In order to comply with Canadian privacy law, Facebook must take greater responsibility for the personal information in its care. That’s not what we said, it’s what Canada Privacy Commissioner Jennifer Stoddart says in a statement following an investigation into the social network’s privacy policies and practices.
That investigation was reportedly prompted by a complaint from the Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic (ahem), and identified “several areas where Facebook needs to better address privacy issues and bring its practices in line with Canadian privacy law”.
(Update: Facebook statement below)
You may want to read our post on “The Looming Facebook Privacy Fiasco” for more context. We also recently reported on independent European advisory body on data protection and privacy to the EC Article 29 Working Party’s arguments that social networks like Facebook, Twitter and MySpace need more government regulation in Europe.
The organization and Commissioner’s main concern is that Facebook provides confusing or incomplete information about its privacy practices, like not giving users to opportunity to complete wipe out their accounts instead of merely deactivating them. Stoddart also criticizes Facebook’s policy of indefinitely keeping the personal information of people who have done just that. Another issue that gets raised in the report is the sharing of users’ personal information with third-party developers creating Facebook apps, for which the report claims Facebook lacks adequate safeguards to restrict them from accessing private profile information.
Recommendations to Facebook included the adoption of a retention policy whereby personal information in deactivated accounts is deleted after a reasonable length of time, although it doesn’t specify what period would be within reason exactly. According to Canada’s private-sector privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA), organizations must retain personal information only for as long as is necessary to meet appropriate purposes.
The report also recommends a number of other changes, including technological measures to ensure that developers can only access the user information actually required to run a specific application, and also to prevent the disclosure of personal information of any of the user’s friends who are not themselves signing up for an application.
The Office of the Privacy Commissioner will review the actions Facebook takes to comply with the recommendations in a month, and hints that Stoddard is empowered to go to Federal Court to seek to have her recommendations enforced.
One tidbit of information in the statement: Facebook apparently boasts about 12 million Canadian users.
The full report can be found here.
Update: Facebook’s response:
Facebook is pleased that the Canadian Federal Privacy Commissioner has dismissed the most of the inaccurate claims brought by CIPPIC, and that we were able to collaboratively resolve other issues raised in the complaint.
As part of our continued leadership in developing privacy tools that advance user control over their information, Facebook will soon be introducing a number of new additional privacy features to its service that we believe will keep the site at the forefront of user privacy and address any remaining concerns the Commission may have. In the meantime, we will also continue our efforts to work with the Canadian Federal Privacy Commissioner to address the outstanding areas highlighted in the report and will continue our efforts to raise awareness of the privacy controls on Facebook.
Does this surprise anyone?
Full of ‘holes?
Nope, I always knew that.
Yep. Finally someone is holding Facebook responsible for their actions.
Someone was talking about Facebook on the radio yesterday, and how their Mother was spying on her stepbrothers through their Aunt’s account. The person described the information the Stepbrother’s put on the Facebook page as ‘Hugely Personal’, and unfortunately, that is type of information shared everyday on Facebook.
No, that scenario has nothing to do with privacy. It simply has to do with an idiot “stepbrother” who has no internal mental filter about what he should or should not post on the internet.
It just sounds like the Canadian government is pissed because it wants access to all of the private goodies on it’s citizens. Gestapo government.
Um, exact opposite, my friend. Unlike the U.S., we have very strong privacy laws here.
Government departments aren’t even allowed to share personal information about citizens between each other without explicit consent.
I bet their report on twitter says “completely unfit for Canadian use”
Don’t put anything online that you don’t want to make public. If more people followed this rule, there wouldn’t be a need for the gov to step into people’s lives. We need more common sense.
Jon
Deer Kanada, welcome to the interweb
1) It’s about time someone addressed these issues from a legal standpoint. Clearly Facebook isn’t interested in serving the best interests of its users. Hopefully some push from our government will help.
2) What’s up with the most atrocious Canada graphic ever? Are you guys still reeling from your collective tworgasm from yesterday’s Twitter document fiasco? I mean, I know you’re only a blog, but at least try to get a graphic that doesn’t look like it’s from a 1990’s American high school textbook.
“And Canada, students, is the shape of a flag, with these strange blue sections representing the Great Lakes, we think. It won’t be long until we invade those British-loving Canucks and take back what’s rightfully ours – more Native American land.”
(Yeah, I’m a little upset.)
re 2) – I think you may be taking this a little too personal.
The blue is land… Don’t you even know where Ontario is? Windsor perhaps? Jesus…
It sounds like you care more about the crappy graphic than the privacy issue here (considering you wrote twice as much about the second issue).
@Rob: yes, I realize it’s land. The quoted text was a satirical look at how Americans would teach their students about Canada, based on the graphic above. Hence: “Canada … is the shape of a flag.”
@Jason: It’s not necessarily the graphic, but the clear lack of caring from TC staff to find an image that at least somewhat represents Canada in a positive light. Considering almost 1/2 of our population uses Facebook, I would say Canadians have a fairly decent grasp of new technology. I just feel TC should at least recognize this.
Wow…. just wow.
It could have been worse. They could have used something like this:
http://bit.ly/18EGNO
It’s not a negative image. No one would have noticed that it’s crappy if you hadn’t brought it up.
