Using Storify, a free service that lets users collect, curate, and share social media content, it's easy to repost private Facebook posts for anyone to see.
Storify's tools for collecting Facebook posts to share in a Storify story don't make it clear whether or not the Facebook content users are seeing is set to private, potentially leading to accidental privacy breaches — AGBeat reported on one such instance earlier this week.
The Storify post includes the user's photo, a link to their Facebook account, and the timestamp of the post. Since Storify is not accessing data through Facebook's API, any posts that users can see, even those in private groups, can be tagged and copied to Storify and publicly posted back on Facebook — and Facebook users can't block their content from being shared on Storify.
"The behavior appears to result from Storify users utilizing a browser extension that essentially cuts and pastes content available to that user to the Storify site," a Facebook spokesperson told Buzzfeed. "This is not a result of the Storify application for Facebook."
Storify users can't repost tweets by private accounts on Twitter. If users try to pull information from a private Twitter account the screen automatically goes black, which Storify co-founder Burt Herman says is only due to the way they use the Twitter API. "It is almost a bug in the system," says Herman.
The potential for private or semi-private Facebook posts to be publicly spread recalls an incident in December when Facebook founder Mark Zuckerberg's sister, Randi, was shocked to find a photo she had posted on Facebook for a small audience found its way to Twitter.
"Anytime you share something with someone else you are trusting that person in how they use it," says Herman. "Just because we make it a little easier than copy and paste doesn't mean you should do it just because you can. There are human etiquette conventions that people need to keep in mind."