Facebook Proposes Broad Updates To Governing Docs — Our Analysis

Facebook is proposing a broad range of updates to its governing documents, the company announced today. It’s a complex combination of simple clarifications and significant changes.

The updates could impact everything from the company’s pending location service, to developers and advertisers on the platform, to how users can represent themselves and interact with each other on the site, to how third parties can obtain user data without explicit permission. The last point is perhaps the most interesting.

But first, some important information to take note of.

Facebook has been trying to give users more clarity around its various terms of service, and this is its latest effort on that front. The company says users will have around seven days from now to provide feedback — until 12:00am Pacific Time on April 3, 2010.

We should also note that the changes today, to its Statement of Rights and Responsibilities and its Privacy Policy, now include red-lined versions to help people easily see any alterations. This was a heavily requested feature from people who care about these terms. Links to the documents here.

Also, the changes are meant to help prepare users and the company for future launches, as it says “not all of these products have been finalized and many aren’t yet built at all.” Many of the possible launches, though, are likely come at its f8 developer conference happening on April 21.

Now, here’s our look at what appear to be the most significant differences in the documents, in the order they appear in each document. We’re passing over the smaller changes and most of the clarifications, but be sure to check out the red-lined version for yourself, if you’re interested in every detail.

Statement of Rights and Responsibilities

For clarity, we’re putting new text in italics, using the proposed version of each document.

4. Registration
 and 
Account
 Security
2. You
 will 
not 
create
 more
 than
 one 
personal profile.
3. If we 
disable 
your 
account, you will
 not
 create another
 one
 without
 our 
permission.

Analysis: Lots of users have more than one account, whether to establish a private versus more public identity, or because they want an extra one to play games with, or whatever other reason. Facebook doesn’t want this happening, though, because it wants a single user identity to accurately reflect all of the person’s real-world relationships. Also, the latter line suggests Facebook wants to make its right to keep people off the site even more obvious.

5. Protecting Other 
People’s Rights
9. You will 
not tag users 
or send
 email 
invitations
 to non‐users
 without their consent.

Analysis: It’s hard to see how Facebook can enforce the fact that a user has obtained consent before tagging someone or inviting them to Facebook or to an application on the site. But it’s interesting that the company added “tag users” here, anyway, because the European Union is currently looking into privacy practices among web companies including Facebook.

One result, for example, is an article like this one from the Associated Press: “You have been tagged in 12 photos. Even if you’re not signed up to the Web site.” The lede obviously refers to the fact that Facebook users can tag people in photos who are not on Facebook, and notify those people via email that they’ve been tagged — one of the EU’s concerns. Whatever happens with the EU, Facebook appears to be making a pre-emptive move on the photo-tagging example by using its terms to put the responsibility on users when they use the feature.

6. Mobile
3. You provide all rights necessary to enable users to sync (including through an application) their contact lists with any basic information and contact information that is visible to them on Facebook, as well as your name and profile picture.

Analysis: This entirely new clause reiterates a feature that Facebook already offers, which is letting third parties sync some contact information. More on this below.

8. Special
 Provisions Applicable to
 Share Links
2. You give us permission to use and allow others to use such links and content on Facebook.

Analysis: Perhaps Facebook will be trying to provide third-party access large batches of information about the most popular shared links on Facebook? This could be valuable for anyone in the news aggregation business, for example. More likely, though, the adjustment to this phrase reflects the fact that Facebook lets users re-share links that their friends have posted already.

9. Special Provisions Applicable to Developers/Operators of Applications and Websites
2.6. You will not directly or indirectly transfer any data you receive from us to (or use such data in connection with) any ad network, ad exchange, data broker, or other advertising related toolset, even if a user consents to that transfer or use.

Analysis: This entirely new clause strongly suggests that some online advertising companies have been doing exactly what it says they shouldn’t be. This is unsurprising given that many online advertising companies have built their businesses on secretly buying and selling user data, however that data might have been gained, then using the information to do things like target ads. It’s not clear how Facebook can enforce their good behavior on its site, but the clause is a good first step to limiting abuse.

