Facebook has settled the charges made by Federal Trade Commission and promised to behave better on privacy issues in the future. FTC accused Facebook of deceiving users by telling them their private information is private while repeatedly allowing it to be public.
Listing seven privacy violations of Facebook, FTC claimed that Facebook violated federal law. Under the proposed settlement Facebook will get consumers’ approval before it changes how it shares users data, and will undergo periodic checking of its privacy practices by independent, third-party auditors for the next 20 years.
In a lengthy blogpost, Facebook CEO Mark Zuckerberg admitted that Facebook has made a bunch of mistakes and added that Facebook has made “a small number of high profile mistakes, like Beacon four years ago and poor execution as we transitioned our privacy model two years ago”. Settling the pricacy charges with FTC Facebook promised that it is committed to make “Facebook the leader in transparency and control around privacy”.
Facebook’s Seven Privacy Sins
Curious on what are the eight sins of Facebook. Here is it as listed by the FTC report.
- In December 2009, Facebook changed its website so certain information that users may have designated as private – such as their Friends List – was made public. They didn’t warn users that this change was coming, or get their approval in advance.
- Facebook represented that third-party apps that users’ installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users’ personal data – data the apps didn’t need.
- Facebook told users they could restrict sharing of data to limited audiences – for example with “Friends Only.” In fact, selecting “Friends Only” did not prevent their information from being shared with third-party applications their friends used.
- Facebook had a “Verified Apps” program & claimed it certified the security of participating apps. It didn’t.
- Facebook promised users that it would not share their personal information with advertisers. It did.
- Facebook claimed that when users deactivated or deleted their accounts, their photos and videos would be inaccessible. But Facebook allowed access to the content, even after users had deactivated or deleted their accounts.
- Facebook claimed that it complied with the U.S.- EU Safe Harbor Framework that governs data transfer between the U.S. and the European Union. It didn’t.