A protest outside Facebook's headquarters in 2010 drew attention to its controversial privacy policies.

NEW YORK (CNNMoney) -- A Facebook data policy document intended to make the site's methods more transparent is instead kicking up a fresh firestorm.

Facebook made a significant but little-noticed change to its privacy policy on Sept. 23, wiping out the word "privacy" and rebranding it as a "data use" policy. Late last week, Facebook posted a draft version of its "Statement of Rights and Responsibilities" governance document -- an explainer meant to guide users through Facebook's policies -- reflecting the changes. It gave users seven days to weigh in on the draft.









Facebook casts the revisions to its policy documents as a non-event. It says the actual changes to its privacy policy happened six months ago, and that the current updates are simply intended to clarify them.

That clarity is freaking some members out. Many responded on Facebook's comment page with a wholesale rejection of the new terms. On the German-language version of the proposal, more than 32,000 Facebook members issued the same one-sentence protest: "Ich lehne die Änderungen ab."

That roughly translates to: "I reject the changes."

The provision drawing the most heat from commenters is a line describing what data applications can grab.

Facebook's current policy says: "When you use an application, your content and information is shared with the application." Its proposed revision amends that line to: "When you or others who can see your content and information use an application, your content and information is shared with the application."

The idea that apps your friends install can access your information disturbed many of Facebook's commenters. As one put it: "Strongly disagree -- why should I be dragged into apps my friends are involved with?"

You already are. Facebook's current terms allow apps to tap into all of the information that the app's users have access to, Facebook spokesman Andrew Noyes told CNNMoney.

The policy revision is intended to make that reality clearer to Facebook's users, he said. Those who want keep apps from sucking in their data can set granular controls on their "privacy settings" page on Facebook.

Facebook likes to emphasize the rule's benign intent. For example, an app called Gogobot uses Facebook check-in data that your friends have shared with you to map out where those you know have been. The feature is intended to help you find savvy locals to tap for travel advice.

But the changes have some users edgy about just how widely their personal information can be shared -- and about Facebook's incentives to push those boundaries.

"This is a significant acknowledgement that Facebook is focused on data collection, data storage and data sales, because that's where they make their money," says Sarah Downey, a privacy analyst at security software company Abine. "They're more accurately describing what they do."

Some of Facebook's other changes to the policy -- which was last updated almost a year ago -- accommodate its new features. For example, the word "profile" is now often replaced with "Timeline," Facebook's latest update to its profile pages.

The new statement also reflects the features Facebook has shut down. For example, language referring to Facebook Deals has been deleted, since Facebook scratched the deal program in August.

Another new provision makes it clear that Facebook can, in its sole discretion, disable some of its features for users in certain geographical areas. The change comes as Facebook and its social-networking peers grapple with heavy legal restrictions on their services in some countries.

Facebook hasn't set a date for when its revised policy will take effect. The company says it needs to sort through users' comments and concerns before finalizing the wording.