Archive for the ‘Facebook’ tag

No Ads, No Games, No Gimmicks

leave a comment

Prior to its $19 billion acquisition by Facebook in February, WhatsApp promised subscribers three things: no ads, no games, no gimmicks.  For the past five years, WhatsApp prided themselves on operating a simple, practical messaging service that protected user’s privacy by not accessing their data for advertising and profit-generating purposes.  WhatsApp enjoyed enormous success under this model, drawing approximately 450 million subscribers since its introduction. Facebook’s acquisition of WhatsApp turned heads because of the stark contrast in how the two companies handle user privacy and data protection. Facebook is notorious for having a profit model built on accessing user data for monetary gain, and has become a figurehead for those opposing data collection practices in the wake of the NSA leaks. On March 6, 2014, privacy advocate groups EPIC (Electronic Privacy Information Center) and CDD (Center for Digital Democracy) filed a complaint with the Federal Trade Commission to block the deal until Facebook provided further details on how it would use data acquired from WhatsApp subscribers.  These groups are seeking a court order enjoining Facebook from implementing future changes to WhatsApp’s privacy policy, claiming that a change in the policy to advocate user data collection would be an unfair and deceptive business practice on the part of Facebook.  The complaint states that, “WhatsApp users could not have reasonably anticipated that by selecting a pro-privacy messaging service, they would subject their data to Facebook’s data collection practices.” Facebook has repeatedly assured that it will not change WhatsApp’s privacy policy and will allow WhatsApp to function as a separate business entity. However, Facebook made similar assurances following their $1 billion acquisition of Instagram in April 2012.  Facebook then amended Instagram’s privacy policy and incorporated the data from Instagram users into their business profit model.  It’s unclear whether WhatsApp can continue its success under the ownership of Facebook.  Recent events have put user data collection under intense public scrutiny.  With endless messaging alternatives available, WhatsApp’s continued future success may hinge on Facbeook's management of user privacy.

Written by

March 19th, 2014 at 10:37 am

Posted in Commentary

Tagged with , , ,

Welcoming Social Media Evidence into Family Law Cases

leave a comment

Family law is an area of law that is not typically mentioned in the same breath as technology. However, as internet use becomes increasingly pervasive, the separation between family law and technology is rapidly shrinking. Internet use, and social media use more specifically, is now frequently being introduced as evidence in family law cases. Unfortunately, judges presiding over family law matters—particularly custody disputes—have been inconsistent in their review of social media evidence. In cases regarding custody and parental rights, trial courts have broad discretion to determine best interests of the child. In all states, there are various factors to be looked at to determine make a best interest determination. It has become apparent that evidence from social media sites like Facebook can be persuasive in the consideration of many different factors. In Lalonde v. Lalonde, a Kentucky Court of Appealsallowed the admission into evidence of Facebook photos of the mother in a custody dispute consuming alcohol. The judge held that the fact that the photos were uploaded by a friend of the mother’s and then tagged—versus being uploaded by the party herself—did not effect the photos admissibility. Further complicating matters is the fact that the child’s use of social media in custody cases can have an effect on the judgment. Trial courts have held that both parents must be allowed a weekly review of a teenage child’s Facebook and that simply creating a social media profile for a child is not a reason to modify a custody award. The growing importance of social media evidence is quickly becoming apparent to family law attorneys. Practitioners are now advising their clients to curtail their use of these sites so as not to provide courtroom fodder. In addition to providing practical advice to clients, attorneys will need to understand how social media evidence is being used in order to provide comprehensive representation.  

