Facebook hit with class action over privacy changes
Recent modifications result in more information being shared by default, complaint alleges
Computerworld - A class action lawsuit has been filed against Facebook over changes that the social networking site made to its privacy settings last November and December.
The lawsuit, filed in U.S. District Court for the Northern District of California, alleges that the modifications have in reality reduced privacy protections for Facebook users rather than increasing it, as the company had claimed it would.
"Changes to the privacy settings that Facebook implemented and represented to increase User privacy had the outright opposite effect of resulting in the public dissemination of personal information that was originally private," the lawsuit claimed.
Facebook's messaging around the changes were "misleading, confusing and disingenuous," said the lawsuit, which seeks unspecified monetary damages from the company.
A Facebook spokesman insisted that the company had taken all the right measures to inform users about the changes, citing the recent modifications.
"We are confident that the transition process begun more than a month ago was transparent, consistent with people's expectations, and well within the law," said Facebook director of policy communications Barry Schnitt in an e-mail.
"Specifically, the announcement and education campaign by Facebook around the changes was unprecedented in its scope. Any recommended changes to a person's privacy settings were clearly shown to them repeatedly and were not implemented until they accepted these changes," Schnitt said.
He added that people who use the transition tool are required to review their final settings and receive instructions on how to further customize or revise their changes.
The changes referred to in the lawsuit were made by Facebook as part of what it said was an attempt to give users greater control over their personal data.
As part of the revamp, Facebook introduced a privacy configuration wizard to allow users to set their privacy preferences. The company said the revisions would make it far simpler for users to set their privacy preferences and enable them to make more informed choices concerning the use of their personal data.
However, the lawsuit, which was filed by five Facebook users on behalf of all Facebook users, alleged that the company's modifications have only resulted in more personal data being pushed out to the Internet while making privacy options even harder to exercise.
Prior to Facebook's modifications last year, the only personal information that was available by default via public search was the user's name and the networks that the user belonged to. Users had the option of deciding whether they wanted other pieces of information, such as their photos an friend listings, available publicly the lawsuit said.
However, after the revision, the information that Facebook makes publicly available by default includes user names, photos, friend's listing, the names of any organizations and products that a user might support, as well as geographic data and other information.
In total there are at least 29 privacy settings spread out over numerous Web pages that users need to contend with, the lawsuit alleges. "The privacy setting procedures are grossly ineffective and users are misled into allowing Facebook to having their personal information easily accessed for commercial use, exposing them to identity theft, harassment, embarrassment, intrusion and all types of cybercrime," it says.
The revisions also caused privacy settings to default to a setting allowing more personal information than before to now be available to third-party application developers and search engines such as Google, the complaint alleged.
The one-click option that users had available previously for controlling third-party access to their personal data has been replaced by a more complicated opt-out process, and even then there is no realistic option for restricting third-party access to personal information, the suit says.
The complaints in the lawsuit echo concerns expressed by several privacy advocates immediately after Facebook announced its revamp. In a blog post, the Electronic Frontier Foundation f warned that the ostensible privacy changes were intended to push more user data out by default rather than less.
"The Facebook privacy transition tool is clearly designed to push users to share much more of their Facebook info with everyone, a worrisome development that will likely cause a major shift in privacy level for most of Facebook's users, whether intentionally or inadvertently," EFF wrote.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Privacy in Computerworld's Privacy Topic Center.
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- Gartner Magic Quadrant for Application Security The market for application security testing is changing rapidly. Technology trends, such as mobile applications, advanced Web applications and dynamic languages, are forcing...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Privacy White Papers | Webcasts