Privacy advocates opposed to new privacy regulations at Facebook are attempting to get the attention of the U.S. Federal Trade Commission, according to a complaint filed Thursday on behalf of the Electronic Privacy Information Center and several allied groups.
"These changes violate user expectations, diminish user privacy, and contradict Facebook's own representations," the complaint says of Facebook's new regulations, which push more content public, and make even more data available to third-party applications and advertisers. EPIC's goal is to force Facebook to restore the old settings and add additional controls for members.
"We've had productive discussions with dozens of organizations around the world about the recent changes, and we're disappointed that EPIC has chosen to share their concerns with the FTC while refusing to talk to us about them," a retaliatory statement from Facebook read. "We're pleased that so many users have already gone through the process of reviewing and updating their privacy settings, and are impressed that so many have chosen to customize their settings, demonstrating the effectiveness of Facebook's user empowerment and transparency efforts. Of course, the new tools offer users the opportunity to decide on privacy with every photo, link, or status update they wish to post, so the process of personalizing privacy on Facebook will continue."
It's one thing when Facebook users start complaining about new features that they deem excessively creepy--just look at the outrage that surrounded the News Feed, now a mainstay of the site, when it launched in 2006.
It's a bigger fish entirely when government regulatory bodies get involved, particularly the FTC, which has major sway over the advertising and marketing industries. It was only when privacy groups flagged concerns about Facebook's Beacon advertising program two years ago that participating advertisers started to pull out amid bad publicity. A class action settlement over the Beacon program was resolved recently.
Since then, Facebook hasn't had a privacy-related debacle on the same scale. Much of the philosophy behind Beacon was baked into its Facebook Connect universal log-in tool, which shares information from third-party sites on Facebook profiles and lets users log into other sites with their Facebook credentials. But with the public-relations pitch geared toward making the entire online experience easier for users (fewer passwords to remember, no more registration headaches) rather than helping advertisers exploit social-networking channels, the debut of Facebook Connect wasn't subject to the same scrutiny.
The controversial new privacy standards at Facebook have been a long time coming, considering the fact that the social network started to publicly set the groundwork nearly six months ago with a series of announcements about modified privacy controls. It's clear that the company was trying to avoid the sort of press bloodbath that came after the debut of Beacon.
That didn't happen. Facebook has already backtracked on one component of its new privacy regulations, one which made users' friends lists publicly available. It's unclear as to how much EPIC's coalition, not to mention the FTC, will prioritize this most recent controversy.
Behind Facebook's traditional willingness to make tweaks and modifications to new features and products, if they spark some kind of concern among government regulatory bodies or marketers, is a fight that the company will not give up easily. What it all comes down to is that Facebook's once-watertight log-in wall--remember the time that representatives mulled banning a blogger who'd posted Facebook-hosted photos publicly?--is getting in the way of the social network's potentially central role in one of the digital world's crazes du jour, searchable real-time information.
Search companies have been announcing big deals to pull Facebook status messages and Twitter tweets into results, and the media business has gone nuts over the potential to harness the "real-time Web."
Facebook, dependent on advertising revenues and still looking to expand its base of more than 350 million users, obviously wants in on this. But if it doesn't have enough status messages, shared links, and other information pulled into search results, it stands a chance at losing ground to the much-smaller Twitter--already the top name, in terms of a massive, searchable clearinghouse for up-to-the-minute information.
Plus, there are marketers and advertisers for Facebook to consider: more search results equals more page views and more ad revenue, and more public information on users' profiles means more ways for the advertising industry to reach them. But if those same marketers and advertisers are the ones pressuring Facebook to change course, in terms of user privacy, it could cause some friction between the social network and the businesses that have finally begun to accept it as a choice destination for their ad dollars.
Now EPIC is alleging to the FTC that Facebook's new regulations can be outright dangerous: "Dozens of American Facebook users, who posted political messages critical of Iran, have reported that Iranian authorities subsequently questioned and detained their relatives," an item in the complaint reads. "Under the revised privacy settings, Facebook makes such users' friends lists publicly available."
That's not good PR for Facebook, which has repeatedly pitched itself as a destination for open dialogue and grassroots organization across zones of political and ethnic conflict.
Whether you want to target politicians, your employers, or companies that have done you wrong, there are a variety of sites across the Web that will help you voice your complaints. But beware that not all of them will actually solve those problems.
Lodge your complaints
Anonymous Employee Those having trouble at the office should try out Anonymous Employee. The service allows you to create a user name and password without requiring an e-mail address. After that, you can input the name of your employer, the person you want to contact, and the issue you want to make them aware of. Anonymous Employee automatically sends the message to the recipient without identifying you.
Unfortunately, Anonymous Employee was buggy and at times, it took too long to send a message. That said, I was impressed by the number of options it offered, including complaints about age discrimination, harassment, or wrongful termination. Once it fixes those bugs, Anonymous Employee will be an even more compelling service.
Anonymous Employee keeps you private when you make issues public.
