepted by consumers.

No doubt over a much longer time debates about privacy will change as technology evolves. Millions of users today benefit from making public what was once considered private. Finding the right balance between enabling people to share and express themselves and protecting people’s privacy will always pose challenging questions. No doubt decades from now we will look back on some of today’s norms as the equivalent of the man walking in front of the first vehicles waving a flag. Meanwhile, we are focused on today’s users. Our task is to ensure that the benefits of the new technology are available, but that users are equipped to make the choices that are right for them. We think these changes do that.

Sheryl Sandberg, the chief operating officer of Facebook.