Home How Facebook Screwed With Everyone’s Privacy And What It’s Doing About It

How Facebook Screwed With Everyone’s Privacy And What It’s Doing About It

Today Facebook finally reached a settlement with the FTC over privacy concerns that have been haunting the social media behemoth as of late.

Facebook can’t just up and change its privacy settings whenever it wants to. It must now obtain express consent from its users, first.

Since the settlement, Zuckerberg has penned a blog post outlining the Facebook features that the site has launched, which include friend lists, the ability to review tags before they appear on a profile, mobile versions of privacy controls, amount other notable updates. He also announced the splitting of the Chief Privacy Officer position into two parts, to be held by Erin Egan and Michael Richter in product and policy, respectively.

Facebook will now undergo privacy audits every two years for the next 20 years, which is similar to what Google experienced after the Google Buzz privacy breach.

More on Facebook’s Security Issues

Facebook Wants Your Comment On Its Privacy Policy Changes

Facebook’s Zuckerberg Says The Age Of Privacy Is Over

Facebook’s Open Graph On Steroids: What Happens To Privacy?

Facebook Responds: Changes Privacy Settings and Sharing Options

Facebook Quietly Fixes Its Original Privacy Problem, 5 Years Later (Updated)

Facebook Rolls Back Some Key Privacy Changes

Here are the eight big offenses that led to the FTC complaint straight from the Bureau of Consumer Protection:

1. Facebook Privacy Settings. Facebook promised its users that they could keep their information to a limited audience given the site’s privacy settings, yet the FTC found that third-party apps had access to personal information.

2. Privacy Changes: Material Omission. Information that Facebook told its users was deemed private, such as friend lists, were made public.

3. Privacy Changes: Unfair Practices. Facebook did not ask for users’ consent when changing the privacy of users’ information and retroactively applying these changes to previously collected information.

4. Info Accessible Via Apps. Facebook claimed that the apps would only have info about users “that it requires to work.” The FTC discovered that this was not true.

5. What Info Facebook Shares With Advertisers. The FTC found that from September 2008 to May 2010, Facebook “ran its site so that in many instances, the User ID of a person who clicked on an ad was share with the advertiser.” This went directly against the statement that Facebook made, saying that it did not share information with advertisers.

6. Facebook’s “Verified App” Program. The FTC states that Facebook “did not verify the security of a Verified App’s website or the security the app provided for the information it collected, beyond the steps Facebook took for any other app.” In other words, the “Verified App” seal did not symbolize anything.

7. Photo and Video Deletion. Facebook told its users that they could permanently delete photos and videos from the site. Yet each piece of content had a unique URL which, when accessed, would bring up supposedly deleted photo or video.

8. US-EU Safe Harbor Program. The FTC questions statements made by Facebook when it said it was in compliance with the US-EU Safe Harbor Framework, a way for US companies to transfer data from the EU to the United States in a way that’s consistent with European law.

According to the Sophos Security Blog, in addition to the privacy audits, if the settlement proceeds, Facebook also must stop misrepresenting its security and privacy policies, obtain consent when handing personal data, establish a stronger privacy program and, perhaps most importantly, prevent people from accessing information from deleted/deactivated accounts 30 days after they have been closed.

To Facebook’s credit, it has shut down the Verified Apps program and corrected the whole leaking personal data to advertisers issue. It also recently launched trusted friends and app passwords.

With Facebook’s new privacy audits in place and a pending IPO next summer 2012, you can bet that the 800 million-user-strong social network will start taking privacy more seriously.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.