Mar 232012
 
 March 23, 2012  Featured News, Online

Laurie Segall reports:

A Facebook privacy policy revision intended to make the site’s methods more transparent is instead kicking up a fresh firestorm.

Facebook posted a draft version of its revised terms on March 15 and gave the site’s users a one-week comment period to weigh in with questions and suggestions. The changes include many semantic tweaks, like stripping the word “privacy” out of Facebook’s “privacy policy,” which is now called a “data use policy.”

Read more on CNN.

One provision that drew a lot of flak is mentioned in the report:

Facebook’s current policy says: “When you use an application, your content and information is shared with the application.” Its proposed revision amends that line to: “When you or others who can see your content and information use an application, your content and information is shared with the application.”

I had tweeted something the other day about one app, Swaylo, that had that kind of provision: in authorizing the use of their app, you have to basically grant them permission to access your friends’ profiles as well – even without your friends’ consent or authorization to the app. Frankly, if any “friend” of mine ever gave some third party permission to access my information, they wouldn’t be my friend for long. More to the point, such consent or authorization is not acceptable.  Heck, I don’t even see how it’s legal. What if people who never authorized an app sued for unauthorized collection of their data? Would the app’s defense in court be, “Well, their friend said it was okay.”?

To the extent that Facebook’s wording changes makes it clearer to people what is going on, that’s a good thing, but it shouldn’t be going on and Facebook should prohibit apps from doing this without direct opt-in consent or authorization. Saying that users can avoid this by granular privacy control settings is not sufficient as the default is still  to allow such nonsense and unintended disclosure to apps.

Need any more proof that a “voluntary” code of conduct is not an adequate solution? There ya go.

Sorry, the comment form is closed at this time.