This afternoon Facebook posted an update to their blog regarding the viral note circulating around the web about third-party ad networks. According to their post, the company is concerned about the user experience and so far they have shut down two ad networks (as we have previously written) and have forced some ad networks to remove the deceptive ads previously in question. The most important component of their blog post is as follows:
The advertisements that started these rumors were not from Facebook but placed within applications by third parties. Those ads violated our policies by misusing profile photos, and we already required the removal of those deceptive ads from third-party applications before this rumor began spreading.
We are as concerned as many of you are about any potential threat to your experience on Facebook and the protection of your privacy. That’s why we prohibit ads on Facebook Platform that cause a bad user experience, are misleading, or otherwise violate our policies. Along with removing ads, we’ve recently prohibited two entire advertising networks from providing services to applications on Facebook Platform because they were not compliant with our policies and failed to correct their practices.
While the post clearly explains how Facebook attempts to monitor the platform, there is no clarification as to their policy about how third-party ad networks use your images in advertisements. As I’ve written twice already, modifying your ad settings (as described in the original download squad article and the viral note spreading around Facebook) will not remove your photos from third party ad networks.
While Facebook is clearly concerned about the users’ experience with their platform, the company is in a challenging position of determining how to manage this issue. Preventing ad networks from using user images all together will be an overly aggressive action. Extending the privacy settings so that third-party ad networks are forced to check the privacy setting when displaying an ad is costly to Facebook in terms of development and costly to ad networks in terms of ad display processing overhead.
Right now Facebook has a terms of service in place that should protect users (including limitations on data caching, and limits on how ads are displayed). You can read more about the company’s ad guidelines here. One thing that doesn’t appear to be listed in the terms is how user images can be used in advertisements.
I’ll have to do some more digging to see if there is any clarification of that anywhere in the terms. So far I have not found any clarification and as far as I’m aware, third-party ad networks currently don’t have restrictions on which friends are displayed in ads. I’ve reached out to Facebook for clarification and am waiting to hear back.
I’ve spoken to Facebook and they’ve made some relatively strong statements, the most important of which was that ad networks “need permission from the owner of whatever photo they use.” That means unless an ad network asked for permission to use your image, they can’t use it. Additionally, here are the policies that are applicable according to Facebook:
- The data section of the platform guidelines indicates that just because a developer gets access to user data doesn’t mean that they can use it
- Developers are not allowed to pass user data they get from FB to ad networks.
- Apps cannot break the law, and there are rights of publicity issues that come into play here. Facebook is granted permission in the terms to use a user’s photo in an ad but this permission does not extend to developers or ad networks.
- Not doing anything misleading (indicating a user has taken a quiz when they haven’t is misleading)
The only question I have now is when did any ad network on the Facebook platform ever ask for permission to use my photo or anybody else’s?
As I recall from over a year ago, the main loophole in this system is that the majority of users’ photos are publicly accessible via Google. That means ad networks have the capacity to view some of your friends and their photos via crawling the public version Facebook.