Facebook introduced more features for users to easily increase the privacy of their personal information, last week, following prolonged criticism of changes it made in April.
Despite those moves, it is getting new scrutiny around the changes. US House of Representatives Judiciary Committee chairman John Conyers sent a letter to the company on Friday asking it to provide more details on what it has been doing to ensure user privacy.
A Pointedly Vague Letter
The letter, while brief, appears to directly address how Facebook is continuing to make some user data public by requirement, and more of it public by default. Facebook’s argument is that its aggressive, open approach to product development is what allows it to best serve users.
While the committee has not yet called for a hearing on Facebook’s privacy practices, the letter shows that the company has more convincing to do if it hopes to remove the risk of regulation entirely.
Here’s the relevant text of Conyers’ letter (via the raw story):
Specifically, we would appreciate a detailed explanation of the information about Facebook users that your company has provided to third parties without the knowledge of the account holders — particularly in circumstances in which the user did not expressly opt for this type of information sharing. Please explain your prior policies with respect to user consent for information sharing, and with whom any information was shared. Also, please detail how the new policies Facebook is adopting differ from past practices, including whether the burden is on the user to opt in or opt out of the relevant privacy settings.
Conyers is not specific, so we’re not sure which Facebook changes he’s referring to. Here’s what his letter seems to be pointing to.
In December, Facebook required all users to make some profile information public, including their name, profile photo, network and gender — a class of information that the company calls “General Information.” In April, it went further, asking all users to change previously-private interests into links to publicly-viewable Pages — but it allowed users to hide this information once again, last week. (See our full review of the latest changes, for more).
Facebook also introduced a service in April called “Instant Personalization,” where it shares General Information about users with pre-selected third parties without users’ explicit prior consent. This service launched to be opt-out by default — and it still is despite the changes.
The first sentence of the excerpt, above, appears to be about the nature of how Instant Personalization works, along with an allusion to the more general changes that Facebook made to General Information in recent months.
The second sentence appears to be about those general changes.
The final sentence appears to ask if the new changes impact Instant Personalization’s opt-out setting.
Charles Schumer and a few other senators have already criticized Facebook for Instant Personalization and for how it has made some user information public by requirement, and they echoed those criticisms despite last week’s moves. So, while vague, Conyers’ letter suggests he has been talking to critical congresspeople, privacy groups and other critics; there are other Facebook privacy issues that he could have referred to, but didn’t, such as how the social graph plugins work.
Facebook’s changes last week were meant to satisfy things like congressional inquiries, but Instant Personalization is still opt-out and General Information is still public by requirement. Conyers’ letter also comes across as loaded. He sent it to Facebook on Friday, after the company announced the changes on Wednesday and even held a Capitol Hill session on Thursday explaining them to House and Senate congresspeople and staffers. He knew about the changes and knew what had not been changed.
The company’s response to the letter, in any case, is that “we are continuing to have discussions with all the relevant authorities and we will be answering their questions.”
Facebook’s Last Big Privacy Battle… For Now?
Facebook believes that the best way to serve its users is to provide a more open service. It has successfully done so since the company launched as a completely closed network for students on a university network, six years ago, despite criticism from some users, privacy groups and politicians.
The site has around 500 million users now, and Facebook says it has seen no meaningful traffic drop due to any privacy issues now or in the past due to other changes. The contested features have not been documented to cause damage to users, at this point.
The company, in other words, has a lot of evidence that it can show to defend its current products. But it will be explaining itself to at least some congresspeople who are already coming across as skeptical.
Facebook chief executive Mark Zuckerberg spent most of Wednesday walking major media outlets through the latest privacy protections it has put in place, and answering pointed questions about how it has approached the issue. The resulting coverage, along with closer analysis, has tended to provide a more positive view of Facebook’s approach than in previous weeks.
But those opposed to Facebook’s changes are off to a stronger start in Washington, DC.
Zuckerberg said last week that it was done making significant privacy changes for the foreseeable future. Assuming all other factors continuing as they are now (i.e. no traffic drop from users getting fed up), government inquiries could make for its last big battle in the ongoing saga of Facebook privacy changes.
Whether or not Facebook thinks it has arrived at the proper privacy settings for users, public criticism and the risk of regulation have forced it to stay steady where it is — and could even force it to backtrack.