Facebook Privacy: Is The FTC Going Too Far or Not Far Enough?

By: Chris Crum - November 30, 2011

As you may know, Facebook settled privacy charges with the FTC this week. Under the agreement, Facebook is barred from making misrepresentations about the privacy or security of consumers’ personal data, required to obtain user consent before making privacy changes, required to prevent others from accessing a user’s material no more than 30 days after the use has deleted their account, required to maintain a privacy program to address privacy risks associated with the development and management of new and existing products, and required to be audited every 2 years for 20 years to make sure they’re living up to all of this.

Do you think the government has gone too far or not far enough? Let us know in the comments.

It’s that part about the development and management of new and existing products that has led to some questioning just how much government intervention is actually going to affect Facebook going forward.

Lance Ulanoff, Editor-in-Chief of social media news site Mashable, goes so far as to suggest the possibility that the FTC just ruined Facebook. “You don’t think there’ll be damage from an agreement that ostensibly promises two-decades’-worth of governmental privacy policy oversight for the world’s largest social network? Sorry, but I have to disagree.”

He goes on to make the case that the whole thing could have huge implications for Facebook’s internal processes, particularly with the lawyers the company has appointed to the positions of Chief Privacy Officer, Policy and Chief Privacy Officer, Products.

Facebook CEO Mark Zuckerberg discussed them in a massive blog post response to the FTC’s announcement:

Erin Egan will become Chief Privacy Officer, Policy. Erin recently joined Facebook after serving as a partner and co-chair of the global privacy and data security practice of Covington & Burling, the respected international law firm. Throughout her career, Erin has been deeply involved in legislative and regulatory efforts to address privacy, data security, spam, spyware and other consumer protection issues. Erin will lead our engagement in the global public discourse and debate about online privacy and ensure that feedback from regulators, legislators, experts and academics from around the world is incorporated into Facebook’s practices and policies.

Michael Richter will become Chief Privacy Officer, Products. Michael is currently Facebook’s Chief Privacy Counsel on our legal team. In his new role, Michael will join our product organization to expand, improve and formalize our existing program of internal privacy review. He and his team will work to ensure that our principles of user control, privacy by design and transparency are integrated consistently into both Facebook’s product development process and our products themselves.

These two positions will further strengthen the processes that ensure that privacy control is built into our products and policies.

It’s that last sentence which lies at the root of Ulanoff’s point. This could have tremendous effects on Facebook’s ability to get out new products, at least in the manner in which they were intended.

It’s certainly a good thing for Facebook to protect the privacy of users as they intended, but as Zuckerberg pointed out, they’ve released tons of tools and resources for giving users more control.

“Overall, I think we have a good history of providing transparency and control over who can see your information,” he said. “That said, I’m the first to admit that we’ve made a bunch of mistakes. In particular, I think that a small number of high profile mistakes, like Beacon four years ago and poor execution as we transitioned our privacy model two years ago, have often overshadowed much of the good work we’ve done.”

He also reminded us of a number of specific things Facebook has done in the past 18 months to give users more control:

“In my opinion, the FTC agreement is not only bad for Facebook, but bad for its users too,” says iEntry CEO and WebProNews publisher Rich Ord. “Government regulation of the largest social network on the planet cannot be good.”

Still, others feel that the government did not go far enough. The Electronic Privacy Information Center (or EPIC), which is credited as an organization that brought the Facebook issues to the FTC’s attention, would have rather they “restore users’ privacy settings to pre-2009 levels.”

The FTC’s complaint lists a handful of instances in which it says “Facebook allegedly made promises it did not keep”:

In December 2009, Facebook changed its website so certain information that users may have designated as private – such as their Friends List – was made public. They didn’t warn users that this change was coming, or get their approval in advance.

Facebook represented that third-party apps that users’ installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users’ personal data – data the apps didn’t need.

Facebook told users they could restrict sharing of data to limited audiences – for example with “Friends Only.” In fact, selecting “Friends Only” did not prevent their information from being shared with third-party applications their friends used.

Facebook had a “Verified Apps” program & claimed it certified the security of participating apps. It didn’t.

Facebook promised users that it would not share their personal information with advertisers. It did.

Facebook claimed that when users deactivated or deleted their accounts, their photos and videos would be inaccessible. But Facebook allowed access to the content, even after users had deactivated or deleted their accounts.

Facebook claimed that it complied with the U.S.- EU Safe Harbor Framework that governs data transfer between the U.S. and the European Union. It didn’t.

Do you think the government has done enough for Facebook privacy, or has it gone too far? Tell us what you think.

Chris Crum

About the Author

Chris CrumChris Crum has been a part of the WebProNews team and the iEntry Network of B2B Publications since 2003. Follow Chris on Twitter, on StumbleUpon, on Pinterest and/or on Google: +Chris Crum.

