The Electronic Privacy Information Center, the Privacy Rights Clearinghouse, the Center for Digital Democracy, Consumer Watchdog, Patient Privacy Rights and U.S. PIRG sent a letter to regulators (PDF), asserting a new set of proposed changes will violate Facebook’s 2011 privacy settlement with the Federal Trade Commission (FTC).
The changes to Facebook’s Data Use Policy and Statement of Rights and Responsibilities would allow the company to “routinely use the images and names of Facebook users for commercial advertising without consent,” according to the privacy organizations.
According to Naked Security’s Lee Munson, Facebook’s previous statement said users could adjust their privacy settings “to limit how your name and profile picture may be associated with commercial, sponsored, or related content (such as a brand you like) served or enhanced by us.”
The new policy requires users to allow Facebook to “permit a business or other entity to pay us to display your name and/or profile picture with your content or information, without any compensation to you.”
According to the privacy organizations’ letter, the 2011 agreement with the FTC requires that, “prior to any sharing of a user’s nonpublic user information… with any third party, which materially exceeds the restrictions imposed by a user’s privacy setting(s)” Facebook “must make a ‘clear and prominent’ disclosure and obtain the ‘affirmative express consent’ of the user.”
If the new policy is approved, it will stand in clear contravention to that prior FTC order.
Another issue the privacy organizations feel is questionable is language that requires any minors signing up for the service to be somehow vetted by their parents. This would open minors back up to a level of exploitation that the 2011 order was in part expressly designed to guard against.