In a remarkable turn of events, Facebook has agreed to add significant new privacy safeguards and make other changes in response to the Privacy Commissioner of Canada’s recent investigation into the popular social networking site’s privacy policies and practices.
"The following is an overview of key issues raised during the investigation and Facebook’s response:
1. Third-party Application Developers
Issue: The sharing of personal information with third-party developers creating Facebook applications such as games and quizzes raises serious privacy risks. With more than one million developers around the globe, the Commissioner is concerned about a lack of adequate safeguards to effectively restrict those developers from accessing users’ personal information, along with information about their online “friends.”
Response: Facebook has agreed to retrofit its application platform in a way that will prevent any application from accessing information until it obtains express consent for each category of personal information it wishes to access. Under this new permissions model, users adding an application will be advised that the application wants access to specific categories of information. The user will be able to control which categories of information an application is permitted to access. There will also be a link to a statement by the developer to explain how it will use the data.
This change will require significant technological changes. Developers using the platform will also need to adapt their applications and Facebook expects the entire process to take one year to implement.
2. Deactivation of Accounts
Issue: Facebook provides confusing information about the distinction between account deactivation – whereby personal information is held in digital storage – and deletion – whereby personal information is actually erased from Facebook servers. As well, Facebook should implement a retention policy under which the personal information of users who have deactivated their accounts will be deleted from the site’s servers after a reasonable length of time.
Response: Facebook has agreed to make it clear to users that they have the option of either deactivating their account or deleting their account. This distinction will be explained in Facebook’s privacy policy and users will receive a notice about the delete option during the deactivation process.
While we asked for a retention policy, we looked at the issue again and considered what Facebook was proposing. We determined the company’s approach – providing clarity about the options, offering a clear choice, and alleviating the confusion – is acceptable because it will allow users to make informed decisions about how their personal information is to be handled.
....4. Accounts of Deceased Users
Issue: People should have a better way to provide meaningful consent to have their account “memorialized” after their death. As such, Facebook should be clear in its privacy policy that it will keep a user’s profile online after death so that friends can post comments and pay tribute.
Response: Facebook agreed to change the wording in its privacy policy to explain what will happen in the event of a user’s death."
Pangloss is mildly amused that only two years after she, Ian Brown and Chris Marsden presented a paper highlighting the privacy and security issues around the use of third party apps on Facebook, changes are finally being made.
The interesting issue will be if these changes are only made for Facebook in Canada or applied worldwide; similar legal pressure has not, it seems, being exerted in other jurisdictions such as the UK and the US - but there has certainly been concern over the repeated use of third party apps as an easy way to collect personal data for fraudulent or criminal purposes, or to spread malware. One might speculate that if FB are investing in developing new more privacy-compliant code it might as well install it system-wide given the PR advantages and the fact that FB's growth appears to have peaked (the rate of growth has been declining since about January 08). Chris Soghoian on Twitter seems to indicate the changes will be worldwide. If so, the Canadians have certainly done us all a favour.
Pangloss is also intrigued by the Canadian concern over Facebook's treatment of profiles on death. While the matter is certainly a pressing one (with 200 million users, not all young, FB profiles are, sadly, often a major concern to relatives after death) in fact FB has been pretty much in the vanguard in the area of transmision of digital assets, in at least providing a clear and accessible way for relatives to ask for profiles to be "memorialised" after death.
Other sites where digital "assets" remain after death (eg eBay, Flickr, et al) are in general much less clear about what rights they offer relativesafter death, have hard to penetrate procedures on the matter, or actively refuse to allow relatives control after death (see the famous Yahoo! case where relatives of a US marine were initially refused access to his emails after death because the privacy policy forbade passing on information to any third party. At least in the US, the privacy policy remains unchanged to date.)
However in my recent talk on this subject, I also suggested that it would be easy for FB in its various preference suggestions to allow users themselves to indicate what they would like done with their profiles after death. Not all want their profiles left open for comments after death ; some would like them closed down; others might like a friend or relatives to make the decision what to do. One size does not fit all and a solution should also consider and balance the interests of both the profile owner and the relatives. However if FB take a lead here under Canadian persuasion, they may well benefit all by becoming a good practice example in a rather under-considered part of the web 2.0 field.