(Credit: Screenshot by Don Reisinger/CNET)Better Business Bureau The Better Business Bureau site is one of the best places to lodge complaints. Right from the home page, you can access the organization's complaint tool, which allows you to take issue with your vehicle, your cell phone carrier, a product or service outside of those two categories, or a charity. After inputting information about yourself, you can describe your issue on the site. It's then filed with the Better Business Bureau and investigated.
The Better Business Bureau wants to know the nature of your complaint.
(Credit: Screenshot by Don Reisinger/CNET)CongressMerge If you're unhappy with what's going on in your state, CongressMerge can help you out. The site provides you with a search field to find all of your elected representatives. Once you find the politician you want to contact, it gives you a listing of all their phone numbers, a map to their office, and even their fax number so you can be sure to get in touch with them. You can also check out your elected representatives' voting records on the site. It's a great way to find all the means of communication you need to have your voice heard in the political process.
CongressMerge helps you contact your representative.
(Credit: Screenshot by Don Reisinger/CNET)
The Federal Trade Commission is planning to crack down on bloggers who review or promote products while earning freebies or payments, the Associated Press reported Sunday.
This would, for the first time, bring bloggers under FTC guidelines that ban deceptive or unfair business practices.
"New guidelines, expected to be approved late this summer with possible modifications, would clarify that the agency can go after bloggers--as well as the companies that compensate them--for any false claims or failure to disclose conflicts of interest," the article explained.
The rules could be quite strict, even extending to the practice of affiliate links--for example, a music blogger who links to a song on Amazon MP3 or iTunes that earns an affiliate commission in the process.
The practice of free products for bloggers, most of whom are not bound by ethical guidelines that journalists have historically followed, has been making headlines for some time now. Microsoft, for example, created a wave of bad press a few years ago when it gave free Acer laptops preloaded with Windows Vista to several dozen bloggers.
Some companies have sprung up around the whole notion of blogger compensation and giveaways. The AP article mentions some of the marketing companies that have made a business out of offering bloggers incentives--free trips, products, gift certificates, or outright payments--for coverage. One of them, Izea, has been generating controversy in the tech press since it started PayPerPost.
Izea says that it requires bloggers to disclose what they've gotten paid for or what they've received for free. But with the proposed FTC guidelines, if a blogger fails to disclose a freebie or payment, both Izea and the blogger could be held responsible. The FTC could also take issue with the fact that for at least one promotion, Izea has said it avoided including bloggers who would be likely to give the company negative press.
Izea CEO Ted Murphy wrote in a blog post Monday that the company supports stricter FTC regulations for bloggers.
"The companies that should be worried about these changes are those that have no standards and no way to enforce disclosure," Murphy wrote. "We have invested millions of dollars creating systems that allow us to automate transactions and verify standardized disclosure."
But some bloggers, the AP article mentioned, are concerned that the FTC's efforts could go too far, possibly generating probes into posts that were written without any compensation, and possibly leading bloggers to post with more restraint. And some believe it would be better if bloggers created their own standards based on niche and industry.
Then there's this: does the FTC realize just how many small-time bloggers are out there? Championing business ethics is a worthy goal, but, um, good luck getting much done when there are hundreds of thousands of blogs out there and new ones popping up more or less daily. Ever heard of the expression "herding cats?"
This post was updated at 11:37 a.m. PT with comment from Izea.
WASHINGTON--A first principle of Internet regulation is that what's routinely done in the offline world should be OK when done online. A second principle is that if a company discloses that it's going to do something like review your search history when displaying ads, and then follows through, that should be permitted.
Keep these principles in mind when evaluating some of the overheated proposals bubbling up during the Federal Trade Commission's two-day meeting this week about online privacy.
Here are two ideas that have been floated:
Creating a "Do Not Track" list. The proposal from groups agitating for more government regulation (click for PDF of the proposal) says that Congress should create a committee (that these same groups would be members of). They want the FTC to create a national Do Not Track list, and advertising companies that set cookies would be "required" by law to give the FTC the addresses of their servers. Browser plug-ins--perhaps to be created by the feds--would block ad servers on that list.
A formal investigation. The Center for Digital Democracy and the U.S. Public Interest Research Group are lobbying the FTC to investigate Google, Microsoft, AOL, and Yahoo's data collection practices. They want a new FTC task force created (PDF), an inquiry into target marketing by Facebook and MySpace.com, and a look at "the role of behavioral targeting and online advertising in the promotion and sales of sub-prime mortgages."
But is asking for new Internet advertising regulations truly wise--or even necessary?
The pro-regulation lobbyists and activists are most upset about behavioral advertising, meaning computer-generated ads that are based on pages a visitor previously viewed. Someone who spends a lot of time reading a newspaper's Asia travel articles may see ads for trips to China even when perusing sports scores. Quelle horreur!
Yes, this is the unmitigated privacy Chernobyl that the U.S. government is being asked to protect America from.