Written by

April 5th, 2013 at 2:52 pm

Posted in Cases,Legal/Tech News

Tagged with ,

No Harm, No Foul?

leave a comment

On October 5th, Facebook moved to dismiss allegations that it tracked users’ online activity after they logged out of the social network, because the users failed to show how they were harmed. This allegation of secretive-tracking-post-logout is the central claim of the $15 billion class action suit filed against Facebook on the eve of the company’s much-maligned IPO. Facebook’s litigation strategy in this case - In re Facebook Internet Tracking Litigation - appears to be based on the line of argument oft utilized with much success at the summary judgment stage in tracking cases (and privacy cases generally), that the plaintiff is not able to show how interception and collection of personal information/browsing history results in a cognizable or economic harm. But while gathering information about how a person uses the Internet, typically for purposes of enabling behavioral advertising, may not result in a substantial economic injury (as currently conceived), there is an intuition that harm is nonetheless present in this type of practice. A recent study out of Berkeley illustrates the obvious: Most Americans are uncomfortable with the collection of data about their online activity. Yet, those weirded-out or, possibly, legitimately harmed by the collection of personal information/browsing histories are currently not finding help when they turn to the courts for protection of their privacy concerns. The FTC seems to be making a concerted effort to reign in the use of tracking – note its $22.5 million settlement with Google; but also note that the Google settlement turns on the fact that Google misrepresented its policies and practices regarding its tracking cookies. Blatant misrepresentations aside, tracking of individuals by private companies remains the status quo. Maybe this is all just fine. It may be perfectly acceptable for a person’s activity to be monitored in order to improve her Internet experience through customization – maybe behavioral advertising should cause online shoppers to rejoice for streamlining the consuming process. Or it might be that online tracking is simply unavoidable, in the sense that it’s merely a cost of entry – privacy-as-causalty of the Internet age, as Senator Franken would say. Perhaps it’s needed to keep the Internet  free – or perhaps it’s not. Regardless of whether the act of monitoring and collecting information about online behavior is mostly beneficial or mostly problematic, those who find that the practice makes them uneasy – and judging by prevailing public opinion as well as the frequency and volume of lawsuits filed because of tracking, many are uneasy – will not be afforded relief by the legal system until new ways to conceive of and formulate the harm done by this type of monitoring are proposed and accepted. The questions remain how exactly to go about doing this, and whether the only way to possibly do so in an effective and comprehensive way is via new legislation. Until those questions are answered, we can enjoy prescient online ads while living with the knowledge that Facebook knows more about us than the majority of our Facebook friends.

FTC cracking down on privacy policies: Myspace, Google, & Facebook

leave a comment

Last September the FTC filed a complaint against Myspace for alleged violation of its privacy policy. Myspace had told users it would not provide personal information about them without first getting permission. However, Myspace had been giving advertisers information about its users who were viewing particular pages on the website. It provided unique ID numbers of certain users to advertisers so advertisers could then access publicly available personal information. The personal information included a profile picture, username, age, gender, and full name. Some profiles also contained more photos and information about hobbies, activities, and friends. Myspace denied the allegations claiming it followed the U.S.–E.U. Safe Harbor Framework.  Myspace maintained it gave consumers notice of what it was doing and gave users the choice to opt-out. The FTC alleged these statements were false and the two settled this May. Myspace has agreed to implement a comprehensive privacy policy and be subject to independent privacy assessments every other year for twenty years. The settlement was finalized September 11, 2012. The FTC cracked down on Myspace as part of its mission to make sure companies are keeping their privacy promises to consumers. The FTC had similar settlements with Facebook and Google last year.  This August, the FTC also announced that Google agreed to pay a $22.5 million fine.  Google agreed to the fine in order to settle allegations that it had secretly tracked web activity of Apple Safari users in violation of an earlier settlement.  This will be the FTC's largest civil penalty yet. With privacy issues on every social media users' mind, the FTC is doing their best to protect users.  David Vladeck, director of the Bureau of Consumer Protection of the FTC, hopes this penalty "will force Google to have a better sense of what’s going on.”  And maybe it will force other companies to do the same.

Written by

September 20th, 2012 at 12:14 pm

Instagram Acquisition: Not So Insta(nt)

leave a comment

Just over a month after Facebook's widely-reported acquisition of Instagram for one billion dollars, there are strong signals that the purchase may be delayed by the FTC.  Although Facebook's CEO (and majority shareholder) Mark Zuckerberg was able to single-handedly approve the deal without consulting the company's Board of Directors, he does not have control of the Federal Trade Commission, and a deal won't be ratified unless the federal agency approves the purchase. As reported by the New York Times, the FTC is investigating whether the acquisition of Instagram by Facebook would raise antitrust problems.  The deal is still expected to go forward, but could certainly be delayed by the government regulators.