View all posts by Chris Crum
  • http://onlymeworld.com Shiromasa Yamamoto

    Privacy controls on Facebook and other social networking sites today are only 1/2. Privacy controls only protect other users from viewing what you don’t want them to see. People should be concerned with how social networking sites are obtaining information about the both “Knowingly” and “Unknowingly”, how this information will be used “Now” and in the “Future”, and most important how this information is being used to “Profile” people creating a socio/economic divide. There has also been a rise in hacking & cybercrime, no social networking site can guarantee your information is safe whether you own your information, or the site owns your information. There is only one social networking site today that is a safe alternative to Facebook: OnlyMeWorld.

  • ericabrit

    There are still important facts left out of this. The settlement doesn’t stop Facebook from talking you all over the internet. I won’t argue that this isn’t a fair step in the right direction, but what about protecting us everywhere else? More on the tracking side of the story here: http://www.abine.com/wordpress/2011/facebook-ftc-settlement-you-still-cant-get-the-most-critical-privacy-setting-you-need/

  • http://steffenbieser.com/ steffen bieser

    I think, facebook is totally abusing the information they gather, and the main reason for this is … GREED. That is why. They are getting a bit too much power, and it is good to stop them. Facebookmnist getting more and more pure vanitiy anyway.

  • http://marketsecrets.biz Caleb

    Well being that the Fed couldn’t use the old monopoly accusation like they have tried with other large successful companies, they found another way to get inside being through a overly hyped privacy issue. I say overly hyped because Facebook did have privacy parameters for users to set although some would argue those parameters were a bit too technical for the average user to implement.

    So to me this is a “loophole” the gov found for controlling Facebook because all they have to say if Zuckerberg comes out with something they don’t agree with is: “That infringes on the privacy of citizens, either desist or we will shut you down!”

    It is all strategic maneuvers better known to us as RUNNING GAME!

  • Tom

    Facebook has been stealing privacy and selling it for a profit since it’s inception. I think the FTC should shut them down permanently.

    In fact, they should have been shut down a long time ago.

    • Mark

      Wrong. Important note: It’s a free site. Users aren’t marketed to – they choose to make accounts. Tom (Anderson???), if you happened to make this product, I’m sure you wouldn’t monetize the site – but, Zuck can and has. You can’t say the gov’t should go around shutting down things people don’t agree with – that’s like… a bad idea.

    • http://www.italkmoney.com sinip

      You think that CIA would allow the best ever site for OSINT (Open Source INTelligence) information gathering to get shut down just like that? You must be joking… :-))

  • Rob Alaniz

    I think what the government did is fine. Someone needs to be accountable for peoples privacy. He danced around the subject but the bottom line is Facebook was set up to generate money. The problem is their was little regard for the protection of your private information. This needs to be stopped. If they are going to require you to have certain information online in the data base…THEY need to be responsible for it.

  • Easy

    Easy Just to stay out of trouble Just Don’t Use Facebook

    “Malware Woes, Viruses, Rootkits, Trojans, Oh my gosh! is on FacebookSign up for Facebook to connect with Malware Woes, Viruses, Rootkits, Trojans, Oh my gosh! Malware .no Privacy .. to stay safe Just Don’t Use Facebook “

  • Jost

    This is way overdue, Facebook has been abusing its users ever since it started. Zuckerberg still has no concept of privacy and does not understand that people do NOT want to share everything with everyone – on the other hand is his account full of all his info out there for everyone to see – hypocrite!
    Delete your account everyone and stop this insane inanity, even if you aren’t part of it you’re a victim of it.
    Good news is that it appears we’re over the super hype stage and it’s becoming irrelevant to more people all the time.

  • http://www.iamsolaelthedivinelight.ning.com/ Solael

    No, I do not think that the FDC has gone too far at all, in any sort of way, in regards to Facebook. They need an oversight committee over their productions and ways of doing things. I believe, that Norton VeriSign (and other Norton products embedded into a social site) is a very good way to protect the passwords and other private information of a customer. I have applied myself, so that I will be able protect my members even further.

  • Curly Howard

    If the lawyers see the agreement making it easier to win a lawsuit against Facebook, then bad for FB, good for users. Let’s see how the agreement evolves. FB can always ask for a new agreement.

  • mike williams

    Some of the most spine-chilling words you will ever hear
    “were from the government and we are here to help”

  • http://www.f4mmedia@gmail.com des

    no facebook should have faced stiffer penalties

  • http://www.marceauoneill.com Patricia Birren-Wilsey

    Allowing the feds to further regulate is only asking for more trouble.

    • http://www.seonorthamerica.com Tom Aikins

      That’s right. Why get the government involved in anything? If you want your information private then don’t put it on Facebook. What part of that is too hard to understand.

  • Watching the Wheels

    Personally, I would like the FTC to hang them by their short hairs. Oh, these sites want you to join, but the lot of them seem to have absolutely no comprehension, why a user just might not want all their personal things at a site’s disposal.

    I would prefer to see stricter. The nerds need to be put in their place. They are all beginning to strike me as being little more than peeping Toms, and Gee, they now can sit on their rumps and not risk being discovered outside a window.

    I currently keep all my email addresses in a separate file due to another site’s challenges in this area, and both sites have Accel.com behind them.