Also, 10 million Canadians are on Facebook (http://www.slid...egion-june-2007)
Also, this is an American website and there are 10 times as many Americans as Canadians. You’ll have to forgive them for not busting their asses trying to find a flattering representation of Canada…
OMG dude take a break!
Most people do not care about privacy, that’s what we found at AAfter Search. People care for great service, good content, good results.
Facebook does have alot of holes.
I think they just want to be acknowledged by FB. That’s all..LOL
1. Arrogant reply from Facebook about dismissing most inaccurate claims (way to be the bigger man fb).
2. Arrogant Americans welcoming Canada to the internet in these comments. Response A: After your complete economic collapse Canada may return the favor and welcome you back to solid banking systems and healthcare. Response B: Toronto (a city in Canada, for you xenophobic americans) had the highest facebook population until just recently when London (a city in the UK) rose above it. Don’t Americans only use MySpace and AOL? We’ll welcome YOU to the internet when you find services that don’t suck balls.
Yeah, because if the US economy collapses, Canada will be in *fantastic* shape.
It seems your economy collapsed… we felt it a little bit but have better banking so we’re good thanks. We also have all your oil and water and don’t waste time in your stupid war. Open your eyes.
It seems your economy collapsed… we felt it a little bit but have better banking so we’re good thanks. We also have all your oil and water and don’t waste time in your stupid war. Open your eyes.
lol, facebook employee #712, arrogant prick
Micheal,
did the Twitter Lawyers make you go incognito?
come on, after yesterdays day long teasers, you gotta come out with something – never mind if its an acknowledgment that twitter lawyers got heavy on TC.
You got your page views , but what about our sore eyeballs?
Ayan
12 million users (33, may be 35 million population) – that’s one fb loving country!
I, too, found the choice of the image exceedingly odd-looking.
I clicked through my feed reader just to see the reactions about your choice of an illustration. If that was your intention, you caught me.
In any case, one is left to question either your taste or your intention.
Clearly, it’s the taste.
Here is a thought, don’t upload super private photos or content to Facebook, and don’t use your real name or birthdate. You can still connect with your friends all the same. Just because it asks you for your work history and relationship status doesnt mean you have to answer those questions. Use common sense to protect yourself.
Yes Canada! Myspace was never ever too big here, facebook has 35% of the entire cad population….
typos in this article. annoying.
I was going to mention how crappy the graphic art was…….but 10 ppl beat me to it.
lol. i concur about the graphic art. i’m glad they got this done. i was hoping that they’d do something too about google coming around and taking their pics for google maps, but it seems that got settled without people getting too mad. i cannot believe why facebook will not allow customers to know where their information is being sent, and what it is being used for, and i can’t believe that they will not let a user deactivate and then delete the account. i tried out facebook for less than a month a couple of years ago and of course i lied about my information, yet still connected to my friends and family who would post my real information, so i would just tell people i know that if they wanted to be my friend on fb, that they would have to untag me from everything they have on that website…and i would go there and make sure that got done. it was a fun site to be on, and theis was before they got many of the cool apps that i don’t have the privelidge of trying out, but i don’t miss fb. yeah 1/3 of the entire country is on that site, mostly from tdot, or montreal, or even vancouver (surprising since those guys are way chill and all about the environment stuff. meh) so i think it’s in their favour to deal with the concerns of their members, because it will be in their benefit in the end. mysapce use to be big here too, but mostly for the canadian arts scene and it’s artists. the model for fb is pretty cool, but it wasn’t my thing. i don’t have the span to maintain stuff like that, and this is why i don’t have a twitter, or a blog, or any of those things. it doesn’t mean i am entirely illiterate about technology, but that sometimes when my friends talk about something i may be out of the loop because i am not experiencing it first hand. i like how i can’t lurk people’s walls on twitter anymore though, cause they fixed that, but in the meanwhile i can lurk most of the twitter accounts.
oh and when i deactivated my account i wrote them a letter telling them that i wanted them to prove to me that they would delete my account and that they would not provide my information to third parties without my knowledge…i didn’t say consent because i did sign up for a facebook account and i read all their user mumbo jumbo (looked up stuff i didn’t understand in the dictionary or onlie) and my legal rights that i am signing away as well as their terms of use and their rights to operate the site and own my data. yeah, and i got a response back from them assuring me that i could check back in a couple months to see if there are any traces of my account, and i did, and there weren’t. so they were pretty good to me…and for that i thank them. i lied either way and wouldn’t give them my real information, so i know i covered my back.
face book is to open and to free with info sharring.i would like all my info deleted from facebook indefinatly.i dont think the watchdog is workin also.it gets very complicated when it comes to peoples privacy.surly the whole of the internet is also to blame.people are too trusting.my grandaughter wanted off face book and had trouble.this is how we treat our children.i am not a judgemental person by nature,we need to speak up more,
So I think people might be very careful with their FB account. Too much of public information might harm them..
Want to understand what this all means and how to change your Facebook privacy settings now to better protect your personal information? Check out the ACLU of Northern California Facebook Privacy Quiz at http://apps.fac...c_privacy_quiz/
More info at our blog at http://www.aclunc.org/techblog.