Social Networks

Subscribe to Social Networks

The Article 29 Working Party (WP29) yesterday published an opinion on facial recognition in online and mobile services.  The WP29 states this technology requires “specific attention” as it presents “a range of data protection concerns”. 

The opinion focuses on facial technology being used in three main contexts: identifying people in social networks; authenticating and verifying users to control access to services; and categorising individuals, e.g., in the gaming context to enhance the user experience, allow/deny access to age-related content, or to display in-game targeted advertising. 

The opinion places a heavy emphasis on the need to obtain the informed consent of individuals prior to processing their data in connection with facial recognition technologies.  Perhaps of most interest to social networks and the public, is the conclusion that facial recognition should not be used to automatically suggest names of people who are not registered users of social networks for the purpose of tagging them in photographs.

Continue Reading Facial Recognition Opinion Targets Social Networks, Authentication Services and Games Consoles

Last week, the FTC announced that it has agreed to end its 18-month investigation of Facebook’s privacy practices, with a settlement that involved a twenty-year compliance plan and specific steps to formalize privacy within Facebook’s organization.  Though the proposed settlement, which will now be open for public comment, has met with a range of reactions, what we’re hearing most are questions about what the development means for the rest of the industry.

In its investigation, the FTC focused on a number of privacy practices that it claimed were misleading.  For example, the agency looked at changes that Facebook made to its privacy practices in 2009 that the FTC alleged led to changes in the privacy status of certain information.  The FTC also argued that Facebook hadn’t done enough to explain to users when their information might be shared with apps by their friends and how Facebook handled deletion of information.

In settling these charges, Facebook didn’t agree to these allegations or admit that it violated the law.  Instead, the company explained in a blog post that it signed the agreement to formalize its “commitment to do the things we’ve always tried to do and planned to keep doing — giving you tools to control who can see your information and then making sure only those people you intend can see it.”  Facebook also said that it agreed to “embrace [the FTC’s] ideas” about how it could enhance its internal privacy practices.

So what lessons can you take from the Facebook agreement if you’re not Facebook and aren’t directly obligated to comply with its terms?

Continue Reading Facebook’s FTC Agreement: What Does It Mean For Me?

Last week, U.S. District Judge Richard Seeborg dismissed a putative class action against Facebook alleging that the company violated users’ rights of publicity by using their names and pictures for its Friend Finder service.  The Judge concluded that the class failed to demonstrate that they suffered any injury as a result of the service.  The Judge

Following a public comment period that began in March of this year, the Federal Trade Commission has accepted as final a settlement with Google relating to the social network “Buzz” product that was launched in 2010.  (For more details about the Buzz product and its launch see Inside Privacy’s prior post, here).  As the Commission’s press release states, “The settlement resolves charges that Google used deceptive tactics and violated its own privacy promises to consumers when it launched its social network, Google Buzz . . . .”

The Commission voted 4-0  to approve the settlement, which imposes numerous requirements on Google, including:

Continue Reading Google Buzz FTC Settlement Accepted

The Federal Communications Commission has adopted rules implementing the Protecting Children in the 21st Century Act. Like the Act, the FCC’s rules require elementary and secondary schools that have applied for discounted Internet access services through the FCC’s E-rate program to certify that the school’s Internet safety policy provides for the education of minors about appropriate online behavior

Over the past few weeks, online publishers have seen regulators’ focus on privacy in the social media context reach the boiling point.  Just this week, Politico reported that FTC Chairman Jon Leibowitz confirmed in a letter to Sen. Mark Pryor that “FTC staff are carefully monitoring the privacy and security issues associated with social networking sites.”  Sen. Pryor, who chairs the Consumer Protection Subcommittee of the Senate’s Committee on Commerce, Science, and Transportation, had expressed concern about privacy and security issues in the context of social media apps, and so we expect that social media privacy issues will play a key role in forthcoming online privacy legislation.  (We’ve posted Sen. Pryor’s letter to Leibowitz here.)

The announcement of the FTC’s focus on social networking comes on the heels of the FTC’s highly publicized settlement with Google over its Buzz product, which Erin Egan reported on earlier this year and was just approved by the court last weekAccording to FTC blogger Lesley Fair, the agency alleged that consumers “weren’t adequately informed that certain information that had been private — including the people they chatted with or emailed most often — would be shared publicly by default.”

For other online publishers, the headline from the Google Buzz settlement is the requirement that Google implement a comprehensive “privacy by design” program across all of its products.  In a recent speech, FTC Consumer Protection Bureau Chief David Vladick pointed to this aspect of the Google settlement as a key shift in the agency’s expectations for social media providers generally.  In fact, the FTC has announced that it wants the privacy by design provisions of the Google settlement to “serve as a guide to industry.”  Privacy by design programs, it said, are a “good idea for all companies” and should be “flexible and scalable.”

Continue Reading Regulators Take Aim at Social Networking Privacy