Facebook Violates Canadian Privacy Law 179
Myriad and a number of other readers passed along the news that the Canadian Privacy Commissioner has made a determination that Facebook violates Canadian privacy law in four different respects. Canada has the highest per-capita facebook participation in the world — about a third of the population — according to coverage in The Star. The EU is also expressing similar privacy concerns, though Canada's action "represents the most exhaustive official investigation of Facebook privacy practices anywhere in the world," says Michael Geist. The CBC's coverage spells out the areas of privacy concern, in particular that nearly a million developers of Facebook apps in 180 countries have full access to the entirety of users' private data. Also of concern: Facebook holds on to your data indefinitely after you quit the site. The BBC notes that Facebook is working with the privacy commission to resolve the issues, and quotes a Facebook spokesman thus: "Overall, we are looking for practical solutions that operate at scale and respect the fact that people come to share and not to hide." (Schneier recently blogged about research on "privacy salience," and cited Facebook's practices among others' as practical examples of how social networking sites have learned not to push the privacy issue in users' faces.)
Easy data mining for 3rd parties (Score:5, Interesting)
Everybody seems to expect that Facebook has all this information, the issue is with applications/quizzes. By setting up some stupid quiz, you can collect contact and network data on everyone who fills it out. This could be used for everything from marketing research to "investigation" of various social/political groups.
Re:Draconian Laws (Score:5, Interesting)
Does anyone actually expect privacy from these networking sites anymore?
Yes many people do, not all countries believe so strongly in the market as the US and we often want restrictions put on businesses to keep our data the way we want it.
Besides, who puts something on Facebook that they _want_ to keep _private_?
People with friends, FB is not myspace (its not a site to go meet random people off the internet with) it's a site to allow friends (of varying levels of technical competency) to keep in touch and communicate. I put stuff i want my friends to see on my facebook profile that perhaps i don't want everybody in the world to know about! embarrassing pictures people take of me can be tagged on facebook, tbh i don't care if my mates see me passed out in a field but i sure as hell don't want everybody on the internet (including prospective employers) to see it. If i have a choice between
1)total privacy
2)a convenient way being able to organise events and nights out much easier at the expense of privacy.
I'm going to choose 2, however if that expense can be reduced then that is great.
Re:Draconian Laws (Score:5, Interesting)
Some people use Facebook to keep in touch with friends, not to post compromising pictures of themselves. Most Facebook profiles these days are only available to friends of the owner.
The apps thing has always bothered me about Facebook. The vast majority of apps are stupid and easy to ignore but there are a few interesting ones that I might use except that the only way to do so seems to be to give the free run of any and all personal information. Why did a game of Scrabble need to know anything more than my user number?
Re:Draconian Laws (Score:5, Interesting)
There's one thing that disturbed me about Facebook: I wanted to apply for a position there, but you need a Facebook account in order to do so. So why not ? You have to provide some personal information especially your birth date, which is illegal for a prospect employer to ask.
I understand the recruiters might not look actively look for your birth date, yet now it's there for them to look at, forever in their database.
Comment removed (Score:3, Interesting)
Facebook app privacy (Score:4, Interesting)
I'm assuming facebook gives this control to the app makers - but as we know - when you have an option and it is free then why not use it?
Facebook privacy not that bad! (Score:3, Interesting)
Unlike many slashdoters i feel the need to keep in touch with my friends outweighs the need to live in a basement with a tinfoilhot keeping my data (that nobody wants as anyway) private, so i do have a facebook account *gasp*. I have always taken care to keep my data private though, this is so that while i can tell my friends that im a racist, in-bread(hence all the spelling mistakes), thieving, crack addict, hopefully prospective employers will never know about it. It's surprising that facebook is in trouble now, because i was surprised at how well i can keep my data private while still using 3rd party apps. Originally there was no privacy on FB, then you could protect yourself from facebook themselves, but if you installed one bad app all your data goes straight to the CIA, now this page, that i noticed the other day in my regular app clean-up (how could i not accept an invite to pacman), allows you pretty granular control over your data, ranging from all your data (which some apps may use) to "name, networks, and list of friends", which I'm pretty happy to hand out.
Privacy is not black/white, i was never happy giving a stupid flash game developer access to all my information for whatever evil purposes they have, but tbh ill trade my list of friends and name (which they can surely indirectly get from my friends list of friends) for a stupid flash game anyday! I assume the problem the canadians have is that even without installing any apps, if all my friends do they get access to my name, my list of friends, my wall posts, photos of me taken by others and photos of others including me. Perhaps that will be the next push in the facebook privacy API, stopping friends from giving your data away?
Re:They prompt you (Score:5, Interesting)
I agree with that one, but what if you want to play chess with your friend? You should be able to do that without giving someone access to everything. Either the Facebook API doesn't support requesting limited rights, or a I have never seen an app that uses that capability.
Re:The answer is pretty simple (Score:5, Interesting)
In addition, they should review apps (not sure if they do this now or not, if they do their criteria are laughable) before allowing them on to the site...and part of their review of an app should include whether or not the app is asking for more information than it actually needs.
