Facebook today instated a new Data Use Policy and Statement of Rights and Responsibilities that will allow the company to share information with affiliates like Instagram and put an end to site governance voting, among other more minor changes.

The social network put the proposed terms up to a user vote, following a protocol established in 2009. Only 668,872 users voted, so even though the majority voted against the proposed changes, Facebook decided to move forward with the new governance documents. Results are only binding if at least 30 percent of users participate. In this case, less than 1 percent voted.

It’s largely for this reason that Facebook is removing the voting option with the terms adopted today. This was the third instance of user voting in the company’s history and each time only a small percentage participated. The small turnout ends up not being representative of the user base. Earlier this year and again with this latest proposal, activists copy-pasted the same comment over and over to trigger a vote on policy changes. At Facebook’s scale now, and especially as a publicly traded company, it will face government and other third-party regulation that could hold the company more accountable than a user vote ever could.

Facebook is also leaving in language requiring the company to provide a seven-day comment period in advance of any change. The social network is adding new ways to educate users about site governance issues and receive feedback. A new feature will allow users to submit questions to Chief Privacy Officer Erin Egan through Facebook’s official privacy pages, and Egan will begin appearing in livestreamed events where users can share their concerns or request more information.

The new Data Use Policy also includes new language about “affiliates” to cover Facebook’s relationship with Instagram, which it acquired this year. Facebook and its affiliates can share information to understand user activity or provide customized experiences, including personalized ads.

Some Facebook users have been posting status updates that include legal language they believe will protect their copyright and privacy. The meme is a hoax that began in May and is going viral again.

Facebook’s actual governing documents, including its “Data Use Policy” and “Statement of Rights and Responsibilities,” are in fact up for review, but users’ status updates will not have an effect on the outcome or even on their own protection. By creating a Facebook account, users agree to the terms in the Data Use Policy and Statement of Rights and Responsibilities. They cannot deny these terms with a status update. Further, the meme going around now includes erroneous references to the Berne Convention, Uniform Commercial Code and the Rome Statute, as seen below.

It’s likely that most people posting these updates are not aware that they can view Facebook’s latest policies and offer feedback here. This is not surprising, but it should be concerning to Facebook. Despite its efforts, the social network is still not well-trusted by users and misinformation spreads faster than ever because of the features it developed. [Update 11/26/12 10:52 a.m. PST - Facebook responded with a "fact check" on its Newsroom site here.]
(more…)

Facebook today proposed changes to its Data Use Policy and Statement of Rights and Responsibilities that will allow the company to share information with affiliates like Instagram and put an end to site governance voting, among other more minor changes.

New language about “affiliates” has been added to the Data Use Policy to cover Facebook’s relationship with Instagram, which it acquired this year. The proposed policy reads:

We may share information we receive with businesses that are legally part of the same group of companies that Facebook is part of, or that become part of that group (often these companies are called affiliates). Likewise, our affiliates may share information with us as well. We and our affiliates may use shared information to help provide, understand, and improve our services and their own services.

Even though Instagram is continuing to operate under its original brand rather than Facebook’s, the company is legally considered an affiliate and the two services can share information, for instance, to personalize a user’s experience or target ads.

The company is also looking to change a policy that it believes promotes quantity over quality feedback. In 2009 Facebook decided to give users the option to review proposed policy changes and then offer a vote if more than 7,000 users comment on those changes. This led to a situation where users copy-pasted the same comment over and over to trigger a vote on policy changes earlier this year. However, not enough users ended up voting to prevent Facebook’s proposal from going through, since results are only binding if at least 30 percent of users participate. Nonetheless, the entire situation was less than ideal and so Facebook is looking to remove the voting option completely.
(more…)

Facebook today announced Developer Alerts, a way to notify developers about important changes to the platform and the status of their apps.

