Tuesday, November 27, 2007

Facebook invokes the opt-out defense when accused of privacy violations!

FaceBook, the much talked about social networking site, has received a lot of bad publicity recently.

Despite their immense popularity, personal information published on the site has been used to commit everything from identity theft to abusing children.

Hackers are also using the site to drop malicious software on unsuspecting visitors. This leads to even more privacy violations and in many instances, identity theft and financial crimes, also.

Now they are under fire for a marketing scheme, which posts what their members just purchased all over the electronic universe (Internet).

Kimberly Palmer also known as the "Alpha Consumer" at U.S. News and World report recently documented her sister's frustrations with this practice.

In her own words:


This past weekend, after my sister found a great pair of Dansko clogs and ordered them online from Zappos.com, her Facebook friends received a newsfeed message that told them she had just "found something cool at Zappos.com." Since she hadn't planned on announcing her purchase to so many people, she quickly deleted the message but not before feeling that her privacy had been invaded.

It turns out Facebook has relationships with online retailers, including Zappos.com, Fandango.com, and Overstock.com, that allow the social networking site to post information when purchases are made. My sister isn't the only one upset by it; the liberal group MoveOn.org started a petition asking Facebook to respect users' privacy and stop the practice. The blog Binary Freedom has asked Facebook not to ruin the holidays by alerting people to their gifts ahead of time.

Facebook has defended their right to do this by saying that a member can opt-out from having their personal shopping habits disclosed in public.

I always chuckle when the words "opt-out" are used as a defense to justify a violation of privacy.

The financial services industry has been sending us snail mail for years that are called privacy notices. These notices, which are full of small print make a mockery of the meaning of privacy (my opinion). If you fail to respond to these letters, they can and will sell your information to the highest bidder.

Of course, in most of these instances, the institutions involved don't make it easy to respond to these notices.

The problem with opting-out is that the current laws make it too easy to opted right back in.

Opting out is like playing a game of "Whac a Mole," because whenever you conduct a transaction, you might be opting-in again.

Tom Fragala at the Truston blog recently chronicled his frustrations in a post entitled, "Opting-In After You Have Opted-Out." In this post, Tom writes about a personal episode where he was targeted by identity thieves and opted-out, only to be opted-in again.

He also did a follow-up post, "How Direct Marketers Get You to Opt-In After Opting Out," which shows how marketing people have gotten past opt-out legislation in general.

There is little doubt that opt-out laws need to be updated. I wonder if the law were changed so that people had to give their permission for a company to sell their information, we might see a marked decrease in criminal activity enabled by information that is too easy to access!

Sadly, the people making too much money by exposing it for marketing purposes don't seem to want to become more responsible. And as long as they have a lot of money to fuel special interests, the problem isn't going to disappear very quickly!

Kimberly Palmer article, here.

Wikipedia has an interesting article going into detail on all the privacy concerns with FaceBook, here.

12-2-07 (Update): It appears FaceBook is changing their policy on opt-out to make it more user friendly and transparent. Here is a story from the LA Times on the changes, which privacy advocates are claiming as a major victory:

Facebook adds safeguards on purchase data

3 comments:

hanum said...

I couldn't open my facebook inbox and I was given a warning message from Facebook team. What's going on? Thank's

hanum said...

I couldn't open my facebook inbox and I was given a warning message from FB Team. What's going on? Do you know? :( Thank's

Anonymous said...

Just my addition: it's really easy to steal a facebook identity if the victim's not using HTTPS. Of course the same goes for google, but as far as I've seen, Google+ enforces SSL.

So, the article: How to steal a facebook identity