Feeds

Facebook revises privacy policy

Plain English update

Internet Security Threat Report 2014

Facebook has published a simpler, easier to understand privacy policy which removes complicated technical and legal terms in the previous document without changing much of substance.

Less than 7,000 people commented on the social networking site's proposals to change its privacy policy. This allows the company to adopt the revised scheme without a public vote. If more than 7,000 people had commented on the policy during a week long consultation period, then a vote would have been triggered. In the event only 453 commentards weighed into the debate before the 5 November deadline.

The revised policy advises users to make full use of the social network's privacy settings and application settings to control how much information they share, and with who they share this information with. Facebook provides controls, but it is up to individuals to check and ensure that appropriate settings are in place.

Facebook is supported by ads but it promises users that it "will not share your information with advertisers without your consent", though it will allow advertisers "to select characteristics of users they want to show their advertisements to and we use the information users share with us to serve those advertisements".

One significant difference is that advertisers will be given more details about how their adverts perform. User data related to this will be "anonymised", Facebook promises.

The new policy was completely rewritten, so any changes are not marked as such. Based on user feedback, Facebook promised to publish a redline version with any future revision so users can more easily see what changes have been made in future editions of the policy.

One of the most significant threats to user data comes from malicious applications. A statement of "Rights and Responsibilities" associated with the revised Facebook privacy policy again puts most of the emphasis on surfers to be careful. "We require applications to respect your privacy settings, but your agreement with that application will control how the application can use the content and information you share," Facebook explains.

Users who set their profile as viewable by everyone (the default setting) can expect search engines to index any content they upload.

Users who upload video or pictures to Facebook hand over "non-exclusive, transferable, sub-licensable, royalty-free, worldwide" license, the statement further explains. Up until recently, Facebook only allowed users to "deactivate" their accounts so that their profile was left dormant and no longer visible rather than deleted. This Hotel California policy policy was changed last year, so that users can remove their profile, a point reaffirmed by the revised privacy policy. The new policy also aims to address concerns on this and related privacy policy raised by the Canadian Privacy Commission back in July

More information on the revised policy can be found on the site governance section of Facebook's website here.

In related news, Facebook came under fire on Wednesday over allegations it had failed to implement child safety measures. Jim Gamble of the Child Exploitation and Online Protection Centre criticised Facebook and MySpace for failing to follow Bebo's lead in including Ceop's "Report button" on pages, so that illegal content or online abuse might be more easily reported. Facebook said it already had a robust reporting system in place. The issue is covered in greater depth in our earlier story here. ®

Secure remote control for conventional and virtual desktops

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.