NPR: Groups Complain To FTC About Facebook Changes

A story today on NPR’s Morning Edition news program focused on the controversy surrounding Facebook’s recent privacy upgrade downgrade: “Groups Complain To FTC About Facebook Changes

My discussion with the reporter, Martin Kaste, covered most of the issues raised in my various posts on the issue:

Unsurprisingly (and understandably), my 20-minute interview was cut down to two 10-second soundbites. But I was more than pleased to share airtime with EPIC’s Marc Rotenberg and EFF’s Kevin Bankston, who provided valuable insights to this issue.

Also featured in the story was Tim Sparapani, a former American Civil Liberties Union privacy lawer who was recently hired as Facebook’s new director of public policy. Sparapani expressed his surprise that so many advocates — like myself — were critical of Facebook’s actions. He states:

Notice, choice, access by users, transparency about what’s happening with data, and control given to users of their data held by companies. We believe that we have actually managed to make those things operational.

While I can understand his frustration, Sparapani is only partially correct in this portrayal of Facebook’s actions. Consider each of these claims:

  • Notice: Yes, Facebook should be applauded for giving users notice of the changes, including prompts to re-visit their privacy settings.
  • Choice: While Facebook’s “transition tool” did provide users with a choice on how to set their new privacy settings, the choice was not completely unbiased. Generally, users could select between “Everyone” and “Old settings”. What the old settings were wasn’t readily discernible. And there are numerous settings between these two poles that were not readily provided to users. That’s not a complete choice. Further, users actually lost the ability to choose the visibility settings for certain critical pieces of personal information, such as their name, profile picture, current city, gender, networks, and the pages that you are a “fan” of. Clearly, that change was a conscious restriction of user choice.
  • Access by users: I’m not sure what Sparapani precisely means by this. Users didn’t gain any new access to any new privacy settings (other than individual settings for status updates, which is nice). Users didn’t gain any new access to the information Facebook (or 3rd party apps) are storing about them (such as outlined in the Fair Information Practice Principles).
  • Transparency: Again, there was little new here wrt transparency. Facebook’s privacy policy remains unchanged regarding how information might be processed, and users still largely have no idea over what 3rd party apps do with their data. True understanding of where our data is going remains opaque, at best.
  • Control: As noted, while users gained control over the visibility of their status updates, they lost control over the visibility of other personal information. To me, this is clearly a net loss in terms of user control.

I can sympathize with Sparapani. We’ve sat on the same side of the table critiquing another company’s privacy policies, and now he’s entered into a challenging position and is trying to defend his company’s actions. But for all the positive impact Facebook’s new privacy paradigm might have, it is overshadowed by the negative consequences felt by over 300 million users.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s