Conversation with a Facebook insider.

Jan 13, 2010

It seems as if Facebook is everywhere these days. Less involved than Livejournal or Blogger but packing a little more substance than Twitter, Facebook is a great way to goof off when you find yourself with a couple of minutes to spare. Games, quizzes, applications, and toys abound on the service, and it also makes it easy to stalk people you used to go to school with. It also made it easier to hose your social life without having to resort to off color jokes in front of the boss' wife. Their privacy settings (and ambiguity thereof) were infamously poor the moment they were put into action, so unless you're very careful and possibly go out of your way to double-check you might have exposed more (possibly embarassing) information about yourself than you suspect.

A couple of days ago the online culture blog called the Rumpus posted what appears to be an interview with someone who works at Facebook where some interesting things were discussed over a couple of drinks. The employee, who wished to remain anonymous for the sake of his or her job, spoke frankly about some of the stuff that happens at corporate HQ which should raise your eyebrows, if not your suspicions if you're interested in protecting your privacy. So the nameless source says (and I have to phrase it that way because we have no real evidence on our side of the screen), everything you've ever posted to Facebook - status updates, comments, search terms, pictures, what have you - gets archived in their databases even if you take it down. Your viewing history, i.e., the posts you click on, the profiles you look at, and the pictures you pull up are all stored and analyzed to determine whom you interact with the most. The bit about their storing what are described as snapshots of all of their servers on an hourly basis sounds like taking filesystem snapshots, which make it easier to back up heavily loaded machines. The bit about what was referred to as a "master password" isn't all that surprising; the way it's described it sounds like the root password to a MySQL instance or ORACLE account of an Oracle database server. In other words, nothing to write home about. Same with certain people abusing those accounts.

What it boils down to is this: if you don't want everyone to potentially find out about it, don't put it on the Net. If anyone does, ask them politely to take it down. Common sense.