For example, Facebook will communicate breaking changes to developers through these alerts, which are delivered via email and Facebook notifications. Developers will get an alert 90 days before a change goes into effect and see reminders at 60 days, 30 days and the day of. If developers complete the necessary migration before the deadline, they will no longer receive alerts about it.

The change is part of Operation Developer Love, an ongoing effort to improve relations with developers through better communications, documentation and new features. Developers have been able to get weekly updates and view resources on the the developer blog. There have also been improvements to the app dashboard. With the new alerts, though, developers are more likely to see the information they need in a more timely manner without having to seek it out themselves.

It also seems Facebook is making an effort to give developers more warning when their apps are not compliant with platform policies, giving them time to respond before enforcement action is taken. For example, if an app does not include a privacy policy, the developer will see an alert reminding them to add one before the app is forced into sandbox mode. This could reduce the chances that developers will be caught off guard by Facebook’s actions and ensure better user experience by having compliant apps. When an issue is resolved, developers will receive a confirmation alert, which should be useful for apps that have more than one developer.

Facebook says it will also send alerts to notify developers when their Open Graph actions are approved, when the status of their App Center detail pages changes or other similar things occur. However, the company notes that most developers won’t receive alerts very often.

Developer Alerts will begin rolling out today and will be available for all apps over the next few weeks.

Facebook today announced a number of changes to its Open Graph guidelines and platform policies to cut down on practices that users find spammy or unwelcome.

Developers can no longer automatically share a user’s consumption of content unless they use built-in actions “Like,” “Watch,” “Read,” “Listen” or “Follow.” Apps with custom verbs must make sharing that action opt-in so as not to surprise or confuse users. For example, an app can not automatically publish that a user “browsed” a collection after they visit a section of an online store. The app can instead include buttons for active sharing, such as “want” or “favorite.”

This does not affect games, promotions or other apps where users take an explicit action that can then be shared. Earning a high score, claiming a coupon or pinning a photo, for example, would still be acceptable. Apps like Foodily, which shares that users “found” an item when they click on a recipe link, will have to change. Rotten Tomatoes, which previously shared when users “checked out reviews,” seems to have already removed this action. More information about what qualifies as “content consumption” is available here.

Facebook is also eliminating “authenticated referrals,” which is when clicking a link from Facebook takes users directly to an app’s permission dialog rather than a page with more context. This happened frequently with social news and video applications. A user would see an article or video in their feed and click on it, but instead of being taken directly to the content, they were hit with an auth dialog. Facebook announced this option last year at f8 and encouraged developers to use it to guarantee that all users navigating to an app from the social network would be logged in. Although this helped some apps like SocialCam and Yahoo Social Bar quickly gain millions of new users, it turned out to be a poor user experience in most instances.

Facebook is no longer allowing apps to post to a friend’s wall via the API. The company says these actions generated high levels of negative user feedback, including “hides” and “mark as spam.” There is still an option for apps to use the “feed dialog” for a similar effect and apps can include user mentions or tagging, which will appear on a friend’s Timeline after a user approves the tag.

To further ensure quality apps, Facebook added the following to its platform policies:

“Quality of content: you are responsible for providing users with a quality experience and must not confuse, defraud, mislead, spam or surprise users. For example, you must monitor your app’s negative feedback in Application Insights to ensure it stays below our thresholds, avoid excessive advertisements or bugs, and ensure the description of your app is consistent with your app’s content.”

Besides the restrictions announced today — which go into effect in 90 days — Facebook announced that it would make some Open Graph stories more prominent in News Feed and on Timeline. The company says its new image-led Open Graph stories receive 70 percent more clicks and up to 50 times more Likes than equivalent story types from before. Similarly, the new location stories provide double-digit gains in distribution to apps. Developers looking to increase distribution and engagement for their app stories should use Open Graph rather than the Graph API or “stream.publish.” See the differences below.

Facebook filed a 22-page letter with the Federal Trade Commission outlining its thoughts and recommendations for the commission’s proposed changes to the Children’s Online Privacy Protection Act (COPPA).

