Facebook Rebuffs Critics’ Six Point Plan

“The only information the three partners currently in the program receive from Facebook is users’ public information,” Noyes countered. “This means that our partners cannot access anything other than the same information that anyone could access simply by going to a Facebook user’s profile.”

He added, “In addition, we’ve made it easier for people to turn off the instant personalization pilot program, which prevents those, and any future, applications in the program from accessing their information. We have also imposed restrictions on how partners can use the information they receive from Facebook. That information cannot be sold or shared with others or used in any way other than to improve the experience of Facebook users visiting their site.”

Here are the six steps advised in the groups’ letter:

1. Fix the “app gap” by empowering users to decide exactly which applications can access their personal information.

2. Make “instant personalisation” opt-in by default.

3. Do not retain data about specific visitors to third party sites that incorporate “social plugins” or the “like” button unless the site visitor chooses to interact with those tools.

4. Provide users with control over every piece of information they can share via Facebook, including their name, gender, profile picture, and networks.

5. Protect Facebook users from other threats by using an HTTPS connection for all interactions by default.

6. Provide users with simple tools for exporting their uploaded content and the details of their social network so that users who are no longer comfortable with Facebook’s policies and want to leave for another social network service do not have to choose between safeguarding their privacy and staying connected to their friends.”

Widget behaviour

Most of Facebook’s counterarguments highlighted the changes the company announced recently. In addition, Noyes said the social plug-ins referred to in point three “are widgets, and they work the same basic way all widgets do—the URL of the Web page the user is viewing must be sent to Facebook for Facebook to know where to render the socially relevant content. However … we only store this information temporarily (for no more than 90 days) … We do not use it for ad targeting, nor do we sell it to third parties.”

As for point five, “We are currently testing SSL [Secure Sockets Layer] access to Facebook and hope to provide it as an option in the coming months,” Noyes said.

In the letter, the groups said, “‘Privacy’ and ‘social’ go hand-in-hand: Users are much more social with people they know” than “when their actions and beliefs and connections are disclosed without their control or consent.

“We are committed to continuing this dialogue with you and ensuring that users can continue to be both social and private on Facebook. We hope you continue to engage with us and your users to make Facebook a trusted place for both public and private sharing. Please make the default ‘social—and private.'”