Privacy Policy

A shorter document meant to clearly detail what each user is agreeing to when they use Facebook, the site’s Privacy Policy is also seeing some major changes. The document uses a less formal structure, showing paragraph-based topics rather than the legal-style numbered format of the Statement. The document itself has seen big formatting changes, so we’re focusing on the new phrasings. We’ll break down each interesting paragraph, below. Everything in italics is directly quoted from the new document.

2.
 Information We Receive: Information you provide to us: 
Information
 About Yourself

….Once you register you can provide other information about yourself by connecting with, for example, your current city, hometown, family, relationships, networks, activities, interests, and places….

Analysis: This is interesting to anyone focused on the potential of Facebook to create location-based services. As the company explains in its changes overview blog post, it has cut out a section it added last fall defined around “location.” It is now using the term “Place” to mean, for example, “a Page, such as one for a local restaurant.”

While it’s unclear exactly what Facebook means, it sounds like the company wants to tie location in with other key parts of its site, so users intuitively think of location as part of bigger concepts. In the restaurant example, it would have both a location and a Page, but Facebook would present that information as two parts of the same thing.

4. Information You Share With Third Parties: Connecting with an Application or Website.

When you connect with an application or website it will have access to General Information about you. The term General Information includes your and your friends’ names, profile pictures, gender, connections, and any content shared using the Everyone privacy setting. We may also make information about the location of your computer or access device and your age available to applications and websites in order to help them implement appropriate security measures and control the distribution of age-appropriate content. If the application or website wants to access any other data, it will have to ask for your permission.

Analysis: This paragraph sums up the big privacy changes that Facebook made this past winter, when it did things like require that all sorts of basic information be publicly available for every Facebook user. Not every user was happy with the changes, but the company believes it needs this baseline level of openness to make its service work. The move, as we wrote at the time, was part of Facebook’s long-term plans to make its entire service more open. And sure enough, the next big change shows the impact.

4. Information You Share With Third Parties: Pre-Approved Third-Party Websites and Applications.

In order to provide you with useful social experiences off of Facebook, we occasionally need to provide General Information about you to pre-approved third party websites and applications that use Platform at the time you visit them (if you are still logged in to Facebook). Similarly, when one of your friends visits a pre-approved website or application, it will receive General Information about you so you and your friend can be connected on that website as well (if you also have an account with that website). In these cases we require these websites and applications to go through an approval process, and to enter into separate agreements designed to protect your privacy. For example, these agreements include provisions relating to the access and deletion of your General Information, along with your ability to opt-out of the experience being offered. You can also remove any pre-approved website or application you have visited here [add link], or block all pre-approved websites and applications from getting your General Information when you visit them here [add link]. In addition, if you log out of Facebook before visiting a pre-approved application or website, it will not be able to access your information. You can see a complete list of pre-approved websites on our About Platform page.

Analysis: This one’s potentially a very big deal. “General Information” basically means information that Facebook has already required users to agree to make public, as we noted in the previous section. So, Facebook’s thinking here seems to be “now that we’ve made all this information public, let’s see what we can do with it.” Third parties can already gather “General Information” using the Platform, Connect, search engines, etc. so this “pre-approved” concept seems intended to streamline usage. Companies that are pre-approved are not getting special access to any data, as far as we can tell, they are just getting quicker access.

But there are lots of interesting questions around the wording of this section. For example, what exactly does the reference to “opt-out” mean? Will each pre-approved site be required to offer some sort of opt-out button when users first come to the site, or will they be able to hide that feature somewhere and auto-register users when they show up?

We don’t have a clear idea how the “pre-approval” change will work, but the ambiguity already has people wondering if users will be forced into signing up into sites they happen to visit, without being able to avoid doing so. When we asked for more details, Facebook only responded with this general point: “The specific agreements that these trusted partners will need to enter into will require them to provide a clear and prominent way for people to opt out of the personalized experience on their site. In addition, there will be a control on Facebook to manage these partner sites’ access to information.

