Facebook is feeling some political heat for its moves last week, after launching a program that “instantly personalizes” websites for visitors by automatically sharing user data with the site owner.
Senator Chuck Schumer (D-NY) wrote a letter to chief executive Mark Zuckerberg asking him and the company to revisit their decision on the program and move to an “opt in” default rather than an “opt out” one.
While the program doesn’t share a user’s entire profile, it has ability to pass on information including a user’s name, their friends’ names, profile pictures, gender, connections, and content shared under the “Everyone” privacy setting. Although the company had planned to unveil the program with a wider number of partners, it ultimately winnowed the number to just three, with Microsoft, Pandora and Yelp.
The senator has also reached out to the Federal Trade Commission, arguing that there are few guidelines for privacy on social-networking sites like Facebook and Twitter or that they are often difficult to understand. He added that if the FTC feels it lacks the authority to issue guidelines, he would back legislation giving them the power to do so.
Dear Mr. Zuckerberg,
The following three changes have raised concerns:
1. Publicly available data. Facebook’s expansion of publicly available data to include a user’s current city, hometown, education, work, likes, interests, and friends has raised concerns for users who would like to have an opt-in option to share this profile information. Through the expanded use of “connections,” Facebook now obligates users to make publicly available certain parts of their profile that were previously private. If the user does not want to connect to a page with other users from their current town or university, the user will have that information deleted altogether from their profile. We appreciate that Facebook allows users to type this information into the “Bio” section of their profiles, and privatize it, but we believe that users should have more control over these very personal and very common data points. These personal details should remain private unless a user decides that he/she would like to make a connection and share this information with a community.
2. Third party data storage. Previously, Facebook allowed third-party advertisers to store profile data for 24 hours. We are concerned that recent changes allow that data to be stored indefinitely. We believe that Facebook should reverse this policy, or at a minimum require users to opt in to allowing third parties to store data for more than 24 hours.
3. Instant personalization. We appreciate that Facebook is attempting to integrate the functionality of several popular websites, and that Facebook has carefully selected its initial partners for its new “instant personalization” feature. We are concerned, however, that this feature will now allow certain third party partners to have access not only to a user’s publicly available profile information, but also to the user’s friend list and the publicly available information about those friends. As a result of the other changes noted above, this class of information now includes significant and personal data points that should be kept private unless the user chooses to share them. Although we are pleased that Facebook allows users to opt-out of sharing private data, many users are unaware of this option and, moreover, find it complicated and confusing to navigate. Facebook should offer users the ability to opt-in to sharing such information, instead of opting out, and should make the process for doing so more clear and coherent.
We hope that Facebook will stand by its goal of creating open and transparent communities by working to ensure that its policies protect the sensitive personal biographical data of its users and provide them with full control over their personal information. We look forward to the FTC examining this issue, but in the meantime we believe Facebook can take swift and productive steps to alleviate the concerns of its users. Providing opt-in mechanisms for information sharing instead of expecting users to go through long and complicated opt-out processes is a critical step towards maintaining clarity and transparency.
The audio problem: Learn how new cloud-based API solutions are solving imperfect, frustrating audio in video conferences. Access here