Facebook has a colourful history with privacy.
As it’s pretty much the de facto social network, people pay an overwhelming amount of attention to its privacy policies. This, after all, is the company that lends out your users’ age, phone numbers and addresses to app developers. It also has a facial recognition system for photos.
And your friends can check you in to places without asking you.
Here’s a short trip down the bumpy Memory Lane on Facebook’s privacy mishaps and policies.
Some third-party Facebook applications were at fault in a really big data leak that fed some users' personal info to advertisers and analytics platforms in May 2011.
Internet security company Symantec notified Facebook about the trouble.
People obviously love tagging themselves in Facebook photos, but what happens when a computer tags you on your behalf?
Using facial recognition software, Facebook was able to tag automatically tag users in photos without their confirmation. Obviously this ruffled some feathers, and the Electronic Privacy Information Center filed this complaint. But none were as bothered as the European Union, so Facebook deactivated the feature and deleted its data for users in that region.
Many third-party app developers naturally have cause to need data points like your name, age, and gender. But when Facebook expanded its developer API to include access to users' phone numbers and addresses in January 2011, people didn't take it lightly.
This feature is still in place.
Facebook was on the hook for a $US20 million settlement of a lawsuit claiming it used subscribers' names without their permission to advertise products in its sponsored stories (ads).
The case was settled last year by paying affected users $US10 each.
The relevant paragraph from this article:
'Facebook now discloses personal information to third parties that Facebook users previously did not make available,' EPIC said in its complaint. 'These changes violate user expectations, diminish user privacy, and contradict Facebook's own representations. These business practices are Unfair and Deceptive Trade Practices.'
The security flaw was ultimately patched up, of course.
Facebook launched Beacon on November 6, 2007. It was a system that sent data from third-party sites to Facebook so that Facebook could show its users targeted ads based on which sites they visit. It also broadcast your purchases to your Facebook friends, if you weren't careful enough to shut it off.
After a class action lawsuit was filed, Beacon was dismantled in 2009. In a 2011 blog post, Mark Zuckerberg called Beacon one of 'a small number of high profile mistakes.'