Feeds

EU privacy watchdogs say Facebook changes 'unacceptable'

Working party issues rebuke over default settings tweak

Secure remote control for conventional and virtual desktops

Europe's privacy watchdogs have issued a rebuke to Facebook, telling the social networking site that changes it made to the site's privacy settings late last year were 'unacceptable'.

Facebook faced criticism over the changes when they were made last December, and more when it announced recently that it would allow business partners to make more use of members' data.

The Article 29 Working Party, the committee comprising the data protection regulators of the European Union's 27 member states, has added its voice to the criticisms and has written to Facebook to express its alarm at the changes.

"It is unacceptable that the company fundamentally changed the default settings on its social-networking platform to the detriment of a user," said a statement from the Working Party. "Facebook made the change only days after the company and other social networking sites providers participated at a hearing during the Article 29 Working Party’s plenary meeting in November 2009."

Facebook's changes last year involved changing the default privacy settings on its service. Though users were asked to confirm the changes, default settings are seen as important because many users simply confirm the pre-selected options.

Facebook users can set their profiles, which contain status updates, messages, pictures and more, to be seen by anyone on the internet or just by members of networks they join or just by their 'friends' within the service.

Users who accepted Facebook's new defaults found that much more of their information was available to everyone or to members of very large networks than before. They found that details of their family, relationships and employer were available to the whole internet. Accepting Facebook's changes would also make their birthdays and religious views available to any Facebook user who is a friend with one of their friends, and their phone numbers, physical addresses and email addresses available to all their friends.

Facebook claimed that the changes were a simplification, but digital rights group the Electronic Frontier Foundation (EFF) said that they created "new and serious privacy problems".

"These new 'privacy' changes are clearly intended to push Facebook users to publicly share even more information than before," said the EFF's Kevin Bankston at the time. "Even worse, the changes will actually reduce the amount of control that users have over some of their personal data."

The Article 29 Working Party has now added its voice to the criticism. It said that in its letter to Facebook it had emphasised that default settings should protect, not expose, users' private information.

"The Working Party emphasised the need for a default setting in which access to the profile information and information about the connections of a user is limited to self-selected contacts," said its statement. "Any further access, such as by search engines, should be an explicit choice of the user."

The Working Party has written to 20 social networking companies to highlight concerns it has about the operation of services overall.

"The letters … address the issue of third-party applications," the statement said. "Providers of social network services should grant users a maximum of control about which profile data can be accessed by a third party application on a case-by-case basis.

"The Article 29 Working Party also raised the issue of data of third persons contained in users' profiles. Providers of social networking sites should be aware that it would be a breach of data protection law if they use personal data of other individuals contained in a user profile for commercial purposes if these other individuals have not given their free and unambiguous consent," it said.

The changes are also the subject of a complaint by privacy activist group the Electronic Privacy Information Center (EPIC), which has complained about them to US consumer regulator the Federal Trade Commission.

"These changes violate user expectations, diminish user privacy, and contradict Facebook’s own representations. These business practices are Unfair and Deceptive Trade Practice," said its complaint (pdf).

Facebook last month announced a new initiative at its F8 conference designed to make even more use of individuals' data than before. Users' preferences, likes and activity would be visible to Facebook business partner sites.

While Facebook called the developments 'social plug-ins' and claimed they would improve people's online experiences, users and privacy activists have expressed concerns about the implications of the changes.

Copyright © 2010, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Build a business case: developing custom apps

More from The Register

next story
Munich considers dumping Linux for ... GULP ... Windows!
Give a penguinista a hug, the Outlook's not good for open source's poster child
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Yes, but what are your plans if a DRAGON attacks?
Local UK gov outs most ridiculous FoI requests...
Detroit losing MILLIONS because it buys CHEAP BATTERIES – report
Man at hardware store was right: name brands DO last longer
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
UK government accused of hiding TRUTH about Universal Credit fiasco
'Reset rating keeps secrets on one-dole-to-rule-them-all plan', say MPs
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
EU justice chief blasts Google on 'right to be forgotten'
Don't pretend it's a freedom of speech issue – interim commish
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.