Fortify Your Facebook Privacy Settings

Don't let the window into your personal life sully your professional reputation.

Thousands of CPAs and many state CPA societies are using Facebook to help establish and maintain relationships. A search for “CPA” on Facebook yields more than 31,000 results. As more CPAs continue to embrace this venue, privacy concerns are on the rise.


As a CPA, I use Facebook both professionally and personally, and I admit that sometimes there is an uncomfortable blur between the two. However, “who you know matters.” That’s exactly why I use Facebook. I have reconnected with past colleagues and old friends as well as established new relationships. However, I am amazed at how vulnerable my information is by default, and I strongly recommend that all CPAs who use it take time to lock down their information.


In December 2009, Facebook introduced new default privacy settings that make most of your content viewable by everyone. In the wake of these dramatic changes, CPAs should adjust their privacy settings to protect their information. This can be a rather difficult task for two reasons:

  1. Privacy settings are scattered throughout Facebook. Users must visit multiple areas to change those settings, and this can be a confusing process.
  2. In some cases, Facebook offers conflicting privacy settings in two different areas. When this occurs, Facebook obeys the less restrictive setting (unlike Windows and the Mac operating system, which follow the more restrictive settings). For example, if you lock down a picture, but fail to lock down the photo album, the image is still visible.

This article provides tips on managing your privacy settings and making the process as painless as possible.


Editor’s note: Facebook unveiled plans on May 26 to roll out new privacy settings over the next several weeks. For more details on the company’s privacy policy and latest changes, read the n ew privacy guide at  


FacebookThe Facebook List feature allows you to organize your friends by groups. These groups can then have individual privacy policies applied to each of them to extend or suppress your Facebook information by List. For example, the screenshot below shows that I have set up several lists including Neighbors, Relatives and Professional Relationships. These three groups can then be used to apply different privacy policies. For example, I may want my Relatives to see the photos from my vacation, but I don’t want my Professional Relationship friends to view them. Because you cannot include a list in any privacy setting until it has been created, you should make your lists before adjusting all the settings discussed in the remainder of this article. Please note that a single friend can belong to more than one list. You can create new lists by selecting Create a List on the Friends page.


To use lists in privacy settings, select Customize from any privacy options dropdown box, and click on Specific People. You will then be able to enter contact names or list names.



CPAs should consider changing all of their settings to Friends Only. This ensures that the people who can see your Facebook content are only those people who you actually accept as friends. (From a CPA’s standpoint, your Facebook friends may be your fellow employees, professional colleagues, clients, prospects or other contacts.) The problem is that you need to visit many places to make these changes. The three main areas are listed below, and you will need to toggle between dozens of items within each category to change all settings to “Friends Only.” One exception to consider is under Settings, Privacy Settings, Search. Here you might want to keep this setting set to Everyone so you can be found via a search by people who want to friend you.


The following are several setting adjustments to help you protect your Facebook privacy:

  1. Account, Account Settings, Networks. Then manage the network’s privacy settings
  2. Account, Privacy Settings, Edit the privacy settings for each of the following:
    a. Profile Information (12 privacy settings)
    b. Contact Information (nine privacy settings)
    c. Applications and Web sites (one privacy setting)
    d. Search (two privacy settings)
  3. Account, Application Settings, and select Authorized from the Show dropdown box. Edit the privacy settings for each application you have running such as Groups, Photos, Video, Notes, Events, Gifts, etc.


In some cases, any user may be able to see your Facebook friends list. Imagine for a moment how an unscrupulous person might use this information to steal your identity or discredit you in some way, or how a competitor might use this information to target your client list. To ensure your list of friends is hidden from the public, click the pencil icon in the Friends box on your profile page (circled in screenshot below), making sure the Show Friend List to Everyone box is unchecked. Thereafter, nonfriends who view your profile will be unable to see your list of friends. Remember that your friends list is always visible to you and your friends.



Most third-party applications are geared toward personal use, but some applications such as greeting cards might be used for business reasons. CPAs should know that by default, third-party applications can access any of your Facebook information. This means that your name, phone number, e-mail address, street address, photos, videos, comments, and any of your responses to third-party questionnaires can be harvested for information and then used to build a profile of you, your likes and dislikes, and other preferences.


If the application mines your data, the third-party provider of that application has your data, too. Many applications seem like fun, but they are written to extract specific information about you. For example, the Movies application figures out which movies you like and dislike. The Cities I’ve Visited app tells how much you travel and where to. Causes tell about your beliefs. How this information may be used in the future is unknown.


Even if you do not use a particular third-party application, it can still mine your data through your friends. For example, if a friend sends you a birthday card, the birthday application can harvest your birthday information from your account, even if you don’t use that application.


To help protect your data from third-party applications, follow these four rules:

a. Start by not including any personal information in your Profile page that you don’t want outsiders to see.

b. Refrain from using any third-party applications. Most are games or quizzes that can waste time, anyway.

c. Block all third-party applications. This can be done from the Account, Privacy Settings, Applications and Websites menu.

d. Block your content that friends can share through their use of applications. This is done from the Account, Privacy Settings, Applications and Websites, What your friends can share about you menu.


