Facebook Privacy: 6 Key Moments
As FTC settlement nears on opt-in privacy settings, take a look back at Facebook's key privacy flaps.
Facebook has agreed to obtain an explicit opt-in from users before altering the manner in which their personal information gets collected, stored, or shared.
More Security Insights
- The Importance of Managing Privileged Accounts
- Three Principles to Improve Data Security and Compliance
Soon after, the Electronic Privacy Information Center (EPIC), a nonprofit research group, filed a complaint with the FTC on users' behalf, alleging that Facebook had engaged in "unfair and deceptive trade practices." Interestingly, the FTC's definition of "deceptive" doesn't mean the practice was necessarily done on purpose, but rather looks at whether the result of the action would be likely to end up misleading a customer.
"Facebook's changes to users' privacy settings disclose personal information to the public that was previously restricted," according to EPIC's complaint. "Facebook's changes to users' privacy settings also disclose personal information to third parties that was previously not available." In addition, it said, the changes simply confused a large swath of users. Interestingly, Zuckerberg himself also "reversed changes to his personal Facebook privacy settings after the transition from the original privacy settings to the revised settings made public his photographs and other information," said EPIC in its complaint.
Asked about Facebook's reported settlement offer to the FTC, a Facebook spokeswoman declined to comment.
Twitter this year also settled with the FTC after the agency investigated a series of security breaches through which hackers gained administrative control over the entire site, twice, in 2009. As part of that settlement, Twitter agreed to specific security program enhancements, as well as independent, annual audits of its security posture for the next 10 years.
Facebook's privacy settlement proposal notably comes just four months before the deadline for the company to make its financial results public, should it choose to pursue an initial public offering.
6 Key Moments In Facebook Privacy
November 2009: From November to December 2009, Facebook begins updating its privacy policies and changes people's privacy settings accordingly.
December 2009: Four days after the changes become fully live, there are more than 500 Facebook groups devoted to the site's privacy settings.
May 2010: Facebook pitches more "simplistic" privacy options for users.
December 2010: The FTC proposes "do not track" online advertising opt-out capabilities for consumers, and signals a crackdown on websites' privacy policies, saying that industry self-regulation has failed.
November 2011: Facebook reportedly ready to sign a deal with the FTC that will require Facebook to obtain a user's explicit consent before Facebook can change the way it uses their personal information.
April 2012: Deadline for Facebook to go public, which experts estimate would value the company at up to $100 billion.
Security professionals often view compliance as a burden, but it doesn't have to be that way. In this report, we show the security team how to partner with the compliance pros. Download the report here. (Free registration required.)