Access control is the process by which access to information is granted to users for certain actions based on their identity. Traditional access control models that map every system resource directly to every system user work for organizations with thousands of users but struggle for social network sites like Facebook with millions of users. The problems faced are firstly the technical complexity of mapping millions of users to billions of resources and secondly the social need of users to own the items they post and to control their access, so access policies beyond just public/private are needed. And finally, that if ordinary users are to manage their own access control, they need software support. This paper argues that only distributed access control can meet these challenges and proposes a model based on the socio-technical design paradigm: first define the social requirements then design a technical solution to fulfill them.