Social networks shrug off FTC privacy concerns

Social networks are under pressure to do more to protect user privacy

Web giants Facebook and Google have defended their social networking services after it was reported that a senior US regulator said she was concerned about the lack of protection consumer data is given in the cloud.

Pamela Jones Harbour, one of five Federal Trade Commission (FTC) commissioners, said internet firms need to improve the encryption technology they use to protect the data held by online applications, according to widespread reports yesterday.

Harbour made the point that this was her personal opinion rather than the official view of the FTC.

Harbour made her remarks at an FTC roundtable discussion held to explore the privacy challenges posed by technology including social networking, cloud computing and behavioural advertising.

The FTC said the goal of the roundtable was to determine how best to protect consumer privacy while supporting beneficial uses of the information and technological innovation.

Harbour was also critical of how web giants, such as Microsoft, Facebook and Google, appear to be pushing the boundaries when it comes to protecting consumer privacy.

She referred to how it has now become common practice for web firms to launch offerings that may infringe on their users’ privacy and wait to see if the product sparks a negative reaction. If it does, the firms are often seen to withdraw the offering and alter their strategy, she said. Harbour argued this kind of approach should be penalised by regulatory bodies.

Harbour also said it is wrong for web sites to make significant changes to the nature of their services without the consent of their users. For example, when Google launched Buzz, Gmail users were integrated into a social network without their consent.

The launch of Buzz was also used as an example of a firm revisiting its privacy settings after receiving an avalanche of complaints.

Buzz allows Gmail users to share real-time updates in a similar way to Twitter but users complained that Google had already selected the Gmail accounts that users would follow based on their most frequent contacts, and made all this information public.

Google said it could not respond to the specific complaints Harbour raised yesterday relating to how it launches its products. A spokesman used the same defense that Google used at the time Buzz received criticism.

“We didn't get everything right, and have worked hard to improve things based on user feedback. We quickly made a number of major changes but it's still early, and we have a long list of improvements on the way. We look forward to hearing more suggestions and will continue to improve Buzz with user transparency and control top of mind," he said.

Facebook said it is constantly exploring new ways to safeguard the privacy of its users and their communications. The social network said it uses the SSL (Secure Sockets Layer) cryptographic protocol on all logins.

“We have a dedicated security department and a dedicated group of security engineers, both working full time to ensure safe experiences for users," a spokeswoman said.

Regarding Facebook’s recent privacy changes, she said, "We are confident that the transition process was transparent, consistent with people's expectations, and well within the law.

“Specifically, the announcement and education campaign by Facebook around the changes was unprecedented in its scope. Any recommended changes to a person's privacy settings were clearly shown to them repeatedly and were not implemented until they accepted these changes."

Microsoft said it has an "ongoing commitment to privacy" and that it works with policy makers, regulators and privacy advocates to help protect privacy. " Microsoft works to build string protections into our products," said a company spokesman.

Meanwhile, Tim Holyoake, lead technologist at Software AG, said of the comments made by Harbour that it was good to see pressure being put on the big players in cloud computing to take a more proactive approach to consumer privacy measures.

“This is a chronic problem and one that not only concerns consumer-facing
organisations,” he said.

“In the public sector, a huge amount of data is transferred between the
government and businesses, with more incidents of data loss occurring last year
through a laissez-faire approach, much more needs to be done to improve
data security.”