...since it depends on the commons sense of all your friends. What could possibly go wrong?
I permanently deleted my facebook account a few weeks ago: a worm was spreading very fast through facebook and for over a week I could not notify facebook about the issue.
The worm spread via event invitations containing a link to a site that social engineered the people into copying Java script code into their browser so that it would steal their account credentials and propagate further. And facebook does not provide you with any means of contacting anybody at all, let alone from the security team! Instead, you are dependent on those buttons that let you report inappropriate messages or such. Only those event invitations did not have such buttons. I wasted dozens of hours trying to notify them about the scheme but finally gave up and deleted my account.
I learnt one thing: the privacy concept of facebook is fundamentally flawed as your own private data that you share with friends and family is dependent on the common sense of these friends. It needs only one of them to be stupid enough to follow complex procedures of copying JavaScript code because they think they could find out who viewed their profile or such to completely compromise your privacy.
I for one am outta there. And if you look closely enough, you find a hell of a lot worms and security vulnerabilities in facebook.