Facebook Agrees To Submit To Independent Privacy Audits For The Next 20 Years

from the bait-and-switch dept

The Wall Street Journal is reporting that Facebook and the FTC are finalizing a settlement agreement regarding some of Facebook's numerous past privacy flubs. The WSJ reports:

According to people familiar with the talks, the settlement would require Facebook to obtain users' consent before making "material retroactive changes" to its privacy policies. That means that Facebook must get consent to share data in a way that is different from how the user originally agreed the data could be used.

The thing is, that's already the rule. While there's no law that specifically says a company like Facebook can't retroactively change the way it uses user information, the FTC treats it as an unfair and deceptive trade practice - kind of like a bait-and-switch. You decide you're comfortable putting information like your gender and dating status on your Facebook page because Facebook promised it would only show that stuff to your friends. And then it goes and makes it all public: Bait and switch.

Since we don't have comprehensive privacy laws in the US, the only real way to hold companies like Facebook to their word when they say things like "your information is private" is to approach it from a consumer protection angle. Lying to your users about how their personal information is going to be used (or changing your mind later and not telling anyone) is unfair and deceptive, and is exactly the type of thing the FTC can address through fines.

So, making Facebook agree to get express consent before making material retroactive changes to its privacy policies is a bit like making it write "I will not chew gum in class" fifty times on the blackboard before it can go out to recess. The really interesting part of the settlement agreement is that, like Google did in the Buzz settlement, and Twitter did concerning its security, Facebook is agreeing to submit to independent privacy audits for the next twenty years.

My hope for the long term outcome of this settlement agreement is that Facebook will be more upfront and transparent about their privacy practices, and not pull the bait-and-switch move on privacy that they've become known for. Hopefully, this will in turn lead to fewer Facebook-privacy-policy-instigated Chicken-Little-style paranoia outbreaks.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: audits, privacy

Companies: facebook