According to Graham Cluley, a senior technology consultant with Sophos, one of things that Facebook wants to do is to make it possible for them to share your information automatically with "pre-approved" websites.
"That would mean that if you're logged into Facebook and then visit a third party website, that site will be able to access your name, profile picture, gender, friends and connections, user ID and the content shared using the 'everyone' privacy settings", he said.
"In other words, you might visit a website and discover that it already knows who you are, your date of birth, where you live, who your friends are. All, without ever having given the site explicit permission to access that data", he added.
Cluley notes that, according to Facebook, only a small number of pre-approved sites will be offered via this feature, and users will be given the option to disable the feature.
"Yes, that's right – the onus will be on users to 'opt-out' of this feature, rather than 'opt-in.' I know which way round I would prefer that to be", he said.
Cluley has posted a vote on whether users are positive or negative toward the proposed Facebook policy changes on his security blog.