Without more information, it looks like Facebook is aggressively trying to push Connect around the web. The company risks generating a considerable amount of user confusion and animosity with this process. It’s managed to overcome past mistakes — like its Beacon advertising program, which showed users’ activity on other web sites to friends on Facebook without permission. But we wonder how it’s going to ensure privacy and goodwill with this feature.

We also suspect that the clarification about “General Information” and the “pre-approval” addition are both tied directly to Facebook’s plans for its Open Graph API. Although there aren’t many details about that product, it is likely to launch at f8, and will provide features such as the “like” button on other sites. This would make it even easier for Facebook users to send and receive all sorts of information between the site and the rest of the web — and cement Facebook’s position as the central destination for consuming web-wide information.

4. Information You Share With Third Parties: Exporting Information.

You (and those you make your information available to) may use tools like RSS feeds, mobile phone address book applications, or copy and paste functions, to capture, export (and in some cases, import) information from Facebook, including your information and information about you. For example, if you share your phone number with your friends, they may use third party applications to sync that information with the address book on their mobile phone.

Analysis: This line matches the clause change we noted in the SRR. Facebook wants to make it clear to users that third parties could be getting access to things like your phone number. Sounds like we might see some cool new uses of Facebook’s address book in the near future.

4.
Information
 You Share
 With 
Third 
Parties: Advertisements.

Sometimes the advertisers who present ads on Facebook use technological methods to measure the effectiveness of their ads and to personalize advertising content. You may opt-out of the placement of cookies by many of these advertisers here. You may also use your browser cookie settings to limit or prevent the placement of cookies by advertising networks.

Analysis: Facebook, to our knowledge, has not previously said that online advertising companies on its site are using cookies to measure and target ads. Cookies are a routine way that Google, Facebook and countless other web companies measure and advertise to users; cookies are also required for many features across the web, like logging in in most cases.

7. How You Can Change or Remove Information: Limitations 
on
 removal.

If you have given third party applications or websites access to your information, they may retain your information to the extent permitted under their terms of service or privacy policies.

Analysis: Facebook has added a last clause to this part, suggesting that aside from the new 4.2.6. clause limiting advertiser abuses, there are many circumstances where users somehow share information with third parties that goes beyond its control. The reality here is that Facebook does not have watertight mechanisms for limiting what companies can get access to what data.

[Image via the Missourian.]

Social Media 101

Mediabistro Course

Social Media 101

Get hands-on social media training for beginners in our online boot camp, Social Media 101! Starting September 4, social media and marketing experts will teach you the best practices to be successful on social. Register now!

 

Leave a Reply

12 Responses to “Facebook Proposes Broad Updates To Governing Docs — Our Analysis”

  1. Wiederholungstäter: Facebooks zunehmendes Vertrauensproblem » netzwertig.com says:

    [...] Inside Facebook: Facebook Proposes Broad Updates To Governing Docs — Our Analysis [...]

  2. How Facebook is Adding an Identity Layer to the Internet | Social Hacking says:

    [...] this expansion may look by reading proposed changes to the service’s governing documents (see Inside Facebook’s excellent analysis): We may also make information about the location of your computer or access device and your age [...]

  3. MikeMilton says:

    “2. You
 will 
not 
create
 more
 than
 one 
personal profile.”

    but they do not support “persona” management (ie: they drive people who are multifaceted to have multiple ids)

    Oh. btw, I deleted my FB account yesterday… they have completely broken trust with users; at least from my POV

  4. MikeMilton says:

    “because it wants a single user identity to accurately reflect all of the person’s real-world relationships”

    This is in virtually *no* users interest. All people have multi-faceted lives with ‘branches’ of social networks that are not mutually compatible. This goes deeper than work or personal to include, as just one example, interests such as photography and music creation. Consider that the music branch has little in common with the photo branch of friends

  5. Michael Zimmer.org » Blog Archive » Yet Again, Facebook Misunderstands Privacy says:

    [...] There have been numerous, valuable commentaries on what these changes mean for user privacy. See, for example, Tech Crunch (and again here), ACLU of Northern California, ReadWriteWeb, All Facebook, and Inside Facebook. [...]

