Instagram updates privacy policy, inspiring backlash

Users are concerned over how their photos could end up in advertisements on Instagram, and possibly Facebook

Users and critics are growing concerned over privacy rights after Instagram recently posted online changes to its terms of service and privacy policy. The new Instagram rules aren't set to go into effect until January 16, but users are concerned over how their photos could end up in advertisements on Instagram, and possibly Facebook, Instagrams parent company. This latest privacy flap highlights, once again, the continuing tension between privacy concerns and using a free service that lets you connect with others across the globe.

User-supported advertising

Instagram's new terms of service, under the heading Rights, says the following: To help us deliver interesting paid or sponsored content or promotions, you agree that a business or other entity may pay us to display your username, likeness, photos (along with any associated metadata), and/or actions you take, in connection with paid or sponsored content or promotions, without any compensation to you.

In short, advertising you already see on Facebook, such as an ad showing a friend who liked a certain product on Facebook, is headed to Instagram. And Instagram photos may also end up being used for ads on Facebook.

It's not clear what form these ads might take. I'm guessing that if, for example, you take a photo of a can of Coca-Cola, Instagram could then let the Coca-Cola Company pay for that photo to feature prominently in your follower's streams or on Facebook.

Instagram's current terms, set to be replaced on January 16, also imply that your photos could be used for advertising: You hereby agree that Instagram may place such advertising and promotions on the Instagram Services or on, about, or in conjunction with your Content.

Facebook already uses your name and profile picture for advertising, but the social network does allow you to opt out of using your likeness for advertising in its privacy settings.

Ads aren't ads, unless they are

Perhaps more concerning is that ads using Instagram photos don't necessarily have to be identified as ads. You acknowledge that we may not always identify paid services, sponsored content, or commercial communications as such, point three of Rights under Instagram's updated terms say.

Hey, kids: You said your parents said it's OK

In a moment of let's cover our butts legalese, Instagram also says that anyone under 18 who is using Instagram is assumed to be doing so with their parents permission. And, as such, their information can be used in an ad. If you are under the age of eighteen (18) represent that at least one of your parents or legal guardians has also agreed to this provision (and the use of your name, likeness, username, and/or photos (along with any associated metadata)) on your behalf, Instagram's new terms say.

Users react

Instagram announced the upcoming policy changes on its blog and it didn't take long for users to take to their Tumblr accounts to criticize the changes. The photo-sharing network claims the new terms would allow Instagram to function more easily as part of Facebook, and help fight spam and detect system and reliability problems more quickly.

The end of my Instagram account, said Tumblr user Lee Djinn. Deleting IG on 31 December 2012.

They [Instagram] inserted language giving them the rights to sell your photos for use in advertisements without notifying or paying you, or getting your permission, complained Tumblr user Kenny Vee. And theres no opt out other than to delete your account by January 16th.

Alright, Instagram, nice to have known you! Bye, bye! Not angry, because youre about to sell the pictures of users, but angry about that you dont even ask, said Peter Burger.

What does Instagram now having the right to sell OUR photos have to do with safety or with avoiding spam? Absolutely nothing, said another Tumblr user, reacting to the changes.

The reaction to Instagram's new terms is reminiscent of a change Facebook made in 2009 to its terms of service. That change, critics said, gave Facebook ownership over user data for advertising and other purposes. Facebook's 2009 terms debacle sparkedwidespread outrage and a complaint with the Federal Trade Commission. The social network eventually retracted its policy changes and instituted a new site governance method that gave users the right to vote on Facebook site policies.

Ironically, Instagram's controversial new policies are a direct result of Facebook's recently revised terms that removed user voting on site policies.

Join the CSO newsletter!

Error: Please check your email address.

Tags Instagramsecuritysocial networksSocial networking softwareprivacyFacebook

More about FacebookFederal Trade Commission

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ian Paul

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place