Facebook remains tied to a Federal Trade Commission (FTC) settlement that “prohibits the company from changing privacy settings without the affirmative consent of users or misrepresenting the privacy or security of users’ personal information”.
Indeed, as of November 2011, Facebook agreed to bi-annual privacy audits for two decades as part of its deal with the FTC. At the time the US watchdog said Facebook must be clear about changes to its website, including providing a “prominent notice” to users.
The social network was told it should obtain “express consent” before a user’s information is shared beyond any privacy settings already established by an individual connected to Facebook.
Arguably then, Facebook is failing to honour at least part of its agreement with the FTC: the website did inform all of its users of the plans in an email outlining the proposed tweaks. But it may have fallen down on the requirement to seek “express consent” for sharing data beyond the limits set in place by users. That said, the stateside regulator is yet to publicly express any disquiet about the company’s incoming privacy policy overhaul.
In contrast, here in Europe, the office of Ireland’s Data Protection Commissioner confirmed late last week that it was seeking “urgent clarification” from Facebook – whose European headquarters are in Dublin – about the changes.
via Data cops: Facebook privacy plans must be ‘modified’ • The Register.