Facebook Class Action Fears: How Deep the Privacy Runs
A new US lawsuit contends Facebook mines users’ private messages for advertisers without those users’ proper consent.
A complaint filed in California Dec. 30th charges that Facebook “misleads users into believing they have a secure, private mechanism for communication…” The suit is lengthy and detailed, and can be read at length here in a Slideshare from the plaintiff’s attorneys (and below).
This latest Facebook lawsuit brought by two social network users, Matthew Campbell and Michael Hurley, could end in a class action affair involving hundreds if not thousands of plaintiffs if the court in California upholds it. Only a little over a month ago the courts ruled investors could lay claim against Facebook’s $16 billion IPO proceeds, now the world's most visited social site is under further scrutiny.
The plaintiffs have asked for an injunction to stop such practices and damages of $100 a day for each day of violation or $10,000 for each user violated against, in the interim.
Occupational Hazards Vs Fair Use
For those of you unfamiliar, Facebook and many other online entities have been at the center of user privacy complaints even before the recent NSA spying revelations. In fact, most of us “professional” users of Internet technologies have been studying such privacy violations and rights issues for some time. Back in the early days of the Internet, the primarily concerned was giving up banking data, or losing funds via credit card fraud, and so on.
Today these fears have been replaced by cases of gross personal data harvesting at worst, and being profiled via predictive analytics in the best case scenario.
I tried in vain to reach both the attorney for one of the plaintiffs, Michael W. Sobol (Matthew Campbell’s lead counsel). As for Facebook, I tried yesterday to reach a number of Facebook executives for comment. Early this morning a Facebook spokesperson commented:
"We continue to believe the allegations in this lawsuit have no merit and we will defend ourselves vigorously.”
Turning to a couple of experts at social media for comment I was able to reach Chris Abraham (at left) in Washington to ask his take on the most recent case.
Abraham, a former Edelman PR exec and accepted authority on social media, offered an opinion when asked how he feels about Facebook’s or any network’s privacy invasions: “I don't feel any expectation of privacy on these networks. I feel like there's value for value. I trade my ability to get pitched and be pitched in the social sphere (and by proxy, to advertisers).”
Abraham goes on:
“We are the aphids, a farm of juicy fat grubs that Facebook can milk for sugar water. While this may seem a crude arrangement, actually we should be grateful because Facebook is awesome for both marketers and consumers alike. If you care about privacy, you should become a mountain man. Free online services are not free. Every person online should ask, 'What is in it for them, how am I paying, what are they extracting?'"
In typical creative form, Abraham expresses the wider view from those immersed in social as a profession. Any self-respecting web expert will advise you to consider nothing privileged online. That said, the average user’s notion of privacy on these social networks ranges in between totally oblivious to very concerned. This 2010 COMPUTERWORLD piece is but one of thousands of such articles bringing to the forefront Facebook’s issues with user privacy. Congress has been keeping a watchful eye, or supposedly has been, since citizens in the US first raised eyebrows.
For many though, the terms or service and legal jargon maze of terms of service (TOS) information provided, is just too onerous and difficult to sort out. And while I agree with Chris on "occupational hazards," our opinions do not reflect the general public's in any way.
In all honesty, circumnavigating Facebook or any social network corporate dogma on user terms is tantamount to going on a quest for the Holy Grail, especially for the average user.
Needle In A Security Haystack
Today I tried the various methods of contacting Facebook people, including trying to “talk to” Erin Egan, Facebook's Chief Privacy Officer for Policy. A word of caution, if I may: reaching a live human being at an Internet company (any) is a bit like talking to God. That link leads to a video where Erin explains some photo privacy fixes.
Along with some good fix info, she also at 4:54 shows how Facebook operatives can often be disconnected from the general user. Typing the url www.facebook.com/about/ads is just not something anybody using this service is going to do to find an address as yet unknown to reach a section of Facebook.
Herein lies a piece of the confusing pie that Facebook, Google Plus, Yahoo!, and virtually all Internet properties confound their customers with: the insider mentality. This is a commonplace mistake for any development or company. Erin Egan hurriedly going over Facebook privacy “how to” alludes to an endemic problem – or perhaps even a lack of prioritization.
The Data Use Policy tells users about cookies to help deliver up ads, like buttons and social plugins; Facebook does as good a job as any network in outlining the impossible to understand. The lawsuit, however, focused on “mining” of user information and data for one thing, but more interestingly on how detrimental loosed user information can be.
Looking over the volumes of privacy, security, and “about” information Facebook has posted on various pages, one thing seems fairly obvious. A lot of attention is paid to showing users how to protect their data and posts from other users, companies, meddlers, etc., but I for one found a lot less regarding when, how, what, and to where my data and “likes” are “used” actually. I say "actually" because we all feel no one can know exactly what any company does with information about us.
What's In the Machine?
This then, is at the crux of the petitioners’ case against Facebook: the question “What are you using my data and profile for, and with whom?” While the Facebook Advertising Guidelines, and Data Use Policy terms and information go very far in some respects, complaints from these plaintiffs bear scrutiny, one set in particular. According to number 27 in section IV of the document, a Cambridge study cited by the plaintiff’s attorneys speaks of the risks of “new methods” of data aggregation. To wit:
“Even very vague signals online, such as liking things on Facebook, can generate a detailed picture. As one University of Cambridge study found, highly sensitive personal attributes, such as sexual orientation, ethnicity, religious and political views, personality traits, intelligence, use of addictive substances, parental separation, age and gender were predictable with high degrees of success just from what people like online….”
The complaint goes on to point to a wide array of user peril hinging upon such unintended use of private information, and especially these types of profiling. Of course it seems highly unlikely any court would hold a social network responsible for profiling methods deployed onto publicly accessible data such as likes. However, the problem Facebook does face here is the very complexity involved in laymen understanding protective guidelines and the complexities of how Facebook empowers advertisers, etc. We cannot delve deep enough here to discuss these issues, but it seems certain the judge in this case is going to have to order a lot of what’s called “discovery” on both sides.
Finally, at the end of this massive trail of user and citizen privacy complaints is an obvious revelation of the underpinnings of personal data use. What I mean is simply this: any reasonable court would seem bound to actually discover not only if, when, and how Facebook stores and uses people’s data, but exactly where and how much. Sometime soon it seems likely regulators are going to set their own super geeks on the task of disclosing what is going on, but more importantly what can go on with people’s privacy. The end of that investigation will probably cure a lot of corporate and personal headaches.
Let’s hear your take on data security, even Big Brother, if you like.
Image credits: Facebook images - courtesy Facebook, Chris Abraham - courtesy Chris's Facebook profile with his permission.
Phil Butler is editor-in-chief of Everything PR and senior partner at Pamil Visions PR. He’s a widely cited authority on beta startups, all things social, search engines and public relations issues, and he has covered tech news since 2004. Phil has covered tech and social for ReadWriteWeb, Mashable, Profy, SitePoint, Search Engine Journal, The Epoch Times, Silicon Angle and many others. ...
Other Posts by Phil Butler
Social Media Today