June  16,  2010  

Facebook  Response  to  Privacy  Groups’  Open  Letter  
  Facebook  won  widespread  praise  from  users  around  the  world  and  the  privacy  community  last   month  for  introducing  simpler  and  more  powerful  controls  for  sharing  personal  information.    We  plan  to  continue  to  make  control  easy  and  effective  for  all  the  people  who  use  our  service   and  will  continue  to  engage  these  groups  and  others  in  a  constructive  dialogue  about  these   important  issues.     Point-­‐By-­‐Point  Responses:     1)  Fix  the  “app  gap”  by  empowering  users  to  decide  exactly  which  applications  can  access  their   personal  information.     We  have  heard  these  concerns  and  announced  our  intention  to  build  a  new  data  permission   model  last  summer.    Details  were  announced  in  April  and  the  product  is  scheduled  to  launch  to   all  developers  in  the  coming  weeks.    Also,  as  part  of  the  recent  changes,  we  added  a  simple  way   for  people  to  completely  turn  off  Platform  applications  and  websites,  so  that  none  of  their   information  is  ever  shared  with  applications,  even  information  otherwise  available  to  everyone.     2)  Make  “instant  personalization”  opt-­‐in  by  default.     The  instant  personalization  pilot  program  has  been  widely  misunderstood.    The  only   information  the  three  partners  currently  in  the  program  receive  from  Facebook  is  users’  public   information.  This  means  that  our  partners  cannot  access  anything  other  than  the  same   information  that  anyone  could  access  simply  by  going  to  a  Facebook  user’s  profile.  In  addition,   we've  made  it  easier  for  people  to  turn  off  the  instant  personalization  pilot  program,  which   prevents  those,  and  any  future,  applications  in  the  program  from  accessing  their  information.   We  have  also  imposed  restrictions  on  how  partners  can  use  the  information  they  receive  from   Facebook.  That  information  cannot  be  sold  or  shared  with  others  or  used  in  any  way  other  than   to  improve  the  experience  of  Facebook  users  visiting  their  site.     3)  Do  not  retain  data  about  specific  visitors  to  third  party  sites  that  incorporate  “social  plugins”   or  the  “like”  button  unless  the  site  visitor  chooses  to  interact  with  those  tools.     Social  plugins  are  widgets,  and  they  work  the  same  basic  way  all  widgets  across  the  Internet  do.    The  URL  of  the  webpage  the  user  is  viewing  must  be  sent  to  Facebook  for  Facebook  to  know   where  to  render  the  socially  relevant  content.    However,  different  from  many  other  services,   we  only  store  this  information  temporarily  (for  no  more  than  90  days)  solely  for  the  purpose  of  
1601 South California Avenue, Palo Alto, California 94304 650.543.4800 – tel 650.543.4801 - fax

improving  and  protecting  the  service.    We  do  not  use  it  for  ad  targeting,  nor  do  we  sell  it  to   third  parties.     4)  Provide  users  with  control  over  every  piece  of  information  they  can  share  via  Facebook,   including  their  name,  gender,  profile  picture,  and  networks.     As  part  of  the  changes  we  announced  last  month,  Facebook  reduced  the  amount  of  user   information  that  must  be  available  to  everyone.  This  information  is  now  limited  to  name,   profile  picture  (should  a  user  choose  to  have  one),  gender  (though  this  can  be  hidden  on  the   profile),  and  networks  (should  the  user  join  any).  We  also  responded  to  concerns  by  allowing   users  to  restrict  visibility  of  their  friend  lists  and  pages  they  "like."  Just  like  with  other  fields  of   data,  users  can  decide  to  share  this  content  with  friends,  friends  of  friends  or  everyone.  It  has   been  our  experience  that  people  have  a  more  meaningful  experience  on  Facebook  when  they   share  some  information  about  themselves.  That  way,  they  can  find  friends  and  friends  can  find   them,  which  is  the  reason  most  people  come  to  Facebook.     5)  Protect  Facebook  users  from  other  threats  by  using  an  HTTPS  connection  for  all  interactions   by  default.     We  are  currently  testing  SSL  access  to  Facebook  and  hope  to  provide  it  as  an  option  in  the   coming  months.     6)  Provide  users  with  simple  tools  for  exporting  their  uploaded  content  and  the  details  of  their   social  network  so  that  users  who  are  no  longer  comfortable  with  Facebook’s  policies  and  want   to  leave  for  another  social  network  service  do  not  have  to  choose  between  safeguarding  their   privacy  and  staying  connected  to  their  friends.     Users  rely  on  us  to  protect  their  data  and  enforce  the  privacy  decisions  they  make  on  Facebook.   We  take  this  trust  seriously  and  work  aggressively  to  protect  it.  Facebook  imposes  no   restrictions  on  users  that  prevent  them  from  exporting  the  content  that  they  have  posted   themselves  on  Facebook.  We  have  open  APIs  that  permit  applications  to  export  this   information.  However,  we  don’t  allow  exporting  of  content  that  is  created  by  others  because  it   doesn’t  respect  the  decisions  users  make  on  Facebook  about  how  to  share  their  data.  Frankly,   we’re  surprised  that  these  groups  would  advocate  for  a  tool  that  would  enable  one  person  to   strip  all  of  the  privacy  protections  for  any  information  that  has  been  shared  with  them.  We   created  Facebook  Platform  to  permit  the  sharing  of  user  information  in  a  controlled  manner   that  does  respect  the  decisions  people  have  made,  and  we  continue  to  build  tools  for   developers  to  make  Facebook  more  open.     For  additional  information  contact  press@facebook.com  
1601 South California Avenue, Palo Alto, California 94304 650.543.4800 – tel 650.543.4801 - fax

Sign up to vote on this title
UsefulNot useful