On Tuesday, January 19, 2010, the Electronic Privacy Information Center (EPIC) publicly posted a copy of a letter from the Federal Trade Commission (FTC) that responds to a complaint filed by 10 privacy rights organizations regarding Facebook’s changes to its privacy settings. In the letter, David Vladeck, director or the FTC’s Bureau of Consumer Protection, noted that the "complaint raises issues of particular interest for us at this time," and referenced the privacy roundtables that the FTC is hosting to explore consumer privacy protection challenges, existing fair information practices, and the creation of a new privacy regulatory framework. A summary of the first privacy roundtable is available here.
While there is no indication as to whether the FTC is currently investigating Facebook, as any investigation would remain non-public until the FTC files a complaint or closes the investigation, this is not the first time Facebook has come under fire for its privacy practices. In 2008, a class action complaint was filed against Facebook alleging violations of various federal privacy and computer fraud laws, as well as California consumer protection and computer crimes laws, arising out of Facebook’s Beacon program. It was alleged that under the Beacon program, information about Facebook users’ online purchases with Facebook’s partners was shared with the users’ network without the users’ consent and used in targeted advertising. A $9.5 million settlement agreement is pending approval by the court.
If your company maintains information about your customers, check with your legal counsel before adjusting privacy practices that could result in new or different customer information being shared.