Hide your account settings, Hide your email, cuz Facebook’s changing everything up in here – by “Evin M”

Last spring, Facebook rolled out a new interface with oodles of novel functionality and a handful of big flashy security holes.  In At In April 2010, we met the Open Graph, which utilized Facbook’s Social Graph technology to transform your stated affiliations and affinities from static comments to active connections–literally, your favorite books and music became hyperlinks.  If you didn’t agree to hyperlink your lists of favorites, interests, etc., they were deleted (and so it was that I had a rather blank profile).  This change both made profile information infinitely easier to manipulate on the back end (and thus package and distribute to third parties), and rolled in with a LOT of default rules.  The power of the default capitalizes upon laziness–if a new element of your profile is introduced with a default setting, odds are you won’t change it (unless you’re neurotic like me and check your account and privacy settings every few weeks).  The biggest baddest April ’10 default of them all was Instant Personalization, which handed over your connections to recipients like Windows Docs, Yelp and Pandora because it was originally an opt-out feature.  Only later did Facebook take a step back and change the default rule–but discussion about it didn’t die down before, due to a glitch, some users were able to creep in and see the live chats of their friends.  It was a scary bug, but one what got fixed after it was flaunted in the NY Times.  And so began a renewed wave of privacy freakouts and Facebook hating in the general public–one that, I’ll wager, is about to make another comeback.

What concerns me more than mistakes in code is when they team up with the deliberate integration of opt-out settings.   It seems that the quick-quick-forget-the-debugging-just-push-the-fun-new-toys-out-there mentality has again taken Mountain View by storm, and we’re getting a repeat of last spring.  I think I’m been deemed either hip or unlucky by the Facebook team, because my profile currently seems to be sporting more new tricks than some of my friends’.  The spelling and capitalization of my status updates and chats are automatically corrected, I’ve got e-mail integration in my private messages, and my account settings show an option for suggesting profile pictures to friends.  Nifty!   Except….hey, wait.  I had painstakingly gone through all of my account settings to uncheck the boxes permitting email and SMS notifications for various apparently noteworthy events (you’ve been tagged in a picture, your status has 9088 new comments, grandma just liked your link, etc.).  However, ALL of the boxes were checked–including the new options and the old ones that I had previously unchecked.  I was irritated, so I unchecked all of the boxes, hit save, and let out a sigh of relief when Facebook affirmed that my new settings were saved.

I returned to my account settings page a minute later, to find that a large majority of the aforementioned boxes under the notifications heading were still checked.  I unchecked them, saved my settings, and refreshed the page.  To find these boxes checked again.

There’s not TOO much at stake right now–I’m just going to receive an annoyingly large amount of email in the future informing me that I have notifications.  That said, I’m still concerned.  What if this happened to my privacy settings?  Not cool, Facebook.  Not cool.

Edit: Tuesday, April 19th, 2011. 10:20 pm.

Yet again, I entered my account settings to find this:

UGH.