Font Size: 
Privacy Advocates Target Facebook
Complaint filed with FTC pressures the site to revise privacy settings
The National Law Journal
December 21, 2009
A coalition of privacy advocates has filed a complaint with the Federal Trade Commission, urging the agency to investigate Facebook's revised privacy settings.
The nation's largest social networking site, which has more than 100 million users in the United States, changed its privacy policy and settings on Nov. 19 and Dec. 9. The new settings expand the amount of user information that is publicly available.
In the Dec. 17 compliant, Washington, D.C.-based nonprofit Electronic Privacy Information Center (EPIC) and nine other groups charge that Facebook's policies are unfair and deceptive, and violate Section 5 of the Federal Trade Commission Act.
"The company should not be allowed to turn down the privacy dial on so many American consumers," said EPIC executive director Marc Rotenberg in a statement.
Rotenberg himself is a member of Facebook -- from the information publicly available on his page, users can see his photo and the pages he's linked to, which range from Muji products to the U.S. Chess Center to Al Gore.
Facebook now considers gender, lists of friends, geographic regions and networks to which members belong to be public information. According to Facebook, that means this information can be accessed by "every application and website, including those you have not connected with."
Before the changes, only name and network were mandatory public information.
"These changes violate user expectations, diminish user privacy, and contradict Facebook's own representations," according to the complaint. "EPIC urges the Commission to investigate Facebook, determine the extent of the harm to consumer privacy and safety, require Facebook to restore privacy settings that were previously available as detailed below, require Facebook to give users meaningful control over personal information, and seek appropriate injunctive and compensatory relief."
Facebook in a statement responds, "We're disappointed that EPIC has chosen to share their concerns with the FTC while refusing to talk to us about them ... We discussed the privacy program with many regulators, including the FTC, prior to launch and expect to continue to work with them in the future."
Facebook's general counsel is Ted Ullyot, previously a partner at Kirkland & Ellis who also served as former Attorney General Alberto Gonzales' chief of staff. The company in the past has turned to Fenwick and West for corporate work.
EPIC has gotten results from the FTC in the past. For example, the group in 2004 complained about the deceptive practices of data broker Choicepoint. The FTC opened an investigation, and two years later, the company paid $15 million in penalties and consumer redress to settle the case.
Earlier this year, EPIC urged the FTC to investigate Google and "cloud computing." The FTC agreed to review the complaint, stating that it "raises a number of concerns about the privacy and security of information collected from consumers online."
Still, some privacy law experts are skeptical about the Facebook complaint. "The FTC's jurisdiction is to investigate unfair and deceptive practices," said Hogan & Hartson partner Christopher Wolf, who represented Choicepoint. "I'd be surprised if the changes in policy, as well publicized as they've been, and given the choices that consumers have, would rise to level of the kind of false and deceptive practices that FTC has previously taken enforcement action against."
When Facebook introduced the privacy settings on Dec. 9, Elliot Schrage, vice president of communications, public policy and marketing, said in a statement that the changes would allow users "to personalize the audience for each piece of content they share… We've always designed Facebook to enable people to control what information they share with whom."
The revised privacy settings feature a new "Publisher Privacy Control," which lets users now control who sees each individual piece of content.
A spokeperson from the FTC declined comment on pending litigation, but acknowledged the agency had received the complaint.
Along with EPIC, the complaint was brought by the American Library Association, the Center for Digital Democracy, the Consumer Federation of America, FoolProof Financial Education, Patient Privacy Rights, Privacy Activism, Privacy Rights Now Coalition, the Privacy Rights Clearinghouse, and the U. S. Bill of Rights Foundation.
Jenna Greene can be contacted at jgreene@alm.com.
Subscribe to The National Law Journal