Written by

May 16th, 2012 at 7:43 pm

Posted in Legal/Tech News

Tagged with , , ,

Netflix to Join Facebook Feed

leave a comment

Netflix may now be able to use Facebook to further alienate its consumers while pursuing a lucrative revenue stream. The House amended the Video Privacy Protection Act (VPPA) to relax written consent requirements for sharing information on movie rentals. This opens the door to Netflix having a Spotify-like presence on Facebook feeds and finally lets me see how many of my Facebook friends truly appreciate “The Room.” The House’s vote, which was surprisingly more contentious than anticipated and attracted a bit of money, is an important step in changing our strict consent requirement (written consent required for every disclosure) for the sharing of video rental information. The amendment allows for continuous consent obtained on the Internet, while still asking for it to be “informed, written consent.” It requires such consent to be distinct and separate from other legal or financial obligations. This means consent need only be established once on the Internet, though it can be revoked. The full text is here, and will take longer to load than to read, and does not tell us how consent on the Internet is actually achieved. The amendment has a startling lack of the words “opt-in” or “opt-out” along with any requirement of notification due to change in company policy. The bill looks like an opt-in regime (it still asks for “informed written consent”) that will require notification of change of significant policy, but it does not address the political divide around these words. Of course, given our propensity for opt-out schemes, I could be reading this completely reasonably but incorrectly. One representative (Hanna, R-NY) explains his reasoning that the amendment “clarifies” current consent law, requiring an “opt-in” but allowing an “opt-out” at any time. Privacy advocates are skeptical of this change, bringing serious concerns over the loss of meaningful information privacy control. Mark Rotenberg of EPIC (the main opposition to this amendment) claims this destroys the right to meaningful consent. He reads the amendment as diminishing user's control over their own personal information. The Center for Democracy and Technology was less condemning in its responses, suggesting this to be considerably less important than other privacy issues Congress should be tackling. The CDT also points out that the original VPPA is a high-water mark for privacy legislation, and any degradation of it will be taken as a general attack on privacy. Members of Congress were more concerned about their own personal problems rather than their constituents' problems. One concern that lurks in the background is that the amendment allows “consent” to be defined as “check/uncheck this box to continue on to your normal Netflix experience, and by the way we are sharing your information with all your Facebook friends and/or anyone that asks.” The actual concern might not be that ridiculous, but there is definitely a knee-jerk reaction here to the thought that this purportedly “opt-in” amendment will still allow an automatic enrollment in the service until you opt-out. Without thinking about the history of opt-in/opt-out, the statutory language potentially precludes that by requiring consent to be given in a context free of other legal and financial obligations. Still, it's easy to remember Spotify's rather unchallenged entrance into Facebook as feeling like this, considering how we were all mystified when people started asking about our seemingly endless love for Kate Bush (YouTube). This is not a minor concern, but it is also not something we give companies complete freedom to do. The FTC sent clear signals to social media sites and advertisers that dramatic changes to privacy policies concerning personal information will not be acceptable without some sort of new consent. Facebook just got in a whole heap of trouble for this sort of thing, and is subject to privacy audits and requirements of privacy “opt-ins” from users for substantial changes to policy. It also just closed comments on another privacy enforcement action with a behavioral advertising company, ScanScout, that used “flash cookies” in a rather deceptive way. The proposed ScanScout consent order requires strict notification and meaningful opt-out requirements, resembling to some degree the FTC’s proposal for Do Not Track legislation or regulation. Netflix, Hulu, Amazon Instant, iTunes, and other "rental" services should be well aware of the problems they can run into and the broad power of enforcement the FTC is exercising, which will surprise no one if they start investigating abuses in an area of newly reduced privacy. The FTC involvement in major industry problems is forcing the industry to take more accountability in hopes of avoiding run-ins with the FTC and reducing the need for regulatory action. Much of the principles centers on either notice before a practice starts (looking more like an opt-in) or a pervasive reminder of a service (looking like the elusive “meaningful opt-out”). While the FTC might only be able to go after the big fish, industry standards reflective of the FTC's position seem to be taking hold. In the end, I think this bill is “ok” and will not have the negative and destructive effects that Rotenberg implies. An individual’s consent can still be revoked, and it’s difficult to see this practice taking everyone by surprise. If it did, the FTC might have some further words with Mr. Zuckerberg about their prior agreement. While I’d like to see our politicians more directly confront what we expect from our privacy regime, I’m more comfortable letting the FTC experts, industry players, and privacy advocates come to a consensus on what “works” before Congress tells us what aspect of privacy is most important or opens the floodgates of private litigation.