And for the love of God, instead of making every stupid little quiz a separate app, Facebook should maintain its own in-house developed "quiz app" and allow random idiots to submit quizzes to it. I'm tired of having to block every stupid quiz individually because they're all individual apps. This would also have the side effect of not needing to give all of your information to a random 14 year old so you can find out which Teletubby you are...your information would only be shared by the developer of the Quiz App (Facebook itself). Of course, this would only work in conjunction with the review process mentioned above, as any other quiz apps would be rejected by the review and the developers pointed to the Facebook Quiz App.
Facebook strikes me as a company with a lackadaisical approach to privacy and a generally lazy approach to the design and implementation of site features. It angers me that the site could be so much better than it is if someone at that company gave a damn about these things.
Re:Draconian Laws (Score:2, Interesting)
Re:Easy data mining for 3rd parties (Score:4, Interesting)
..to keep the noise in Facebook down to a minimum. This way I don't see any of the quizzes people want me to take..
little known facebook trick, is that if you hover over the notification, then click the x, you can select hide all from this application (also report as spam), a similar thing can be done when hiding friends who talk too much!
The "user beware" argument is faulty (Score:3, Interesting)
While many comments here are along the lines of... well then just don't use any apps. Or... just let the people who don't know any better, suffer the consequences of their ignorance. Etc. This is a faulty argument. If we always take the stance that no one should be protected from exploitation because of their ignorance then we will all end up in that boat.
Maybe you're so smart, you know better than to use Facebook at all or maybe just keep your personal info off it. But many people don't know this and Facebook actively encourages you to fill in and post as much info as possible.
Ok, you're too smart for Facebook. But are you overweight? Do you read the ingredients and nutrition info of everything you eat? Maybe we should allow restaurants and food companies to fill their products with trans-fats and all kinds of harmful but tasty chemical garbage, or exorbitant calories because well, if you're too stupid to read the ingredients or research the process to make the food- you deserve what you get.
Ok, maybe you are a conscientious eater and are careful of what you put in your body. You're too smart here. But do you use a cell phone? Maybe we should let cell phone makers create devices that emit tons of radiation and make all the cellphone users who are too stupid to research how much radiation their particular model of phone emits suffer the consequences of their stupidity.
Do you know the safety rating of your car?
Do you know the actual interest rates that payday lenders and/or your credit cards are charging you?
Etc, etc etc.
None of us are totally free of ignorance in every single area of our lives. User beware will bite all of us in the ass eventually. It needs to be a two way street. Buyers need to be aware and sellers need to be responsible for what they produce and how they treat their customers.
Re:Draconian Laws (Score:3, Interesting)
I'm not sure that privacy laws were written to protect the ignorant, so much as to protect the more savvy individual.
The guy who runs around bragging that he makes $200,000 a year deserves the parasites who hover around him. They KNOW he has money, because he told everyone. The guy who makes $80,000, and keeps it secret, can legitimately tell hopeful parasites to screw off, his money is none of their business.
Want to get more "personal"? The person who posts, "I'm a nubile teenage female, and I WANT TO GET LAID!" will have earned a lot of attention, and that is just what she will get. When she posts her real name, address, telephone number, etc - she can expect suitors, stalkers, worshipers - the entire range of people with varying responses to her announcement. Protect her? Why? She is getting what she wants.
Privacy laws are meant to protect those of us who wish to BE private, in my opinion.
Re:Draconian Laws (Score:3, Interesting)
Facebook made it's mark by being a place you could safely share things that were only meant for friends and family. It offered a place where you had some privacy and could put up pictures that you wouldn't put on the general internet. That was what made it go big. People who would never put their kids pictures up on a my myspace profile felt this was a safe way to share pictures with grandma.
It was all a big snow job, but still, that was how Facebook came to be big. Facebook users indeed came there to put things up that they wanted to keep private.
ONE THIRD of Canada on FB (Score:3, Interesting)
if Facebook doesn't have a Canadian legal entity, nor Canadian hosting, the answer is "who cares"? .... Just because there's users on FB from all around the world, it doesn't mean that FB has to abide by all countries' laws. If that were the case, the Internet would be a hobbled and useless mess.
You may be right about most things internet-wise. However, Facebook is an interesting case; fully one-third of the canadian population subscribes to FB (so a much more sizeable proportion of internet users), and thus the privacy commissioner is well within their mandate to ring alarms by whatever means necessary. The implications are enormous. .com.
The nature of Facebook's control over the personal information of our citizens means that if we don't have a clear legal means to manage privacy issues of our nation, the gov rightly feels a need to seek such means. I'm in favour of education over regulation, but something has to be done. I've been ranting about FB's ToS for years, but few seem to care. We have warnings on cigarette packages, for instance. That's a good idea.
If one third of Canada is engaged in a transaction from their own homes, saying that that is not business conducted in Canada rings a bit false, don't you think? It isn't a technical stretch to divide such major sites into country regions. Google, for instance, easily resolves my visits to google.ca based on IP, whereas facebook.ca redirects to the
As usual, the internet throws all former definitions of communication into doubt.