As Betty White – who hosted Saturday Night Live last night as a result of a grassroots Facebook campaign – said in her opening monologue, “now that I know what Facebook is, it sure seems like a huge waste of time”. Since I am a participant myself, I won’t hypocritically debate the merits. However, I will continue to call attention to the potential privacy risks that careless Facebook participation can incur. And one of the biggies lies with application security.

When you sign up for a Facebook account, you are prompted to establish security rights for who can see what – your personal stats, likes/dislikes, friends list, etc. Even if you’ve tailored your privacy preferences in the past, you should revisit them periodically. For instance, Facebook recently updated their methods, and in many cases erred on the liberal side for new settings – allowing rather than denying. Maybe your info is only being used for marketing / demographic purposes? The Singles ads that constantly appear on my home page certainly say that they look at marital status among other things. But no matter how wide-open or friends-only you may make your information, there is one thing that is hard to defend against: applications.

Farmville or Mafia Wars may seem like harmless fun, but do you really know what they are doing under the hood? Facebook apps that you run instantly become more in-the-know than even your most trusted ‘friends’. When you sign up for Scrabble, Texas HoldEm, or any other Facebook application, you are giving that app direct visibility to your profile. Once granted access, (if it so ‘chose’) an app can see all connection info, family relationships, etc. And if that app/game asks you to invite other friends, doing so could expose their info as well, depending on their own privacy settings. If you trust that app, maybe you don’t mind. But do you really know what “Fly The American Flag” is doing with your info, besides posting a flag pin on your wall? With the recent support for external URLs, exposure of data is no longer limited to just within Facebook!

This calls to mind the malware PC apps such as Smiley Central, Smart Shopper, or Screensavers that all purported to do something useful while in the background monitored your surfing activity or other questionable tasks. But the Facebook situation is even worse in that the “web of trust” social network aspect increases the “net of vulnerability” (I just made that phrase up, cool). I really hate to be ‘anti-social’ and put  damper on the online fun, but care and vigilance are called for. Think twice before you decide to sign up for Support Our Troops or Happy Island, and see if the apps have a “Terms of Service” that define how they will use your data. Facebook does not police its application pool, so it is still more of the wild-west mentality, and not the idyllic cocktail party among friends that it may seem.

Suitably concerned now? I highly recommend the “Social Hacking” guide to Facebook to get a good overview of what apps can do; some excellent advice. Check out the new app settings at Account > Privacy > Applications > What Your Friends Can Share About You, and hide anything that you don’t want questionable apps – those being run by friends – to see. You can control what your friends’ apps see, but what your own can see is unfortunately not up for debate. Facebook does what it wants.