The social network lauded the FTC’s commitment to protecting children’s online experiences and privacy, but expressed concern about some language in the proposed change, which could hold Facebook liable in cases where third-parties use its social plugins and create additional burdens for Facebook, developers, publishers and parents. In particular, Facebook urged the commission to explicitly allow first-party advertising as an acceptable use of a child’s “persistent identifier,” such as an IP address or cookie ID.

The FTC is proposing that COPPA be expanded to apply to apps, games and online ad networks, in addition to the child-directed websites it currently covers. Some language in the proposal would deem website publishers and developers that use plugins like Facebook Login or the Like Button as “co-operators” with Facebook. Facebook Chief Privacy Officer Erin Egan, who wrote the letter to the FTC, suggests that the language in the proposal “fundamentally misunderstands the relationship between plugin providers and website publishers.” The social network, for example, makes plugins available but doesn’t choose which websites use them, which plugins they use or how they use them. Neither does Facebook share data with the third-parties that use its plugins. As such, the company wants to ensure that it would not be held liable under COPPA for offenses by web publishers or app developers that integrate with its platform.

The FTC proposal makes some exceptions for collecting and using children’s information as needed for “support for internal operations.” Facebook requests that the FTC clarify its definition of “support for internal operations” to include data captured by plugins and to explicitly include activities that do not impact children’s privacy, such as first-party advertising. The letter cites the commission’s previous reports that distinguish first-party advertising from third-party advertising because it does not raise the same privacy concerns and is generally an expected part of free websites and online services.

Egan further recommends that COPPA not include language that requires operators of child-directed sites to “treat all users as children” and obtain parental consent even if they otherwise have knowledge that a user is 13 years or older. For example, if a user has signed up for Facebook, the user has verified that they are over 13 by providing a birthdate. Egan says this should apply to third-party sites that integrate plugins without requiring additional consent or age verification. “It would be nonsensical to require an operator to obtain verifiable parental consent before collecting information from a parent,” Egan writes.

As we’ve previously written about, Facebook could ultimately serve as a means for age verification all around the web. In its letter, the company suggests that the commission could add explicit clarification that publishers can use a common mechanism to obtain verifiable parental consent, as Microsoft, Disney and a number of organizations have suggested in their comments to the FTC. Doing this, Egan writes, would minimize the burden on parents by reducing the number of times they have to give consent and eliminate the need for multiple detailed privacy notices. Instead, parents could give consent and get notice up front. They would then then get a more specific notice when a child wants to play a game or use a new app. If a platform provides this ability, Facebook argues, it should not assume liability or turn the platform into a “co-operator” with third-party apps or websites that implement it.

The Wall Street Journal reported in June that Facebook was taking steps toward allowing children under 13 to be allowed on the site, including creating mechanisms that would connect children’s accounts to those of their parents. Facebook has not publicly shared whether it is planning to lower its age limit or how it would do so.

Facebook removes facial recognition in EU, addresses other concerns - Per recommendations from the Irish Data Protection Commissioner, which has audited Facebook policies and practices, Facebook has removed the facial recognition feature that made suggestions for who to tag in a photo. The Data Protection Commissioner says Facebook has nearly complied with all recommendations and has plans to address any remaining issues by a set deadline.

Facebook hires new director of engineering from Netflix - The former vice president of product engineering at Netflix, John Ciancutti, has joined Facebook as director of engineering, according to his LinkedIn profile. The news, first reported by AllThingsD, suggests some reorganization at Facebook. When Chief Technology Officer Bret Taylor announced his departure in June, Director of Engineering Mike Vernal and Director of Mobile Engineering Cory Ondrejka were said to be leading in his absence. Facebook has not yet announced a new CTO.

