Federal Trade Commissioner Julie Brill didn't spare Facebook in her speech opening a forum on Data Privacy Day — even though the event was live-streamed by the social network, in conjunction with the National Cyber Security Counsel.
"Reasonably safeguarding consumer information is critical to a trusted online marketplace," Brill said in her keynote, elaborating how it's not enough for companies to have privacy and security policies — those polices have to be enforced. "Our enforcement actions in the privacy area are also a call to industry to put important privacy principles into practice. Facebook and Google learned this the hard way." (Read the full transcript of Brill's speech here.)
Coordinated by the non-profit NCSA, Data Privacy Day "is an annual international celebration designed to promote awareness about privacy and education about best privacy practice." Here in the United States, the day was observed via a Facebook Live, which streamed Brill's keynote speech, as well as two panel discussions featuring representatives from Facebook, Comcast, eBay, MasterCard WorldWide and government agency representatives.
Learning about privacy the "hard way" Brill referred to is, it seems, subjective. The Facebook case Brill was talking about was the recent settlement between the Federal Trade Commission and the social network, stemming from a massive privacy rollback Facebook forced on its users in 2009.
The FTC said Facebook "deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public."
As part of the settlement, Facebook is now barred "from making any further deceptive privacy claims." It also requires "that the company get consumer's approval before it changes the way it shares their data, and requires that it obtain periodic assessments of its privacy practices by independent, third-party auditors for the next 20 years."
As we noted at the time, the settlement does not require that Facebook restore the privacy settings it rolled back in 2009, which led to the FTC investigation. Much user information is still widely available to the public — as well as to Facebook's businesspartners — by default. If you want more privacy, you need to "opt-out," otherwise your info is out there for anyone to see.
As for Google, Brill wasn't talking about the search giant's most recent privacy kerfuffle, but the Google Buzz incident of 2010. Google Buzz, you may or may not recall, was the pre-Google+ attempt to launch a social network. The weak privacy settings that left user information publicly available by default resulted in lawsuits and last year's settlement with the FTC.
Among other things, the FTC "charged that Google did not adequately disclose to users that the identity of individuals who users most frequently emailed could be made public by default," Brill said. "Like Facebook, Google settled our complaint. And like Facebook, Google is also required to implement a comprehensive privacy program and to obtain periodic assessments that will examine how well the privacy program is put into practice."
Google's Monday announcement about privacy changes could put it back in the FTC's hotseat, however —the company plans a single privacy policy for many products to "maintain, protect and improve" its more-than-70 services. That's good for Google, because it can build a more detailed user profile for targeting ads. That's not so good for users, because you can't opt out of any of Google's services. So if you're on Gmail, you're on Google Wallet, YouTube and Picasa and everything else, too.
Like Facebook, Google settled the FTC's complaint. And like Facebook, Google is also required to implement a comprehensive privacy program and to obtain periodic assessments that will examine how well the privacy program is put into practice. Google is collecting your information in one giant file, and there's no way to opt out.
As Ars Technica's Casey Johnston recently noted, "Facebook has been tiptoeing over that line for years, and occasionally returning to the other side, recanting. But Facebook is a service predicated on sharing information with others." All the information Facebook has, Facebook users gave willingly.
"Google, on the other hand, has made itself essential with free services like YouTube and Gmail," Johnston writes. "The cost of dropping off Facebook is increased difficulty in stalking your peers, plus nagging questions about why you don't have Facebook. The cost of dropping off Google is, often as not, moving your entire online system for managing communication and information in multiple media elsewhere."
Sounds like Google, at least, is in for the agreed-upon "periodic assessments that will examine how well the privacy program is put into practice." What better day to plan, than Data Privacy Day?
More on the annoying way we live now:
- 7 signs we're living in the post-privacy era
- Google's privacy policy change: What the fuss?
- How to live with the Facebook Timeline (because you have no choice)
Helen A.S. Popkin goes blah blah blah about privacy and then asks her to join her on Twitter and/or Facebook. Also, Google+. Because that's how she rolls.