WSJ: Facebook Pledges Steps on User Data

http://online.wsj.com/article/SB10001424052748703778304575591032547475398.html

NOVEMBER 3, 2010

Facebook Pledges Steps on User Data

By EMILY STEEL

Facebook Inc. told lawmakers it had taken steps to prevent the sharing of personal information about users, including temporarily suspending certain applications from its site.

The statements came in response to a letter from U.S. Reps. Edward Markey (D., Mass.) and Joe Barton (R., Texas) to Facebook Chief Executive Mark Zuckerberg, after The Wall Street Journal reported recently that certain applications on Facebook were sending users' ID numbers to marketers, in violation of Facebook's policies.

A user ID can be used to look up a user's name and other publicly available information on the social network; it can then be linked to other Web-browsing activities, allowing marketers to build profiles of Internet users.

The lawmakers sought details about Facebook's oversight of the 550,000 applications on its site. These "apps" are created by outsiders to let users play games or share information with other users.

The news comes amid increasing government scrutiny of Internet privacy. Last week, the Senate Commerce Committee chairman, Sen. Jay Rockefeller (D., W.Va.), asked top executives of Facebook and MySpace--where the site and certain applications also were sending user IDs to marketing companies--to detail how they safeguard information about their users. MySpace is owned by News Corp., which publishes The Wall Street Journal.

Facebook's response, sent Friday, echoed the company's disclosure the same day that a data broker had paid application developers for user information, and outlined the steps Facebook had taken against the data broker and the application developers. In the response, Marne Levine, Facebook's vice president for global public policy, repeated other technical measures the social network is taking to safeguard consumer privacy.

Facebook said it didn't consider the sharing of user IDs with outside application companies a privacy breach. It said that the transmission of user IDs by applications to advertising companies for the most part was "inadvertent" and a "by-product of how Internet browsers work,'' Ms. Levine wrote.

Facebook's privacy policy also states that it doesn't guarantee that apps will follow its rules and advises users to check the apps' privacy policies.

Rep. Barton said he still had concerns about the incident. "Millions of people put their information into the hands of Facebook and services like it because they believe what they're told about walls protecting their privacy," he said in a statement. "I want the Internet economy to prosper, but it can't unless the people's right to privacy means more than a right to hear excuses after the damage is done."

In the statement, Rep. Markey said "Facebook needs to protect personal consumer information to ensure that getting connected doesn't mean being unwittingly friended by data brokers and marketers."

A Facebook spokesman said the company's privacy protections prevented any private information from being accessed. He said Facebook had "acted quickly to address a small number of developers who were violating our policies."

Write to Emily Steel at emily.steel@wsj.com