Privacy advocates ask Facebook to withdraw proposed policy changes

The letter, copied to officials at the FTC; various senators on the Committee on Commerce, Science, and Transportation, and congressmen in the House Energy and Commerce Committee; and the president of the National Association of Attorneys General urges Zuckerberg to “withdraw the proposed changes to the Data Use Policy and the Statement of Rights and Responsibilities” because “these proposed changes raise privacy risks for users, may be contrary to law, and violate your previous commitments to users about site governance.”

Facebook announced the changes in an email sent to its users last week. The three changes that most concern the privacy advocates are ending the user voting component of future site governance, stopping the ability of users to specify who can email them, and the integration of users’ Instagram information with their Facebook profile.

Facebook introduced the user voting process in 2009. If a proposed change triggers 7000 user comments, then the change would be put to a vote by all users. This particular change has already, according to Reuters, generated more than 17,000 comments. However, any subsequent vote would require 30% of users to object – and while 17,000 is a large number of users, it is far short of the 300 million needed to stop the proposal. In reality, this particular change will do little more than stop Facebook having to go through the process of a fairly pointless voting procedure.

Losing control over who can send them emails will, according to the advocates, increase the amount of spam that users receive. “Facilitating spam,” they say, “violates users’ privacy and security, as many Facebook scams are accomplished through the messaging feature.”

Integrating Instagram and Facebook data will also violate users’ privacy, they claim. The letter likens the proposal to Google’s earlier data consolidation which “prompted objections from privacy organizations, members of Congress, European data protection authorities, and IT managers in the government and private sectors.”

Reuters notes that Facebook declined to comment on the letter. However, it also reports that Facebook spokesman Andrew Noyes said in an emailed statement on Monday, “As our company grows, we acquire businesses that become a legal part of our organization. Those companies sometimes operate as affiliates. We wanted to clarify that we will share information with our affiliates and vice versa, both to help improve our services and theirs, and to take advantage of storage efficiencies.”

The problem for users is that Instagram is now part of Facebook. The technology law blog TechnoLlama points out that users have already agreed to assign copyright on everything they post to Facebook. It quotes the terms and conditions for using Facebook: “you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook (IP License). This IP License ends when you delete your IP content or your account...”

“If you are a Facebook user and do not like the above terms, the solution is easy, delete the account and stop using Facebook,” says TechnoLlama.

What’s hot on Infosecurity Magazine?