Facebook’s Instant Personalization Is the Real Privacy Hairball

Facebook at its f8 conference yesterday launched tools for websites to add a social layer by bringing over Facebook friend connections. These social plugins are available to any web developer and use a simple piece of code to add a Facebook frame onto a page, instantly make that page social. So, for example, if you visit CNN.com, you could see what news stories your friends liked and shared there.
CNN doesn’t actually see that happening — to the news org it’s just a box it leaves open on its site for Facebook to populate — but it’s presumably happy because users get a more personal experience and stick around longer. And users don’t get identified for simply visiting a site; they have to log in to Facebook through a dialog box in order for their presence and activities to be shared with their Facebook friends.
Facebook also introduced a way for certain sites to push this further than everyone else. Three carefully chosen launch partners — Microsoft’s Docs.com (s MSFT), Yelp and Pandora — have access to what Facebook is calling “instant personalization.” This is a powerful, inventive and creepy tool that the company hopes to extend to other partners but is testing the waters with these three first.
Ta-da! It’s personal
Instant personalization means that if you show up to the Internet radio site Pandora for the first time, it will now be able to look directly at your Facebook profile and use public information — name, profile picture, gender and connections, plus anything else you’ve made public — to give you a personalized experience. So if I have already publicly stated through my Facebook interests page that I like a musical artist — say, The Talking Heads — the first song I hear when I go to Pandora will be a Talking Heads song or something that Pandora thinks is similar.
The idea is that Pandora is a somewhat hard concept to explain to new users — before it existed, people didn’t have their own personalized radio stations based on similarities between artists and song. Now, new users will derive value from Pandora before they even sign up. The first time they load the page it will be to their favorite music.
This new sign-up customization has the biggest privacy implications of everything Facebook unveiled yesterday. Until now, when you browsed the web, it was safe to assume you were anonymous until you actively logged into a site. But in recent years, behavioral advertisers have started following us around as we browse, using cookies to find out where we’ve been in order to offer up customized ads on new pages we visit. (So if I’ve been shopping on Kayak for an upcoming trip, I might get ads about similar flights and travel destinations showing up on a page I visit later that day.) In the post-f8 world, when you show up to Yelp having never been there before, the page will now show a feed of restaurants and stores that your Facebook friends have liked and reviewed using Yelp before you go there.
I spoke with Facebook platform engineering lead Mike Vernal at f8 yesterday about instant personalization after having trouble grokking the concept when CEO Mark Zuckerberg threw it in as a “one last thing” during his f8 keynote. Vernal described the goal as that of creating a “magical” experience for users. However, he said Facebook is well aware that these privileges could be abused. “We’ve very cognizant of balancing building great user experiences and respecting privacy,” was how Vernal put it.

Vernal said Facebook has not finalized any plans for allowing additional sites into the instant personalization program. Users are also able to opt out entirely via a new option found at the bottom of the list on their privacy settings page. And further, if they want to prevent their friends from sharing their information with an instant personalization partner, users must block that specific application individually. Multiple Facebook employees told me the company was unsure about how to label the sensitive product and which partners were launching on it until the last minute.
I made this just for you
The problem is, users aren’t accustomed to instantly personal services, and we have no idea where that personal information is coming from. Going back to the relatively benign social plugins from the beginning of this story, it probably won’t be obvious to the casual visitor to CNN.com that CNN doesn’t know anything about the story recommendations Facebook is providing. To most of us, it will look like CNN knows who we are. And further, while going to a brand-new website that instantly knows who you are might ultimately be useful, the first time it happens you’re going to freak out.
Facebook’s way of addressing that reaction is by placing an icon in every social plugin that leads back to an explanation on Facebook, and layering a big blue bar on top of the three sites — again, Microsoft’s Docs.com, Pandora and Yelp — that are getting the special treatment. So when I go to Yelp today I’m greeted right up front with: “Hi Liz. Yelp is using Facebook to personalize your experience. Learn More – No Thanks.” That’s fine, but the fact is, this tool is designed to help users become acquainted with sites they’ve never been to before. So the experience is necessarily going to be foreign.
I recently signed up for a new web photo service by giving an email address and password. When I went to fill out my profile, there was already a picture of me staring back. Whoa. That’s useful, I guess — I didn’t have to find a headshot to upload yet again — but it weirded me out. It turned out the site was probably using Automattic’s (see disclosure below) Gravatar, to match my email with my profile pic. Clearly, Facebook’s not the only platform that wants to enable shortcuts to make my new web experiences better — expect this instant personalization to catch on, if users and privacy advocates don’t revolt and drive the company to drop the feature. We saw that happen with a cousin of this product, Facebook Beacon, three years ago.
But if my Facebook stream is any indication, some users have already caught onto this latest privacy tweak. Here’s one message making the rounds:

“Do NOT forget to OPT OUT of the new FB Instant Personalization sillyness. Under your Privacy Settings so 3rd parties cannot collect your personal data. Account–>Privacy Settings–>Applications & Websites–>@bottom is the Instant Personalization thing–>Uncheck Allow.”

But then, lots of people just hate change; every Facebook redesign, ever, has been protested. And so, like Facebook, we’ll have to wait to see how much instant personalization freaks people out. [digg=http://digg.com/tech_news/Facebook_s_Instant_Personalization_The_Real_Privacy_Problem]
Disclosure: Automattic, maker of WordPress.com, is backed by True Ventures, a venture capital firm that is an investor in the parent company of this blog, Giga Omni Media. Om Malik, founder of Giga Omni Media, is also a venture partner at True.
Related content from GigaOM Pro (sub req’d):
How Facebook Should Fix Its Privacy Problem
Please see the disclosure about Facebook in my bio.