Facebook privacy unrest rumbles on

Filed Under: Data loss, Facebook, Privacy, Social networks

Ilse Aigner
Hot on the heels of a Sophos poll revealing that 95% of you disapprove of Facebook's proposed changes to its privacy policy, there appear to be signs of growing public grumpiness about Facebook's plans.

German Consumer Protection Minister Ilse Aigner has written an open letter to Mark Zuckerberg, CEO of Facebook, expressing her concern that the site is showing a lax attitude to data protection.

Facebook continues to try and defend itself by saying that it will give users the ability to "opt-out" of sharing their personal data with third-party sites, but that isn't cutting much mustard with Ilse Aigner (or me for that matter).

As you'll see in Ilse Aigner's letter which I've included below, she actually threatens to quit the social networking site unless Facebook sees the light.

Facebook should be asking users to make the conscious choice to share their personal information with others, rather than having to make a conscious decision to decline.

And anti-Facebook sentiment appears to be growing in Germany. Overnight it was reported that the Federation of German Consumer Organisations (VZBZ), an umbrella group of 42 different associations representing consumers, is unimpressed with the privacy changes too.

They agree with me that Facebook should have to ask its users to "opt-in" everytime it wants to pass personal information to third parties rather than "opt-out". Furthermore, they're calling on German Facebook users to quit the site unless it does a U-turn.

Here's the text of Ilse Aigner's open letter to Facebook CEO Mark Zuckerberg:

Dear Mr. Zuckerberg,

I was astonished to discover that, despite the concerns of users and severe criticism from consumer activists, "Facebook" would like to relax data protection regulations on the network even further. Your current privacy policy states that in future user data is to be automatically passed on to third parties. These parties are supposed to comprise previously vetted operators of websites and applications. Anyone who does not want this to happen must take action themselves and use the opt-out function.

I use the Internet every day, both professionally and privately, and am a member of several social networks, including Facebook. Social networks are an enrichment and it is difficult to imagine our lives without them. Networks such as Facebook link millions of people across national boundaries, and it is for this very reason that particular importance must be attached to protecting privacy. As you know, I, in my capacity as Federal Minister of Consumer Protection, am striving to ensure that personal data on the Internet is protected. Private information must remain private - I think that I speak for many Internet users in this respect. Unfortunately, Facebook does not respect this wish, a fact that was confirmed in the most recent study by the German consumer organisation "Stiftung Warentest". Facebook fares badly in this study. Facebook was graded as "poor" in respect of user-data policy and user rights. Facebook also refused to provide information on data security - it was awarded a "5" (= poor) in this category as well.

It is therefore all the more astounding that Facebook is not willing to eliminate the existing shortcomings regarding data protection, but is instead going even further. Decisions such as this will not engender trust in an enterprise in the long term.

I expect Facebook to revise its privacy policy without delay.

  • Facebook must ensure that the personal details of all members are subject to a high level of protection.
  • Planned amendments to its terms of use must be communicated to all users in a clear and straightforward manner prior to the amendments being made.
  • Personal data is not allowed to be automatically passed on to third parties for commercial purposes without consent. Private data may only be passed on and used for commercial purposes with the consent of the persons involved. Enterprises such as Facebook bear a particular responsibility due to the fact that users, in particular young users, are not aware that their personal profiles are to be used for commercial purposes.

Should Facebook not be willing to alter its business policy and eliminate the glaring shortcomings, I will feel obliged to terminate my membership.

Yours sincerely

<img src="http://sophosnews.files.wordpress.com/2010/04/ilse-signature1.jpg" title="Signature of Federal Minister Ilse Aigner" alt="Signature of Federal Minister Ilse Aigner"

Ilse Aigner
Federal Minister of Consumer Protection

I wouldn't like to be one of the folks at Facebook trying to justify their privacy policy right now.

If you are on Facebook and want to keep yourself informed about the latest news from the world of internet security and privacy you could do a lot worse than become a Fan of Sophos on Facebook.

By the way, it's interesting to compare Facebook's approach to privacy with some of its rivals.

, , ,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.