Written by

December 12th, 2011 at 6:11 am

FTC and Facebook Close to Privacy Settlement

one comment

The Wall Street Journal, which first reported  the impending settlement, is reporting that Facebook and the Federal Trade Commission are close to a settlement over alleged deceptive practices with respect to several Facebook features, including its privacy settings.  Under the settlement agreement, Facebook will be required to make all future privacy changes "opt-in," requiring Facebook to obtain its users' express consent before making information that's already on the site available to a wider audience than previously intended.  The settlement wont explicitly dictate how Facebook must obtain user consent for new features in the future, but it will require Facebook to agree to independent privacy audits for the next 20 years. This settlement is by no means unprecedented territory.  In March 2011, the FTC imposed similar conditions in a settlement with Google over Google's rollout of its "Buzz" Social Network.  In June 2010, the FTC also imposed similar conditions for privacy issues on Twitter.  Jeff Chester, executive director of the Center for Digital Democracy, says that this is all part of a balancing act Facebook must do in order to settle the privacy complaints before its IPO.  The people briefed on the settlement, who spoke on condition of anonymity because the FTC commissioners have not yet approved the settlement, said that although a settlement is close, it was unclear how long it would take to complete the deal. Despite Facebook's popularity, with more than 800 million active users, the company's privacy woes go back several years.  The settlement addresses issues raised in several complaints the FTC has received, including from groups like the Electronic Privacy Information Center (EPIC) and Electronic Frontier Foundation (EFF).  The settlement also focuses directly on privacy changes that Facebook made in December of 2009.  In December, critics argued that Facebook, under the guise of simplifying privacy settings and increasing awareness of Facebook's privacy setting controls, exposed information that could previously be made private by its users, including profile photos, gender, friend lists and current city. Facebook also removed the ability to opt out of some features.  The problem that many users and privacy advocates had with Facebook's changes was the fact that some of Facebook's recommended changes urged users "to share everything with everyone—pretty much the polar opposite of what most people would want to do."  After the public outcry prompted by the company's December 2009 privacy changes, Facebook in May 2010 decided to limit the amount of information users were required to make public, and restored the ability to opt out of certain tools. There are some that argue that privacy and social networks are inherently incompatible, that social networks are designed to share information with others.  So before you post that comment about how much you hate your job or how obnoxious your boss is, perhaps you should think about who that message might be shared with.  And then there are others who argue that the settlement, although a step forward for the privacy rights of Facebook's users, does not do enough to secure the long term privacy rights of the company's users.  As for Mark Zuckerberg, the Facebook co-creator and CEO is banking on society's propensity to willingly share information online about every aspect of our lives.  In fact, during Zuckerberg's 2011 keynote speech at Facebook's yearly conference, F8, Zuckerberg introduced several new features planned for Facebook, such as Timeline, meant to facilitate the exponential expansion of shared information.  One user, in response to the new features, tweeted the following message to the tune of "Every Breath You Take" from the Police:  "Every single day Every word you say Every game you play Every night you stay I'll be watching you." So, where do you stand?

Search the Blog