There are many reasons you might not want your information to show up in search results on Facebook. If so, it’s easy to turn off your public visibility. For example, if you are in the process of applying for a job, it might be best to temporarily remove yourself from Facebook search results if you feel that your Facebook page conveys a less-than-professional image. To do this, select Account, Privacy Settings, Search, Facebook Search Results, and select Only Friends. Remember, however, that by choosing this action, prospective new friends will no longer be able to find you.



Many CPAs join networks, or groups. However, there might be valid reasons to avoid some or all networks completely. For starters, the networks you belong to are treated by Facebook as public information; therefore anyone can see which networks you belong to. Belonging to a controversial network might convey the wrong message to clients or colleagues, so be careful which ones you join. By default, network members have the same access to your information (such as your birthday or political and religious views) as your approved Facebook friends. Belonging to a network makes your Facebook information searchable by all members as if they were your approved Facebook friends, even if you have disabled public searches.


If you join a network, consider limiting the access to your Facebook information by selecting Privacy Settings, Profile Information and, for every option that displays Friends and Networks, changing that setting by selecting Customize then selecting Only Me and clicking on Save Setting. Then select Customize again, and change it to Only Friends. This will ensure that the setting is set to Only Friends and not to Friends and Networks. (Be advised that it can be tedious to make these types of setting adjustments. Also, the Friends and Networks option will only appear if you have joined a network.)



Many Facebook advertisers, like advertisers across the Web, deposit tracking cookies on your computer to collect information about you and your computer habits. To protect yourself somewhat, consider opting out of the placement of these cookies by member companies of the Network Advertising Initiative at CPAs may also adjust the cookie settings in their browsers to limit or prevent tracking cookies by Facebook advertisers and others.



By default, all Facebook user profiles are indexed by Google and other search engines. This means that some of your profile information is accessible through Google, including your profile picture, friend lists, and fan pages to which you belong. Some CPAs may use their Facebook presence for generating new contacts and may therefore like being included in Google search results, while other CPAs may not want their information to be that public. If you prefer privacy, you can remove your Facebook content from all search engines by selecting Account, Privacy Settings, Search, and unchecking the Allow box next to the Public Search Results option.



Say you let loose for a few hours one night at the company party, and photos or videos of the moment are suddenly posted for all to view. These items can be seen by not just your close friends who shared the moment with you, but also potentially the entire world. When someone tags you in a photo, they point out who is who and a message appears on your profile page, letting people know you are in that photo and letting them view it. Tagged photos have landed some Facebook users in hot water personally and professionally.


Prevent tagged photos or videos from showing up in your friends’ news feeds by selecting Account, Privacy Settings, Profile Information, Photos and Videos of Me and selecting Customize to limit your photos to Only Me or Specific People or to hide them from specific people or lists. (Early in 2010, Facebook provided the option to select Only Me and None of My Networks, but it has since been removed.)



One thing that makes Facebook an interesting social tool is the unique and easy ability to share tagged photos and videos. Although this concept is probably difficult for non-Facebook users to understand, the sharing of photos and videos truly helps you and your friends get to know one another more deeply. For this reason, Facebook photos and videos should be embraced, not shunned. However, if you do decide to publish photos and videos, you should take a moment to ensure that you are not also sharing them with the entire world.



Just because you’ve enabled the privacy settings to hide your photos from public searches does not mean that your photos are fully protected. It is possible that the photo may still be viewable by others who are tagged in the photo, and all of their Facebook Friends and Friends of Friends. To further protect the privacy of your photos, you must visit each photo album’s privacy settings and make the appropriate adjustments. To do this, go to your Profile page, select Photos, Album Privacy and specify who is authorized to view the album (see screenshot above). Bear in mind that while you may have turned off the visibility of many profile sections, there is no way to prevent all images from being visible if any of your friends make the images visible.



Just because you use Facebook as a business tool doesn’t mean that your friends always do. Occasionally, a friend might post something embarrassing or not necessarily “work-friendly” on your Facebook wall, which your other friends can see when they visit your wall.



To protect against this, Facebook allows you to customize the visibility of your wall postings. To access these settings, go to your Profile and click Options (located next to a small magnifying glass at the right of your most recent post).


Once clicked, the word Options will turn to Settings. Click Settings and indicate how your friend’s posts are displayed and who is authorized to see the posts made by your friends. This option also provides a checkbox that allows you to suppress all wall postings by friends from being displayed.



This is cyberspace, with information traveling at the speed of light. You cannot get it back once it is loose. Remain aware of what privacy settings are available and be conscious of what your friends may be publishing about you.


J. Carlton Collins ( is a technology and accounting systems consultant, public speaker and CPE instructor.



Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: Retirement planning, tax practice, and fraud risk

Recent reports focused on a survey that gauges the worries about retirement among CPA financial planners’ clients, a suit that affects tax practitioners, and a guide that offers advice on fraud risk. See how much you know with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.