Feeds

Facebook revises privacy policy

Plain English update

SANS - Survey on application security programs

Facebook has published a simpler, easier to understand privacy policy which removes complicated technical and legal terms in the previous document without changing much of substance.

Less than 7,000 people commented on the social networking site's proposals to change its privacy policy. This allows the company to adopt the revised scheme without a public vote. If more than 7,000 people had commented on the policy during a week long consultation period, then a vote would have been triggered. In the event only 453 commentards weighed into the debate before the 5 November deadline.

The revised policy advises users to make full use of the social network's privacy settings and application settings to control how much information they share, and with who they share this information with. Facebook provides controls, but it is up to individuals to check and ensure that appropriate settings are in place.

Facebook is supported by ads but it promises users that it "will not share your information with advertisers without your consent", though it will allow advertisers "to select characteristics of users they want to show their advertisements to and we use the information users share with us to serve those advertisements".

One significant difference is that advertisers will be given more details about how their adverts perform. User data related to this will be "anonymised", Facebook promises.

The new policy was completely rewritten, so any changes are not marked as such. Based on user feedback, Facebook promised to publish a redline version with any future revision so users can more easily see what changes have been made in future editions of the policy.

One of the most significant threats to user data comes from malicious applications. A statement of "Rights and Responsibilities" associated with the revised Facebook privacy policy again puts most of the emphasis on surfers to be careful. "We require applications to respect your privacy settings, but your agreement with that application will control how the application can use the content and information you share," Facebook explains.

Users who set their profile as viewable by everyone (the default setting) can expect search engines to index any content they upload.

Users who upload video or pictures to Facebook hand over "non-exclusive, transferable, sub-licensable, royalty-free, worldwide" license, the statement further explains. Up until recently, Facebook only allowed users to "deactivate" their accounts so that their profile was left dormant and no longer visible rather than deleted. This Hotel California policy policy was changed last year, so that users can remove their profile, a point reaffirmed by the revised privacy policy. The new policy also aims to address concerns on this and related privacy policy raised by the Canadian Privacy Commission back in July

More information on the revised policy can be found on the site governance section of Facebook's website here.

In related news, Facebook came under fire on Wednesday over allegations it had failed to implement child safety measures. Jim Gamble of the Child Exploitation and Online Protection Centre criticised Facebook and MySpace for failing to follow Bebo's lead in including Ceop's "Report button" on pages, so that illegal content or online abuse might be more easily reported. Facebook said it already had a robust reporting system in place. The issue is covered in greater depth in our earlier story here. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.