CBC News (for all you non-Canadians, CBC is the Canadian Broadcasting Corporation) has an interesting story about how FaceBook regularly breaches Canadian privacy laws, according to the Privacy Commissioner of Canada. From the article:
Facebook shares personal information with developers who create games and quizzes in a way that breaches Canadian privacy law, the office of the Privacy Commissioner of Canada has found.
The popular social networking site, which is used by 12 million Canadians, doesn’t have enough safeguards to prevent those third-party developers from getting “unauthorized” access to users’ personal information, said the report released Thursday by assistant privacy commissioner Elizabeth Denham.
It’s notoriously difficult to ‘un-FaceBook’ (which I’ve contemplated doing more than once), and even more difficult (if not impossible) to completely remove your private information from the site.
While some would argue that ‘nothing on the Web is private’, it’s hard to argue with having reasonable measures in place in order to ensure that private information is secured (especially by a site like FaceBook that has such a sheer volume of such information). The article cites 3 specific ways that FaceBook is breaching Canadian privacy law:
- It keeps information from accounts deactivated by users indefinitely and does not make it clear that users can also choose to delete their accounts rather than just deactivate them. Nor does it explain the difference in its privacy policy.
- It keeps the profiles of deceased users for “memorial purposes,” including this in its terms of use. That means users cannot opt out.
- It allows users to post personal information about non-users without their consent. For example, it allows them to tag photos and videos of non-users with their names, and provide Facebook with their email addresses to invite them to join the site. It keeps the addresses indefinitely.
It should also be noted that the primary motivation for collecting personal information is very simple: money. Even if an individual’s information is not resold (i.e. your email address, telephone number and such), aggregate information is still a very valuable commodity.
While I’m not saying that dealing in such information is nefarious in itself, there must be safeguards put into place in order to ensure that people can opt out when they want to. So if my friend invites me to FaceBook, and I choose to decline that invitation, FaceBook shouldn’t have the right to keep my information forever.
Like this post? Subscribe now to the full RSS feed.
July 19th, 2009 at 9:55 pm
“While some would argue that ‘nothing on the Web is private’, it’s hard to argue with having reasonable measures in place in order to ensure that private information is secured (especially by a site like FaceBook that has such a sheer volume of such information).”
It should also be noted however, that each Facebook user makes the conscious choice to place their information out there.
July 20th, 2009 at 3:18 am
“It’s notoriously difficult to ‘un-FaceBook’ (which I’ve contemplated doing more than once), and even more difficult (if not impossible) to completely remove your private information from the site.”
Having regularly used facebook, it has specific settings that lets you conceal certain information from other users. Users are also given notices they are giving away their information to applications when they agree to use them.
July 26th, 2009 at 7:03 pm
I am using Facebook quite often , and i love it. From the 3 points the last one is the most annoying.
I get lots of photos tagged with my name , wich is ok …it’s me .( most of the times ). But i get tagged in some that i don’t want to add to my album.
July 27th, 2009 at 8:55 am
While I understand that users make a choice to place information on the internet, that doesn’t remove the responsibility that websites have to use that information in a responsible way — just like notifying users that their information will be used irresponsibly doesn’t remove that responsibility.
Users should have a reasonable expectation of privacy without having to ‘read the fine print’. As I said in the post, there should be clear and easy ways you can opt out of having your information stored by FaceBook — a declined invitation to FaceBook seems like a pretty clear case of when the site should not have a right to keep my information.
July 27th, 2009 at 3:38 pm
The tagging of other user’s photos with my name, which is then linked to my profile, is also annoying to me. It seems to me that the person being “tagged”, whether a Facebook user or not, should have to consent to the photo being used or at least with their name attached to it.
July 30th, 2009 at 11:31 am
Now that these issues are out in the open, I’m sure Facebook will have to make some changes. Your article is well written. I’ve seen a few others recently perhaps not edited as well, where allegations were made regarding the use of private personal information in sales schemes that are a little shocking. I’d expect an investigation from the US FTC next.