    :) I’m also getting tired of seeing catfood ads. <—– To WHOMEVER THIS MIGHT CONCERN, IF you're going to trail around after me, and OD me with ads, can you at least ramp it up a bit, and throw in some entertainment, and at a level that might appeal to someone who just isn't all that thrilled with the sophormoric tripe cranked out in cyberland.

    I learned to read from for real books, and can remember having to walk to the TV to change a channel.

    Oh, and for the record, I didn't even finish joining Facebook before their convoluted BS convinced me that I would be much better off without them.

  • http://johndvickers.ddandhservices.com John Vickers

    At the out set let me say I’ve not read this entire article. The whole world has gone crazy over privacy!!! If anyone out there in cyber land still thinks their personal stuff is private give your head a shake. Think of all the ways Government and its agencies, doctors, dentists, bank &/or credit card operaters and thousands of other input areas have some or all of your “personal stuff” and then think that by far the most of these computers are internet connected.

    If you don’t want your information on the Internet then keep off the Internet and don’t carry credit cards, debits cards. Don’t have your own doctor or dentist, don’t use one pharmacy or even one chain of anything. Learn to be paranoid, only use cash, don’t have a cell phone, don’t have a car or any vehicle. Basically drop off the grid. Don’t own a house – always rent.

    Then and only then you MIGHT be able to keep something private.

  • /// ted

    As soon as the dust settles, I plan on completing my involvement with Facebook. A birthing & a growing process is fraught with junque. Facebook needs to clean their act a bit (why else is there gov’t intervention?) .
    Comment if you like; I am running an old Mac… and , therefore , I cannot take advantage of your ebooks. Don’t even think of suggesting I replace this eMac! It’s a jewel !!! ‘Tis the ‘net which needs better management….
    Ted / CHEMbustion at yahoo dot com

  • http://www.website-marketing.co.cc Anton

    I don’t like the government getting to involved with things, they usually mess things up.Facebook is a great social website.That is why everyone has joined it.They should just try to give more marketing methods for entrepreneurs that help them get there businesses of the ground.Perhaps Facebook should start advertising Adsence, and give more free advertising to the online marketers.Yea, take more of there opponents money.If Facebook looks after there supporters, there supporters will look ofter Facebook.I do agree however that something should be implemented to ban and prosecute stalkers.Why did everyone join Facebook, well in the beginning for social purposes, but the majority of members are members to make some income somehow, give more!
    Yea, Facebook is big, but Google is right behind it!people have told me that Facebook is getting boring, you should have a suggestion box somewhere on profiles where people can tell Facebook what they want, because without people Facebook is dead.So look after them.

  • http://www.CaptainCyberzone.com CaptainCyberzone

    Sometimes the chickens need protection from the fox, but sometimes that protection turns out to be a wolf.

  • Jennifer E.

    Facebook made promises to it’s customers and then decided, nope let’s do something different. False advertising has always been regulated to protect the public. Facebook mistakes are the reason they are in the mess they are. They have been here before, apologized and did it again. I enjoy Facebook, I value the privacy of my network and online presence. Selling my likes and dislikes for advertising dollars doesn’t bother me. Just a smart way to use info. What does bother me is making promises and then doing something different without asking.

  • http://www.facebook.com/notes/security-camera/alert-logitech-wireless-outside-cameras/286375034734522 Kamaeni

    Because of more advanced technology is also getting a lot of crime and smart to be able to break into an account on facebook

  • http://www.freedomoffshore.com/offshorefinancialservices.html Offshore Financial Services

    The government always goes too far for intents and purposes and it is better not to reflect upon these if you want to sleep well at night. Face Book should move its operation offshore to become truly free.

  • http://www.herbs-treatandtaste.blogspot.com leva

    I have never been a member of Facebook because of the privacy issues. If Facebook are only now addressing these issues because of legal threats then what does this say about the site? They are shutting the door after the horse has bolted.
    I believe that the internet should be self-regulating,but flagrant invasions of privacy need to be addressed. I would still not join Facebook despite the steps being taken because of the unresolved issues and information already in the public domain which would have been best left private.

  • http://www.belfast-architects.co.uk Alan

    Best to separate the virtual you, from the real you and your real business. Use email addresses and phone numbers etc that are secondary, be careful that you do not put up information that would allow or help impersonation.

    As for recording my likes, what a joke. If anyone thinks that is reliable marketing information they are seriously deluded. A friend asks you to like their page, do you refuse? Do you even look at more than the title? Then there are all your likes, well ever read cvs? If you have read enough of them you will realise that most of them contain a high percentage of bull!

    FaceBook and others need to be regulated to protect those that are honest and trusting. That to me feels right.

  • http://www.bluemonkeyweb.co.uk Andy


    Totally agree, it’s not the general public im worried about but it’s what facebook does with the information they hold on us. Their power is unreal, they know everything about us, what we like, who are friends and family are etc….

    Coventry Web Design

  • http://www.searchen.com John

    Facebook certainly needs some level of oversight in the privacy department. I think the size of facebook certainly warrants the added measures put forth here at minimum.