Hearsay Social brings social compliance to Salesforce - Hearsay Social this week announced Hearsay Social Cloud Compliance for Salesforce, enabling financial services, healthcare and retail organizations to use social enterprise tools in the cloud while adhering to industry regulations and corporate governance. Hearsay Social Cloud Compliance for Salesforce includes FINRA, SEC, FTC, IIROC, FSA and FDA compliance coverage across the Salesforce.com Sales Cloud, Marketing Cloud, Service Cloud and Chatter. It will be available on Salesforce.com’s AppExchange.

Facebook and other Internet companies create collective lobbying group - Facebook joins Google, eBay, Amazon.com, Zynga, Yahoo and others in a new U.S. lobbying group called The Internet Association ”dedicated to strengthening and protecting a free and innovative Internet.” The Next Web notes that Microsoft and Apple are not part of the trade association.

Facebook asks users for help identifying fake names – Some Facebook users are being prompted to let the social network know whether a friend is using a fake name. A Facebook spokesperson told The Next Web, “We are always looking to gauge how people use Facebook and represent themselves to better design our product and systems. We are showing people information that their friends have made available to them and we indicate to the person taking the survey that their response will be anonymous to ensure them that we are not sharing their data with anyone and only looking to understand the results in an aggregate sense. Additionally, it is important to understand that we will not be using this data for enforcement actions.”

Twitter prompts users to post tweets to Facebook - Some Twitter users this week saw a prompt on the homepage of Twitter.com suggesting that they connect their account with Facebook and post tweets to the social network. We wonder whether this is further evidence that a new Open Graph integration is on the way.

Optimal releases free tools for exploring Facebook keywords and topics - Social media data provider and ads performance company Optimal this week released OptimalExplorer, which creates a visual web of topic relationships on Facebook for free. The company has also opened up its Keyword Expander, which lets advertisers discover better audiences to target on Facebook, to provide users with the top 15 results for each query at no cost.

Syncapse launches Facebook ad budget calculator – Social business platform Syncapse introduced the Syncapse Ads 2013 Facebook Media Spend Calculator (Beta), a free planning tool to recommend an optimal budget mix for achieving fan communication, friends-of-fans communication and flighted campaigns. The calculator prioritizes fan communication and friends-of-fans communication as “always on” strategies but makes room for flighted campaigns surrounding a particular marketing or promotional opportunity.

Facebook announced a platform policy update for games on third-party websites on Wednesday, limiting the access these titles will have to users’ friends and additional permissions.

Developers will no longer be able to cross-link or promote their web games from within the games they have on Facebook canvas. That said, users will still be able to use Facebook Connect to login to a game and have that game publish back to Facebook. While this doesn’t affect Zynga because of pre-existing contractual agreements, it will affect other developers like Kabam and King.com.

We’re told by sources that the change is due to Facebook re-allocating resources toward canvas and mobile, and games using Facebook Connect haven’t seen the same kind of traffic that titles on Facebook canvas and mobile platforms have.

This might also be related to Facebook’s current payments policy. The company requires canvas games to use Facebook Payments (formerly known as Credits), of which it takes a 30 percent fee. Games off-Facebook do not have to use this payment system, even though they have been able to use all the same APIs as canvas games.

Not only that, but if users are spending time on third-party sites, that’s less exposure they’re getting to Facebook advertising. It would be hard for the company to make a case for continuing to support web games that don’t help it monetize. Although Facebook doesn’t yet make money off of iOS or Android games that integrate Open Graph or Single Sign-On, that area is growing more rapidly than desktop web games and likely needs more internal resources.

Here’s the official wording from new Facebook platform policy that affects developers using Facebook Connect for games:

Special provisions for games:
a. Desktop web games off of Facebook.com may only use Facebook Login (Authentication, excluding user connections such as friend list), Social Plugins and publishing (e.g., Feed Dialog, Stream Publish, or Open Graph). When authenticating, these games may not request additional permissions other than age, email, and our Publishing Permissions (effective December 5, 2012).

b. Games on Facebook.com and mobile must not share the same app ID with desktop web games off of Facebook.com. You must not use Canvas apps to promote or link to game sites off of Facebook, and must not use emails obtained from us to promote or link to desktop web games off of Facebook.com (effective December 5, 2012).

