Facebook legal skirmish highlights user privacy risks

Facebook deciding to clarify its privacy policy under legal pressure demonstrates the unavoidable risks associated with sharing personal information on a social network.

On Thursday, Facebook notified users of its plans to change its data use policies in settling a class-action lawsuit. The plaintiffs in the complaint argued Facebook had violated their right to control the use of their names and profile pictures by using them to promote advertisers' products and services.

On Monday, a federal judge approved a $20 million fund set up by Facebook to settle the suit. In addition, Facebook was ordered to change its privacy policies to give users a better understanding of, and control over, how their information is used with advertisers.

The revised policies would state that in joining the site, the user is agreeing to "permit a business or other entity to pay us to display your name and/or profile picture with your comment or information, without any compensation to you."

The legal skirmish raises the question whether people and businesses can expect Facebook, or any other for-profit social network, to place their privacy above increasing revenue? The answer is no.

[Also see: Facebook report on government data requests a reminder there is no privacy]

"They're going to continue to push the limits on what people allow them to do because that benefits them," IDC analyst Scott Strawn told CSOonline. "And they'll continue to do that until something stops them."

That approach to user privacy, which can lead to infringements, is why Internet companies such as Facebook and Google can provide free services, they say. The strategy also pays for future innovation.

In agreeing to accept those services, people are accepting the risk that how their information is used will change as companies look for more profits. "The technology changes and the use of the data may change, [which] may be problematic in some circumstances at some point in the future," Strawn said. "It's hard to quantify and fully understand what those risks might be."

If users believe a company has crossed the privacy line, then the courts are often the only way to rein in the use of personal data.

Read more about data privacy in CSOonline's Data Privacy section.

Tags: applications, security, software, lawsuit, data protection, Facebook, Data Protection | Data Privacy, privacy

Hundreds of medical professionals targeted in multi-state tax scam

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

ZENworks® Endpoint Security Management

Get Powerful Protection for All of Your Mobile Devices

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).

  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.