  6. facebookmarketing.de | Facebook Datenweitergabe an Dritte – Überblick says:

    [...] Die Änderungen sind natürlich auch nach unserer Einschätzung etwas kritisch zu betrachten und besonders davon abhängig wer Zukünftig diese Partner sein werden, ganz so kritisch wie manche der Pressemeldungen sehen wir das Thema allerdings (noch) nicht. Wir haben einmal kurz die wichtigsten Meldungen zu diesem Thema für euch zusammen getragen: Without more information, it looks like Facebook is aggressively trying to push Connect around the web. The company risks generating a considerable amount of user confusion and animosity with this process. It’s managed to overcome past mistakes — like its Beacon advertising program, which showed users’ activity on other web sites to friends on Facebook without permission. But we wonder how it’s going to ensure privacy and goodwill with this feature. (Weiterlesen auf Inside Facebook) [...]

  7. FACEBOOK naujienos ir patarimai #33 | Komunikacija FACEBOOK'e says:

    [...] Ką FACEBOOK’as planuoja tobulinti / keisti artimiausiu metu – oficialaus BLOGo įrašas. Tuo pačiu pristatome INSDIDEFACEBOOK žvilgsnį į taisyklių pasikeitimus. [...]

  8. Facebook si “allarga” sulla privacy - The New Blog Times says:

    [...] variazioni ai Termini e Condizioni d’uso sono numerose. Il confronto con quelle vecchie, operato da InsideFacebook punto per punto, spiega minuziosamente cosa cambia ma la lettura – benché [...]

  9. kt says:

    I find your article fascinating. Thanks.

    On an unrelated topic, I noticed you use an image from the Missourian. When I clicked it, I saw the story from the Missourian is completely unrelated. Did you seek permission to use the photo in this manner? Or, did you simply find it on the web and link to it.

    Regardless, the use of a completely unrelated image, via a link, in this way is very interesting. You are essentially using the web as a photo stock house. This is the first time I’ve seen that.

    On one hand, I find this manner of photo usage exciting.

    But, on the other hand, I also find it strange. First, as a reader, I assumed the Missourian had a related story and when they didn’t, I felt it was jarring. Clicking the link to the Missourian was a waste of my time. Second, as a photo editor, I hope you did obtain permission because I feel the copyright holder has a right to control the use of his or her images.

    Sorry if I’m off topic here. I don’t know another forum for making this comment.

  10. Facebook Announces Big Policy Changes, Know What to Expect! « Nology Media | Seattle | Blog says:

    [...] InsideFacebook notes that Facebook users have until 12am Pacific Time on April 3, 2010 to provide their direct feedback about announced updates. [...]

  11. Why it's time to close your Facebook account | Open Ecosystems says:

    [...] that pay attention to Facebook’s privacy moves closely—TechCrunch, ReadWriteWeb, Louis Gray and Inside Facebook—rang the alarm bells. After all, do we really want to share information with sites screened by [...]

  12. Social Graph Series 4: Moving Beyond Social Privacy to Semantic Web | Curly Braces says:

    [...] choose to opt out, the partner continues to be able to access general information. Facebook’s terms of service describes their agreement with these partners in more detail.  We can disable the “Instant [...]

Get the latest news in your inbox
interested in advertising with inside facebook?

Social Media Jobs
of the Day

Project Coordinator for Social Media

MakerBot Industries
Brooklyn, NY

Social Media Account Manager for Beauty PR Agency

Creative Media Marketing
New York, NY

SOCIAL MEDIA PROJECT COORDINATOR

International Fellowship of Christians & Jews
Chicago, IL

Social Media & Community Management Associate

The Economist Group
New York, NY

Manager, Social Media Marketing

NBCUniversal
Santa Monica, CA

Featured Company

Join leading companies like this one and recruit from the nation's top media job seekers on the Mediabistro Job Board. Every job post comes with our satisfaction guarantee. Learn More
 

Our Sponsors

Mediabistro A division of Prometheus Global Media home | site map | advertising/sponsorships | careers | contact us | help courses | browse jobs | freelancers | content | member benefits | reprints & permissions terms of use | privacy policy Copyright © 2014 Mediabistro Inc. call (212) 389-2000 or email us