Risk
9/6/2013
01:07 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Facebook Postpones New Privacy Policy Rollout

After heavy criticism from users and privacy watchdogs, Facebook has delayed the date that controversial policy changes will take effect.

10 Facebook Features To Help You Get Ahead
10 Facebook Features To Help You Get Ahead
(click image for larger view)
Facebook has decided to delay its proposed policy changes after both users and privacy watchdogs denounced the updates.

"We are taking the time to ensure that user comments are reviewed and taken into consideration to determine whether further updates are necessary and we expect to finalize the process in the coming week," Facebook said in a statement. Facebook users submitted more than 10,000 comments to the blog post that announced the proposed changes last week.

The revisions to its Statements of Rights and Responsibilities and Data Use Policy clarify that by simply using the social network, users grant Facebook permission to use their name, profile picture, content and information in conjunction with ads and sponsored content without payment. It also explained how the social network uses facial recognition technology to identify you in friends' photos and to suggest they tag you.

[ How can your privacy settings protect you from nosy Facebook searchers? Read Three Facebook Privacy Settings to Check. ]

"We are able to suggest that your friends tag you in a picture by scanning and comparing your friend's pictures to information we've put together from your profile pictures and other photos in which you've been tagged," the policy reads.

Six privacy advocates, who fired off a letter to the Federal Trade Commission late Wednesday, were particularly outraged with Facebook's proposed handling of minors who use its site. According to Facebook's new policy, users under the age of 18 concede that at least one of their parents or legal guardians has also agreed to the terms on their behalf.

"Such 'deemed consent' eviscerates any meaningful limits over the commercial exploitation of the images and names of young Facebook users," the groups wrote. "The amended language involving teens -- far from getting affirmative express consent from a responsible adult -- attempts to 'deem' that teenagers 'represent' that a parent, who has been given no notice, have consented to give up teens' private information. This is contrary to the Order and FTC's recognition that teens are a sensitive group, owed extra privacy protections."

In an emailed statement to InformationWeek, a Facebook spokesperson said that a recent settlement -- in which the social network was forced to pay $20 million to resolve claims that it featured users' images in advertisements without payment or permission -- required the company to more clearly explain its policies and practices.

"We simplified the explanation to make clear how advertising works on Facebook and what exactly people can expect when it comes to how we use their name, profile picture, content and personal information," the statement said. The social network originally pegged September 5 as the day the changes would take effect.

Facebook did not specify a new date for when it will enact the new policy changes but said it will be "in the coming week."

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
David F. Carr
50%
50%
David F. Carr,
User Rank: Apprentice
9/6/2013 | 6:20:18 PM
re: Facebook Postpones New Privacy Policy Rollout
Good to see them thinking twice
moarsauce123
50%
50%
moarsauce123,
User Rank: Apprentice
9/7/2013 | 2:13:53 PM
re: Facebook Postpones New Privacy Policy Rollout
Delaying means not the same as changing their views. I think they asked their lawyers to gauge how successful lawsuits might be as well as product management as to how many users they will lose. Assuming that lawsuits are pointless it all comes down to how much more money they can make with less users. The changes will come and there will be still millions of dumb people who continue using FB.
KMBurnham
50%
50%
KMBurnham,
User Rank: Apprentice
9/9/2013 | 7:38:21 PM
re: Facebook Postpones New Privacy Policy Rollout
What's interesting is that Instagram, which was acquired by Facebook, tried exactly the same thing last year -- making changes to its policy to enable the use of user images in ads -- and users reacted in the same exact way.
OtherJimDonahue
50%
50%
OtherJimDonahue,
User Rank: Apprentice
9/10/2013 | 1:33:40 PM
re: Facebook Postpones New Privacy Policy Rollout
Yes, there was quite an uproar, as I remember.

It really does seem to cross a line. Yet ... I suspect FB will get what it wants eventually.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-5619
Published: 2014-09-29
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame.

CVE-2012-5621
Published: 2014-09-29
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.

CVE-2012-6107
Published: 2014-09-29
Apache Axis2/C does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

CVE-2012-6110
Published: 2014-09-29
bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.

CVE-2013-1874
Published: 2014-09-29
Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
In our next Dark Reading Radio broadcast, we’ll take a close look at some of the latest research and practices in application security.