Facebook hit with class action over privacy changes
Recent modifications result in more information being shared by default, complaint alleges
Computerworld - A class action lawsuit has been filed against Facebook over changes that the social networking site made to its privacy settings last November and December.
The lawsuit, filed in U.S. District Court for the Northern District of California, alleges that the modifications have in reality reduced privacy protections for Facebook users rather than increasing it, as the company had claimed it would.
"Changes to the privacy settings that Facebook implemented and represented to increase User privacy had the outright opposite effect of resulting in the public dissemination of personal information that was originally private," the lawsuit claimed.
Facebook's messaging around the changes were "misleading, confusing and disingenuous," said the lawsuit, which seeks unspecified monetary damages from the company.
A Facebook spokesman insisted that the company had taken all the right measures to inform users about the changes, citing the recent modifications.
"We are confident that the transition process begun more than a month ago was transparent, consistent with people's expectations, and well within the law," said Facebook director of policy communications Barry Schnitt in an e-mail.
"Specifically, the announcement and education campaign by Facebook around the changes was unprecedented in its scope. Any recommended changes to a person's privacy settings were clearly shown to them repeatedly and were not implemented until they accepted these changes," Schnitt said.
He added that people who use the transition tool are required to review their final settings and receive instructions on how to further customize or revise their changes.
The changes referred to in the lawsuit were made by Facebook as part of what it said was an attempt to give users greater control over their personal data.
As part of the revamp, Facebook introduced a privacy configuration wizard to allow users to set their privacy preferences. The company said the revisions would make it far simpler for users to set their privacy preferences and enable them to make more informed choices concerning the use of their personal data.
However, the lawsuit, which was filed by five Facebook users on behalf of all Facebook users, alleged that the company's modifications have only resulted in more personal data being pushed out to the Internet while making privacy options even harder to exercise.
Prior to Facebook's modifications last year, the only personal information that was available by default via public search was the user's name and the networks that the user belonged to. Users had the option of deciding whether they wanted other pieces of information, such as their photos an friend listings, available publicly the lawsuit said.
However, after the revision, the information that Facebook makes publicly available by default includes user names, photos, friend's listing, the names of any organizations and products that a user might support, as well as geographic data and other information.
In total there are at least 29 privacy settings spread out over numerous Web pages that users need to contend with, the lawsuit alleges. "The privacy setting procedures are grossly ineffective and users are misled into allowing Facebook to having their personal information easily accessed for commercial use, exposing them to identity theft, harassment, embarrassment, intrusion and all types of cybercrime," it says.
The revisions also caused privacy settings to default to a setting allowing more personal information than before to now be available to third-party application developers and search engines such as Google, the complaint alleged.
The one-click option that users had available previously for controlling third-party access to their personal data has been replaced by a more complicated opt-out process, and even then there is no realistic option for restricting third-party access to personal information, the suit says.
The complaints in the lawsuit echo concerns expressed by several privacy advocates immediately after Facebook announced its revamp. In a blog post, the Electronic Frontier Foundation f warned that the ostensible privacy changes were intended to push more user data out by default rather than less.
"The Facebook privacy transition tool is clearly designed to push users to share much more of their Facebook info with everyone, a worrisome development that will likely cause a major shift in privacy level for most of Facebook's users, whether intentionally or inadvertently," EFF wrote.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Privacy in Computerworld's Privacy Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Mobile Applications Case Study: 8 Billion Transactions a Day The story documents how the online brokerage company tradeMONSTER created a custom mobile app and the success gleaned from this initiative. Also covered...
- Who's afraid of the big (data) bad wolf? Survive the big data storm by getting ahead of integration and governance functional requirements This paper provides a detailed review of the best practices clients should consider before embarking on their big data integration projects.
- Understanding big data so you can act with confidence Automating information integration and governance and employing it at the point of data creation helps organizations boost confidence in their big data.
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Mobile Apps and Devices Slash Customer Cycle Time Consolidated Engineering Laboratories' field employees used to collect data on triplicate forms that were sometimes hard to read and difficult to manage. After... All Privacy White Papers | Webcasts