Facebook's privacy rollback is especially terrible because it's so hard to reverse. Settings are so bewildering that even CEO Mark Zuckeberg has fiddled his two-to-three times this month. So here's a guide to re-privatizing your profile.
Ideally, we'd all be allowed to just accept Facebook's recommended settings. But the social network is defaulting most people to share their private content widely with strangers, in an obvious bid to grow traffic and to compete more directly with Twitter. Then there's the content the company is trying to take from you and make entirely public.
And, to borrow a phrase, what can't be attributed to Facebook's greed can be chalked up to ineptitude. Highly complex privacy schemes are bound to fail, as others have written, because most users don't have the patience to sit and learn intricate details of various options. That would seemingly include Facebook co-founder Zuckerberg, who initially accepted the default options, according to published reports. But he soon altered these defaults to make them more private, hiding his photos from friends of friends.
If the CEO of Facebook is changing his default privacy settings, shouldn't you? Here are some things you can do (click any image to enlarge):
Hide your photos (as much as possible).
Most people don't seem to realize their old profile photos and albums are available to strangers The profile photos usually default to being shared widely, e.g. to "Everyone," while the photo albums are often only slightly more restricted, e.g. "Friends of Friends."
You can't hide your current profile photos, but you can hide the others that you've uploaded. (UPDATE 1: The wording of this part was updated to make it clear that you can't ever hide your main profile pic. So do, like, a picture of your cat or something. Or a building!)
From your Facebook home page, go to the Settings menu in the upper right corner, and select "Privacy Settings." Then select "Profile Information." Then scroll down to Photo Albums and click "Edit Settings"...
...and adjust to the level of privacy you are comfortable with ("Only Friends" was probably your setup before):
Hide other people's photos of you (partly)
If someone "tags" one of their Facebook photos with your profile, it can show up on your profile. If you don't want strangers (including "Friends of friends") to get to conveniently peruse these often candid shots from your profile, go to Settings/Privacy Settings, then "Profile Information" and adjust "Photos and Videos of me." We'd recommend "Only friends:"
UPDATE 1: To clarify, you can never remove pictures in which you are tagged from other people's accounts, as we implied before. But by removing them from your profile, you make it a lot harder for strangers to find pictures of you that you might not want them to see.
Hide your birthday
It's insane that Facebook recommended that many people share their birthday with "Friends of friends" in its defaults for the new "privacy" scheme. This personal information can be used by financial fraudsters to help impersonate you to your bank, credit card company, email provider and others. We'd recommend showing it to as few people as possible. Or, even better, set it to a false date.
Under Settings/Privacy Settings/Profile Information:
Hide your posts
Facebook is defaulting people to share their posts with "friends of friends," i.e. strangers. You may want to revert this to share only with your friends. Under Settings/Privacy Settings/Profile Information:
Remove your friends list from your profile page
In any case, it's definitely possible to make your friends list harder for strangers to view, by removing it from your profile. Go to your Facebook home page, then click on "Profile" in the top right corner to view your profile.
Then scroll down to the section of the profile that shows your friends (titled "Friends"), and click the pencil symbol in the upper left corner. This will reveal a checkbox to hide your friend list from some strangers, at least on your profile page:
UPDATE: We're getting "corrections" on this telling us exactly what we already said above, so we'll repeat it in bold: this does not completely shield your friends list. Friends of friends can reportedly still see it, for example, and as we said above Facebook considers it public information.
Hide your profile from search engines
Facebook is touchy about this one, because it's always displayed some data for search engines, by default, and suddenly people are noticing. That's why when you go to change your settings under Settings/Privacy Settings/Search, Facebook now pops up this ultra-defensive dialog:
What Facebook doesn't tell you is that it now offers a link to "View Such and Such's Friends" from the public, search-engine-indexable profile page. At least, that's what ours does. At the very least, you should look at your search engine page using the preview link under "Public Search Results" and see if you want to continue to make it available:
Hide your info from friends' apps (UPDATE 1)
This is a big one we missed the first time around — by default, your friends can share huge amounts of your personal information with applications they authorize, like quizzes and games. It would be a good idea to restrict this even if Facebook weren't sloppy about policing its apps and partners; as things stand, we'd recommend unsharing most if not all types of data from your friends' apps. (Thanks to the commenter and tipsters who sent this in.)
Go to Settings/Privacy Settings, then "Applications and Websites," then "What your friends can share about you - Edit Settings:"
Did we forget or mis-state something?
UPDATE: Our other coverage of this topic:
The Facebook Privacy Settings You've Lost Forever, Dec. 16
Facebook's Great Betrayal, Dec. 14
Facebook CEO's Private Photos Exposed by the New 'Open' Facebook, Dec. 11
(Top pic: Zuckerberg, via Getty Images.)