Facebook Privacy Policy Improved After Advocacy Group Crusade

Published November 1, 2009

Facebook users have a new tool at their disposal after the firm came under pressure from the American Civil Liberties Union.

The Northern California chapter of the ACLU created a Facebook application that allows users to see how seemingly harmless third-party Facebook quizzes can violate their privacy.

“I applaud the ACLU,” said Berin Szoka, a senior fellow and director of the Center for Internet Freedom at the Progress and Freedom Foundation in Washington, DC. “They have brought public pressure on this company, and the company has responded.”

Trojan Quizzes

The ACLU pointed out how third-party Facebook quizzes can trick users into divulging their religion, sexual orientation, political affiliation, photos, wall posts, and the online groups they belong to.

The ACLU is especially concerned the companies creating these quizzes may sell the data they get from users to marketers and other entities.

The ACLU’s well-publicized deployment of its Facebook application, along with growing concerns by Canadian Privacy Commissioner Jennifer Stoddart over Facebook’s privacy policies, helped lead the Silicon Valley company to release a new set of privacy controls.

“It’s clear that privacy issues are top of mind for Facebook, and yet we found serious privacy gaps in the way the site operates,” Stoddart said.

‘Market Is Working’

Szoka says this case shows how organized public pressure is better than more government intervention and regulation in the American technology sector.

“We should remember that Internet companies like Facebook operate within a dynamic environment, which is complicated and changing,” Szoka said. “Public pressure and advocacy group action like this show that the market is working here.”

Szoka adds, though, that groups such as the ACLU, which organize the public, need to understand all their privacy demands sometimes simply cannot be met.

“On some level, the problem Facebook has is the more they improve privacy controls, the more sophisticated their system becomes—and then they will get attacked for creating privacy controls that nobody can understand and use,” Szoka said.

“On the other hand, if they create something too simple, they will get attacked for not having enough privacy controls,” Szoka added. “It is ‘damned if you, damned if you don’t.’ Consumers are different, and each has different values. Many privacy controls may be especially important to one consumer but not to the other,” Szoka said.

Private-Sector Responsiveness

Even so, Szoka believes public pressure is better at regulating and improving America’s technology sector than oftentimes crude and imprecise government regulations.

“At the end of the day, I just want Facebook—working with the public—to be deciding questions of privacy,” Szoka said. “This is fundamentally about who is capable enough to make decisions that protect us.

“I do not trust government bureaucrats, who usually issue one-size-fits-all regulations that affect everybody’s Web site and everyone’s application,” Szoka said.

Thomas Cheplick ([email protected]) writes from Cambridge, Massachusetts.