Open to CITP affiliates only
Food and discussion begin at 12:30pm. Open to CITP affiliates only.
We study Facebook Connect’s permissions system using crawling, experimentation, and surveys and determine that it works differently than both users and developers expect in several ways. We show that more permissions can be granted than the developer intended. In particular, permissions that allow a site to post to the user’s profile are granted on an all-or-nothing basis. We evaluate how the requested permissions are presented to the user and find that, while users generally understand what data sites can read from their profile, they generally do not understand the many different things the sites can post. In the case of write permissions, we show that user expectations are influenced by the identity of the requesting site which in reality has no impact on what is enforced. We also find that users generally do not understand the way Facebook Connect permissions interact with Facebook’s privacy settings. Our results suggest that users understand detailed, granular messages better than those that are broad and vague.