Ivy Tsui is a JD candidate at Osgoode Hall Law School.
Facebook is moving forward with its plan to allow third-party developers and external websites to access users’ home address and phone numbers despite widespread criticisms.
Privacy advocates had intense reactions round the blogosphere. U.S. House of Representatives Edward Markey and Joe Barton sent Facebook a letter questioning the company’s plan and raising concerns for people who may opt to share their contact information with third-party developers without carefully understanding the ramifications.
Public objections did not persuade Facebook to abandon its plan. In a statement to The Huffington Post, Facebook claimed that the plan would make online shopping speedier:
“Despite some rumors, there’s no way for other websites to access a user’s address or phone number from Facebook. For people that may find this option useful in the future, we’re considering ways to let them share this information (for example to use an online shopping site without always having to re-type their address). People will always be in control of what Facebook information they share with apps and websites.”
In the response letter to the U.S. Congressmen, Facebook emphasized that it will take positive steps to highlight the sharing process so that the users must have to express consent as to what they share. However, I am unsatisfied with this framework because users are prone to clicking “Allow” just so that Facebook will allow access to the application, which could be a game or a quiz. In addition, the implementation of this platform could potentially “coerce” users to share contact information with advertisers just because they wanted to use the applications.
Facebook also noted that it is “actively considering” whether to allow third-party applications to request contact information from users under 18 years old. In addition, Facebook also claims that this is not a concern for minors under 13 because Facebook prohibits them from joining. However, in my view, these explanations are inadequate. It is unclear how technical measures could be effectively implemented to prohibit usage of service. Just as one could easily report another name on the account, it is easy for users to falsely report their age on Facebook. Furthermore, it does not explain how Facebook would protect the elderly, whom could have different understanding of identity theft and online fraud.
Facebook has been pushing to make the world a more open place by helping people connect and share, by creating networks of friends and activities, and allowing user profiles to be searched by the public on Google, Yahoo and MSN Search. I question whether the motivation behind this controversial plan is the money that third-party developers will be giving to Facebook. Perhaps Facebook is encouraging third-party developers to create software for Facebook. It seems to me that Facebook, by trading in users’ contact information for economic gain, is working to become the most trafficked site and ultimately, a money-making marketing channel for business.
In 2009, Canada’s Privacy Commissioner was critical of Facebook, claiming that it had breached the Personal Information Protection and Electronic Documents Act (PIPEDA) by allowing third-party developers to access to users’ contact information, keeping users information from deactivated accounts, and permitting users to “tag” photos of non-users without their consent. After Facebook implemented some platform changes to address these issues, the Privacy Commissioner concluded that the new platform is adequate to inform users regarding what information they are sharing. It would be interesting to hear comments from the Privacy Commissioner on Facebook’s decision to “sell” user’s information.