Privacy, especially on the internet, is pretty much a myth. That goes for blogging sites, social networking sites, emails, you name it. If it’s been sent to the internet, by you or by someone else, you might as well consider it no longer private. And the same holds true for Facebook, even before it made those changes to privacy settings that resulted in things being slightly more public than before. So this concept of there having been any real means of security online is a little misguided. A non-Facebook example, but an example that could just as easily have applied to Facebook, will help the explanation.
LiveJournal has an option to restrict the contents of your hosted blog to only select people, authorized by you, to read. Now, ignoring whether or not I agree with their method for determining exactly how folks are authorized to read your content, this was their version of semi-privacy–it’s not immediately search engine accessible, but people you know or want to get to know still have access to read, comment, and otherwise do what they will with your restricted content. Including pass it off to someone who didn’t originally have access to the said restricted content. Or copy it from your own, restricted blog, and post it elsewhere–likely where a search engine or other curious individuals can easily get their hands on it. There just went that sense of privacy. It’s the same way with email. You may be sending an email back and forth to one person, expecting them to keep it between the two of you. But who’s to say they’re not adding an address to the BCC field? Or forwarding the email to someone else? And if the conversation happens to be taking place on a mailing list, pretty good chance it’s being archived–which probably means it’s now searchable by non-members.
Back to Facebook for a slightly more relevant example. You’re at a party, and a less than flattering picture of you is taken. Not something you’d post to Facebook, but something that you’d probably laugh about with a few of the people who were at that party. The person who snapped the picture, though? He has no problem posting it to Facebook. And the next morning, he does just that. Now, you and those select few people who might have been at the party can still laugh at the picture. But so can everyone who happens to be “friends” with the person who posted the picture. Not all of which you may actually know–or, for that matter, want to be able to see the picture. Again, there just went that sense of privacy.
In that respect, and keeping that in mind, Facebook’s privacy changes don’t really amount to a whole hell of a lot of actual news. The rules of the game don’t change–just the default settings. You still really have no more or less security now than you did a month ago. And the same old advice applies just as much now as it did 6 months ago. If you don’t want it to go public, don’t give it to the internet. That includes Facebook. Don’t decide to just throw it up there and then whine when someone you wanted to keep it away from just so happens to see it. If you didn’t want it seen by an undetermined amount of people, you wouldn’t have posted it to a place where it could be seen by an undetermined amount of people. And if you did so in spite of you’re not wanting to, then I dare say it’s your own fault, and hardly the fault of whatever system or service you happened to be using at the time. The internet is by no means a private place, whether you’re on Facebook, Twitter, LiveJournal, MySpace, whichever. Get used to it.