The social network has agreed to settle FTC charges that it misrepresented how it protected its community members’ personal information. If the settlement proposal is enforced, the site will no longer be allowed to misrepresent its privacy policies and is required to put a comprehensive privacy program in place. It also faces biennial privacy assessments for the next two decades.
Every Myspace profile is assigned a unique identification number, or Friend ID. Profiles contain information like a person’s name, age, gender and other details that could be used to identify them.
The FTC claimed the partly Justin-Timberlake-owned Myspace provided Friend IDs of those who were looking at particular pages on the site to advertisers. Advertisers may have used those IDs to track down personal profiles and view those users’ personal information, including, in many cases, their full names.
Meanwhile, the FTC cites Myspace as claiming that it complied with the U.S.-EU Safe Harbor Framework. This is a measure that lets U.S. companies legally transfer data from the European Union to the States. Myspace allegedly said it provided community members with information on how their personal information will be used and the option to opt out, as stated under the framework’s principles. However, the FTC said these statements were untrue.
The settlement between Myspace and the FTC is subject to a 30-day period where members of the public and other parties can submit comments for consideration. After that period ends on June 8, the FTC will decide whether to finalize the proposed consent order. Once such an order is in place, it’s enforceable by law and each violation can result in a $16,000 fine.
Myspace did not respond to a request for comment.
Transparency is important for Web communities. If the likes of Myspace, Facebook, Path, and Google aren’t being completely open with how they're handling members’ personal details, it’s difficult for people to trust them.
Photo by Iain Farrell