We’ve reached out to a few developers for comment but have yet to hear back or have been told they have no official comment.

This article originally appeared on our sister site, Inside Social Games.

Facebook updated its policy on Wednesday to make it clear that developers can not use the platform to export user data from Facebook to be used in another social network.

The company has long had policies that prohibit apps from transferring data to third parties such as ad networks and data brokers, but until now it hadn’t been quite as clear about that policy applying to other social networks. Director of Developer Products Doug Purdy addressed the issue in a blog post last year, though the company’s stance wasn’t fully reflected in official policy documents.

The full policy related to competing social networks is below. Section A is the newly added content.

Competing social networks: (a) You may not use Facebook Platform to export user data into a competing social network without our permission; (b) Apps on Facebook may not integrate, link to, promote, distribute, or redirect to any app on any other competing social network.

Facebook says its platform is designed to enable rich social apps, not serve as a data export tool. The company says apps that aim to export data into networks like Google+ should use the Download Your Information tool, not the platform APIs. However, the format of that export is not necessarily useful for transferring data to another social profile. It includes some email addresses, but only for friends that have opted into sharing this information. The option is buried within the email settings section of account settings, so it’s unlikely that many users have done this.

Google and Facebook blocked or put up roadblocks on importing and exporting data between their services in November 2010. Google had accused Facebook of not supporting data portability because users couldn’t export email addresses of friends, but could import addresses from services like Gmail. Facebook responded by saying the email addresses of friends are not a user’s own data, and therefore they don’t have the right to export them. Meanwhile, it allowed these same email addresses to be exported through Yahoo! Mail and some smaller third-party email services.

Facebook also came under some criticism recently when it began hiding users’ email addresses and showing their Facebook.com addresses instead. At the time, we wondered whether the change was related to preventing contact importing and exporting, but Facebook did not comment on this issue.

Facebook appears to have hired a head of policy, France, and about two dozen other employees according to listings removed from its careers page, as well as LinkedIn updates.

New hires, according to LinkedIn:

• Aravind Anbudurai, Software Engineer - former Software Development Engineer, IC-1 at Yahoo
• Edward Ohrns, Sales/Advertising - former Cust Svc II Rep at PSCU
• Mark Uyeda, Recruiting Coordinator - former Recruiter Compliance Administrator at Facebook
• Shireesh Asthana, Platform Engineer - former Directed Research Student at Integrated Media System Center
• Vasiliy Kuznetsov, Product Analyst - former associate at ZS Associates
• David Stone, Client Partner - former Product Manager at WaytoStay
• Kasey Sykes, Team Lead, Strategic Client Services - promoted from Account Manager at Facebook

• Head of Policy, France
• Network Engineer, SW
•  Data Center Business Operations Manager
•  Manager, Business Operations
•  Operations Analyst
•  Public Policy Manager (Sao Paulo)
•  HR Specialist – Contract (Austin)
•  Data Center Business Operations Manager
•  Datacenter Optimization Engineer
•  Lead Data Center Technician (Forest City)
•  Network Engineer, SW
•  SCO Procurement Coordinator, Site Operations
•  Sourcing Manager, Data Center Infrastructure Services
•  Head of CPG/Beverage, Global Vertical Marketing
•  Platform Developer Marketing Manager
•  Analyst, Ad Review Operations – Contractor (Austin)
•  Analyst, Platform Operations (Dublin)
•  Analyst, Platform Operations (Dublin)
•  Manager, Platform Operations
•  Account Manager (Sao Paulo)
•  Team Lead, Media Solutions, Southern Europe (Dublin)
•  Operations Analyst
•  Client Partner, Mobile (Chicago)

Who else is hiring? The Inside Network Job Board presents a survey of current openings at leading companies in the industry.