As a public service I have undertaken to understand Facebook's new privacy settings, and to tell you how to set them. Facebook have recently "simplified" these settings - *ahem* - and it gave me a chance to dig into them a little. What follows is good advice, but you may find that it's worth what you paid for it :)
First the Golden Rule: assume that anything you post in your Facebook could become public. If you post pictures or messages or link things that you don't want the whole world to see, you could be in trouble later. Why? Because Facebook reserves the right to change their privacy settings at any time. You might think only your friends can see something today, but that might not be true tomorrow. So be careful.
Okay, onward. At the highest level there are now three groups of privacy settings. When you first click on Privacy Settings, this is the page you see:
This page shows the sharing levels for all the information you post on your Facebook. Each kind of thing can be shared with Everyone, Friends of Friends, or Friends. You pick! To change them, click Customize Settings... In my case I am only sharing each kind of thing with Friends Only, as shown above. (If I want something to be public, I post it on my blog :) Your mileage may vary. Be especially careful with Friends of Friends; since some of the people with whom you're sharing are not your Friends, you have to assume it is pretty close to Everyone. Of course, this could be a cool way to meet new Friends, too!
Next, you have Basic Directory Information; when you click on View Settings, this is the page you see:
On this page you set the privacy levels for information displayed about you when people search. As you can see I have all these set to Everyone. The setting you are most likely to want to change is "See my friend list"; this has caused some controversy. You could restrict access to this if you don't want Everyone to know who your friends are... then again, maybe you don't mind others knowing, your choice. I'm proud of my Friends :)
Finally there are the settings for Applications and Websites, displayed on this page:
Here you set the privacy levels for Facebook Applications and for third-party websites affiliated with Facebook. At the top are shown the Applications which you've authorized to use your Facebook information. I'm using a handful as you can see, but lots of people have tens or even hundreds of these; be careful, because they can use your Facebook information! A lot of them are fun and some of them are useful, but many of them are useless and some are even dangerous; periodic "gardening" to remove applications you aren't using is a good idea.
- I have changed the default setting for Game and Application Activity to Friends Only. I don't know what Applications might do with my Facebook data, so this seemed safest. Your mileage may vary...
- The link to Info Accessible through your Friends is subtle; this defines what information about you is available to your Friends when they use applications. I have all of them enabled, but I trust my Friends; I only "friend" someone who is truly a friend. If you're someone who "friends" everyone you meet, you might want to turn these off.
- The link to Instant Personalization lets you set whether "partner websites" can use your friend network to personalize your experience. This has caused a lot of controversy but I've left it on. For example using my friend network, Pandora can tell me about music my friends like. Seems like no bad thing.
- The link to Public Search lets you set whether people can find you with a non-Facebook search engine. Since the only information available is stuff you've already shared with Everyone, this seems harmless.
In all of this, remember the Golden Rule. These are Facebook's settings today, but they could change tomorrow. In the meantime have fun Facebooking!