Facebook says ‘misrepresentations’ behind Canadian privacy probe

The Federal Privacy Commissioner’s investigation into Facebook’s alleged violation of Canadian privacy law is based on “misrepresentations” of the social network’s policies, according to a Facebook advisory board member.

It could have been settled with a simple discussion rather than a full-fledged probe, said Mozelle Thompson, a Facebook policy consultant.

Thompson, a former U.S. Federal Trade Commissioner, was in Toronto on Thursday, attending a conference about youth privacy issues on the Web, hosted by Ontario’s Privacy Commissioner Ann Cavoukian.

Mozelle Thompson, a Facebook policy consultant, responds to the privacy investigation launched against the social network.

The complaint against Facebook was filed with Canada’s Privacy Commissioner, Jennifer Stoddart by the Canadian Internet Policy and Public Interest Clinic (CIPPIC), a public advocacy group based in Ottawa.

The May 30 complaint alleged Facebook had violated Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). The commissioner launched an investigation into the charges.

But Thompson claims CIPPIC is wrong about at least some of its allegations.

“I was greatly disappointed. I read the complaint and I know the group pretty well,” he told ITBusiness.ca. “I thought the complaint itself was filled with misrepresentations, and misunderstands about how the site works, how it operates, and how the settings work.”

When asked about what complaints were not correct, Thompson declined to provide further details, saying the investigation is still pending.

The CIPPIC complaint says Facebook fails to collect informed consent from users. It also alleges Facebook isn’t upfront about how advertisers are able to use the personal information posted to the site, and doesn’t do enough to protect users’ data from unauthorized access. Facebook also retains information of users who terminate their accounts, instead of destroying it.

The complaints are solid, according to Philippa Lawson, CIPPIC director.

“The students under my supervision did a very thorough job of checking Facebook and having all their facts correct,” she says. “We certainly don’t intend to be misleading or inaccurate in other respects.”

The privacy advocacy group is run out of the University of Ottawa’s law department. Its members consist of faculty and students under internship. CIPPIC wanted to study the privacy practices of a social network, but only had enough resources to choose one, Lawson says. Facebook was selected because it is the most popular social network in Canada.

Nearly 40 per cent of Canadians on the Internet use Facebook, according to the company’s statistics. Overall, it has recently surpassed the 100 million user mark – meaning if Facebook were a nation, it would be the world’s 12th most populous – just behind Mexico, and ahead of the Philippines.

Thompson regrets CIPPIC didn’t have a discussion with Facebook to clear up what he says are “misunderstandings” about the Web 2.0 site’s privacy policy.

The consultant responded to questions from Lawson last October when he was in Ottawa speaking at a conference. He says answers he gave were ignored, as was an invitation he extended to have a meeting about the matter.

“I invited her to come and talk to us, I was actually very disappointed because… we’ve had open dialogues with privacy advocates all around the world,” Thompson says. “There’s no one else that does more about privacy than us.”

But Lawson has no recollection of such an invitation. She does remember talking with Thompson and others from Facebook in the past and raising concerns about the same privacy complaints filed in May.

“They’ve all made it clear that they’re not interested in changing the policy,” she says.

But the object of the game is not to trash Facebook, Lawson says. In fact, two of the students involved in the study resulting in the complaints are admitted heavy users of the social network. The group wants a set of guidelines for social networks that balance the scales between functionality and privacy. That includes stricter standards for Web sites that cater to youth.

“Young people don’t appreciate the ways in which their personal information can be used to harm them,” Lawson says. “We can’t expect the same cautious behaviour as we do from adults.”

That sentiment is echoed by Avner Levin, director of the Privacy and Cyber Crime Institute at Ryerson University. “We owe it to young people” to create a protective system that is similar to the one that protects commercial copyright interests, he says.

YouTube will immediately remove content that receives a copyright complaint from its Web site, he adds. Social network sites resist this sort of policing role because it is counter to the concept of online socializing.

“They don’t want to be there as some sort of cop or monitor, and I don’t think they should be in that role all the time,” Levin says. “But when someone complains to them about a photo they want removed, they have an obligation to do so.”

Facebook has many measures in place to guard user privacy, Thompson says. Users are limited to sharing information with the network they belong to (the Toronto network has over 1.2 million users). Users can also make a variety of friends’ lists and assign different policies to each list.

But he said making all of the privacy settings the most stringent by default is out of the question.

“The purpose of having a social networking site is to actually get information out about you,” he says. “If the settings were at the most restrictive, than none of that information would get out and that doesn’t make any sense.”

Facebook has previously said it intends to fully cooperate with the ongoing investigation. Meanwhile, CIPPIC has its sights set on another social network.

A study on MySpace’s privacy policies will be conducted this Fall, Lawson says.

Share on LinkedIn Share with Google+
More Articles