Let's go back to these first principles. Although the term is new, storefront businesses have used behavioral advertising for thousands of years. If you went to your neighborhood butcher a century ago, he'd know what cuts of meat your behavior indicated you like and offer relevant suggestions. If a nearby bookstore owner knew your behavioral profile meant you prefer a certain type of fiction, you'd probably be delighted if he offered a relevant suggestion.
That type of real-world behavioral marketing can even be more intrusive than its Internet counterpart. Humans gossip; ad servers don't.
But let's say for the sake of argument that Web sites may collect more information about you than a traditional bookstore owner does. Clicks can be recorded, shopping cart additions and deletions can be noted, and so on.
That brings me back to the second principle of Internet regulation: Privacy practices that are disclosed should be permitted. Take a look at Amazon.com's policy, which is far more clear than it was years ago. Yahoo's privacy policy is also perfectly straightforward:
When you register we ask for information such as your name, email address, birth date, gender, ZIP code, occupation, industry, and personal interests... Yahoo! uses information for the following general purposes: to customize the advertising and content you see, fulfill your requests for products and services, improve our services, contact you, conduct research, and provide anonymous reporting for internal and external clients.
Nobody's holding a gun to Internet users' heads and forcing them to visit Amazon or Yahoo. They do it because they trust those companies to take reasonable steps to protect their privacy. To insist that the feds must step in because a few vocal lobbyists and activists don't like those steps should be insulting to Americans: it suggests that they're too simpleminded to make their own decisions about what's best for them and their families. (It's similar in principle to price regulation, when special-interest lobbyists insist that prices are too high or too low and must be altered by legislative fiat.)
What makes this an even sillier debate is that there already are a wealth of ways to accomplish "Do Not Track" without the feds. This is the third principle of Internet regulation: If technology exists to solve a perceived problem, it's probably better to encourage its use rather than ask federal agencies for more regulations or demand that the techno half-wits in Congress draft a new law. (Remember, Ted "Tubes" Stevens was for years the senator in charge of writing Internet regulations. And he's still the senior Republican on that committee.)
If you don't want 24/7 Real Media or Doubleclick to be able to identify when you visit one Web site and then another, it takes only a few seconds to block their cookies. Firefox offers an excellent way to refuse cookies from individual sites. The Adblock Plus plug-in even lets you avoid ads. AOL now lets you opt out of "tracking cookies" and the Network Advertising Initiative has long allowed users to opt-out of targeted advertising from companies including 24/7 and DoubleClick.
If the lobbyists and activists behind the "Do Not Track" list--including the Consumer Federation of America, the Center for Democracy and Technology, and the World Privacy Forum--want to create a browser plug-in that tracks advertising-related servers and automatically blocks them, they should. They don't need to beg the FTC or Congress to do it for them. And it would likely be far faster (and the outcome better) than asking Sen. Stevens and the rest of official Washington to regulate companies doing business on the Internet.
[Full disclosure: I'm speaking at the FTC's event on Thursday and Friday in Washington.]
Google launched a privacy channel on YouTube Wednesday with videos explaining its privacy policies. The move comes on the eve of a two-day Federal Trade Commission-hosted town hall event on behavioral ad targeting to be held in Washington, D.C.
In a Google video titled "Google Search Privacy: Plain and Simple," a Google support engineer draws on a whiteboard, explaining what type of information is collected by Google servers, such as IP address and cookie data, when you conduct a Google search.
A video on Google's privacy channel explains the basics about the company's privacy practices. This screenshot shows a whiteboard drawing of the type of log data Google keeps when someone conducts a Web search.
(Credit: Google)"In future videos, we'll talk about why Google keeps logs, what information we record when you're signed into a Google account, and steps you can take to increase your privacy when surfing online," a description under the video says.
Another video shows Peter Fleischer, Google's Global Privacy Council, speaking at the 29th International Conference of Data Protection and Privacy Commissioners in Montreal in September. But you'll have to speak French to understand that one.
An entry on the Google Public Policy Blog announces the privacy channel and says that those speaking at the town hall meeting will include Tim Armstrong, Google's president of North American advertising and commerce; Nicole Wong, deputy general counsel; and Jane Horvath, senior privacy counsel.
"This is the first time since 2000 that the Commission has taken an industrywide look at online advertising practices, and given the recent acquisitions in the space by Google, Microsoft, Yahoo, AOL, and others, it's a good time to explore the privacy implications of new ad technologies, and in an industrywide way," writes Google Policy Counsel Pablo Chavez.
He was referring to recent acquisitions of online ad companies, including Microsoft buying aQuantive, Yahoo acquiring Right Media and Blue Lithium, and AOL's buying Tacoda. But it's Google's proposed purchase of DoubleClick that has provoked the most concern.
Privacy advocates are worried about the threat posed if Google were to marry its Web search data with data collected by DoubleClick's online display advertising technology. While approval for the proposed Google-DoubleClick merger is pending in the U.S. and Europe, Australia has given it the OK.
Google has increasingly been turning to videos on YouTube to explain its policies and even how to use its products. For example, there is one on Google adding new cities to its Street View map service.
- prev
- 1
- next
