Sunday, August 28, 2011

Facebook Isn’t Private, and 7 Other Things You Should Know


If you have a computer, you’re probably on Facebook. You’re networking with friends, adding personal details, storing your email address & cell phone number, uploading pictures, and much more.
But have you bothered to read Facebook’s Terms of Service (“TOS”) or Privacy Policy? What legal relationship have you agreed to? Who has access to your data and personal details?
Thanks to Chris Brogan, I started asking these questions. Then I waded through their terms and policies. Here are some things I found.

1. The terms can change any time

This is probably standard for a website’s TOS, but this disclaimer jumps out toward the top of Facebook’s TOS:
We reserve the right, at our sole discretion, to change, modify, add, or delete portions of these Terms of Use at any time without further notice.
Since the rules can change at any time, you’re deemed to accept those changes by continuing to use the site. Even if you didn’t know of the change. Yeah, you’re the little guy in this relationship.

2. Personal use only

LinkedIn is all about jobs and business. MySpace is full of profiles for companies and products. But Facebook is supposedly only for personal use:
You understand that except for advertising programs offered by us on the Site (e.g., Facebook Flyers, Facebook Marketplace), the Service and the Site are available for your personal, non-commercial use only.
That theoretically means that only actual people can create profiles. And you’re not supposed to profit from it. But lots of charitable organizations have profiles, which doesn’t seem to fit the “personal” requirement to me. But be especially careful if you’re thinking of creating a profile for your business; you might get banned.

3. A single, individual user account

Along the same lines, every user account is supposed to be tied to an individual person, not a group:
In addition, you agree not to use the Service or the Site to: … register for more than one User account, register for a User account on behalf of an individual other than yourself, or register for a User account on behalf of any group or entity;
This also means that you can’t have two accounts on Facebook, in case you wanted to keep your alter-ego separate. Too bad.

4. You’re giving up a HUGE license

Facebook thrives (in part) because of the content users post there. But did you know that posting content gives Facebook a license to do whatever they want with your content?
By posting User Content to any part of the Site, you automatically grant, and you represent and warrant that you have the right to grant, to the Company an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense) to use, copy, publicly perform, publicly display, reformat, translate, excerpt (in whole or in part) and distribute such User Content for any purpose on or in connection with the Site or the promotion thereof, to prepare derivative works of, or incorporate into other works, such User Content, and to grant and authorize sublicenses of the foregoing.
In plain English, this means you’re giving up copyright control of your material. If you upload a photo to Facebook, they can sell copies of it without paying you a cent. If you write lengthy notes (or import your blog posts!), Facebook can turn them into a book, sell a million copies, and pay you nothing. This deserves careful consideration!

5. Applications are NOT guaranteed safe

You might think that Facebook is watching your back with the security of third-party applications. You’d be wrong:
[W]hile we have undertaken contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we do not screen or approve Developers, and we cannot and do not guarantee that all Platform Developers will abide by such restrictions and agreements.
In other words, “installer beware.” A malicious application developer could break through Facebook’s security protocols and expose your info. That would probably be difficult to do, but Facebook wouldn’t have to take the blame.

6. Disputes are arbitrated under Delaware law

If Facebook does something horridly wrong and you want to sue, guess what? You can’t (for most claims). You’ve agreed to “final and binding arbitration” for resolving most disputes with Facebook. I’d quote the language here, but it’s only interesting to us law geeks.
Suffice it to say, you probably won’t have a day in court with Facebook. If you did, it would be in California (required by the TOS), and the court would follow Delaware’s laws. That’s typical lawyering. :)

7. You surrender all submissions

Ever had a thought for a better Facebook? If you send it to them, it becomes their property:
You acknowledge and agree that any questions, comments, suggestions, ideas, feedback or other information about the Site or the Service (“Submissions”), provided by you to Company are non-confidential and shall become the sole property of Company.
This is probably typical of a large company. But you might not send them your latest award-winning idea. If you have something really great, keep it under wraps. Heck, maybe come up with a formal business proposal and some way to skirt this legal term.

8. Privacy is NOT guaranteed

I’d think twice before posting really private things on Facebook. For example, you wouldn’t want to post that you’re going to rehab. From their Privacy Policy:
[W]e cannot and do not guarantee that User Content you post on the Site will not be viewed by unauthorized persons. We are not responsible for circumvention of any privacy settings or security measures contained on the Site.
If somebody hacks Facebook, steals all your content and contact info, then does something nefarious with it, you have no remedy against Facebook. The hacker would definitely be in trouble, but Facebook is the deep-pocketed corporation.
Besides, Facebook’s own third-party contractors might misuse your information:
We may provide information to service providers to help us bring you the services we offer. … Where we utilize third parties for the processing of any personal information, we implement reasonable contractual and technical protections limiting the use of that information to the Facebook-specified purposes.
But most importantly, Facebook doesn’t guarantee your privacy:
Please keep in mind that if you disclose personal information in your profile or when posting comments, messages, photos, videos, Marketplace listings or other items , this information may become publicly available.
If a company laptop is compromised, and all your personal data gets stolen, tough luck. You were warned.

Anything else?

The Terms of Service and Privacy Policy for Facebook are long. I’ve only covered a few points that really jumped out at me.

No comments:

Post a Comment