[ The Washington Post Social Reader -- clicking a story here immediately posts it to your wall as a recommended link. ]

We respect what Dave Winer says -- after all, he's a blogging and podcasting pioneer who now teaches at NYU's Arthur L. Carter Journalism Institute. But his post about Facebook's newspaper social apps, which the Washington Post and The Guardian debuted at f8 this week, is burning up Hacker News.

Here are the first 300 words of Dave's "Facebook is scaring me" post [ on his blog here ]. Below the excerpt you'll find the response on HN from a Facebook engineer.

Yesterday I wrote that Twitter should be scared of Facebook. Today it's worse. I, as a mere user of Facebook, am seriously scared of them. 

Every time they make a change, people get angry. I've never myself been angry because I have always assumed everything I post to Facebook is public. That the act of putting something there, a link, picture, mini-essay, is itself a public act.

This time, however, they're doing something that I think is really scary, and virus-like. The kind of behavior deserves a bad name, like phishing, or spam, or cyber-stalking.

What clued me in was an article on ReadWriteWeb that says that just reading an article on their site may create an announcement on Facebook. Something like: "Bull Mancuso just read a tutorial explaining how to kill a member of another crime family." Bull didn't comment. He didn't press a Like button. He just visited a web page. And an announcement was made on his behalf to everyone who follows him on Facebook. Not just his friends, because now they have subscribers, who can be total strangers. 

Now, I'm not technically naive. I understood before that the Like buttons were extensions of Facebook. They were surely keeping track of all the places I went. And if I went to places that were illegal, they would be reported to government agencies. Bull Mancuso in the example above has more serious things to worry about than his mother finding out that he's a hitman for the mob. (Both are fictitious characters, and in my little story his mom already knows he's a hitman.)

There could easily be lawsuits, divorces, maybe even arrests based on what's made public by Facebook.

[ Read full post here. ]

Response from a Facebook software engineer (orijing) as posted on Hacker News:

I am a software engineer at Facebook. Bear with me because I don't have any PR-quality answer to give you. I am not on the platform team, but I have built apps before in the wild-west days.

The app requires explicit permission from the user in order to post activities automatically. The idea, if you watched Mark's presentation, is called "frictionless sharing." A lot of people don't share because it's another step, but if they could install an app like the Washington Post Reader (a great app--even Mark has it installed), they are happy with sharing articles they've read with their friends.

I understand you might be concerned, for example if you added that app without realizing that it will post content. If you are concerned about the privacy implications, you can always change individual permissions for an app by going to your account settings, then selecting the 'app' tab on the left, or by going to https://www.facebook.com/settings?tab=applications. If you are concerned about spamming your friends' news feeds, that's why we built ticker, for the light-weight activities like "watched a movie" or "listened to a song" or "read an article".

If I remember correctly, the exact wording of the app permission request was alarming enough to get my full attention ("I, the application, can post as you" or something like that), so I'm worried less about a user missing that part. In my known experiences, the app was installed with the knowledge that it will share your experiences--because the idea is you want to share your activities with your friends. As soon as I read an article, my first action is to either send the link to specific people who are interested, or post it on my wall if I think everyone is interested.

We operate under the assumption that users will not do what they don't want to do, as long as we make it explicit what might happen. And if they make a mistake, they can always go change their settings. So I'm not so worried about users who sign up for the Washington Post Reader app, which is marketed as a social reading experiment, and subsequently complain that it shares your read articles.

You might still be concerned, in which case, please let me know why (users being misinformed?), and I'll try to pass it onto the platform folks, who were really heads-down the past few months.