November 29, 2011, 4:02 PM — With the help of the FTC, Facebook appears to have finally seen the light and cleaned up its privacy act. True, that light may well be emanating from a $100 billion initial public offering steaming toward us like a runaway train, but it’s a light none the less.
There’s no doubt in anyone’s mind the world’s largest social network was motivated to settle with the FTC to clear the books for the world’s largest IPO. The biggest change? The next time Facebook decides to unilaterally alter some setting that makes your private data not so private any more, it must first obtain your consent.
Yes, Virginia, there is an Opt In clause after all.
The second biggest change is that Facebook, like Twitter and Google before it, now must undergo periodic privacy audits by the FTC for the next twenty years.
The third interesting change: When you tell Facebook to delete your account, Facebook must actually delete it within 30 days, instead of letting your photos and other posts bounce around for months afterward. (Does this rule apply to information gathered by Facebook that isn’t publicly available, and does it apply to requests from law enforcement as well? I’m still waiting on an answer from the FTC on those counts.)
[Update: And the answer is... probably not, though the Feds could look into this if circumstances warrant. Please consult your nearest privacy attorney for further clarification.]
What’s notable to me is the contrast between the official FTC statement – a marvel of clarity for any organization, let alone a Federal bureaucracy – and the muddled (and frankly, BS-filled) blog post from Mark Zuckerberg announcing the agreement.
Consider, for example, the FTC’s summary of what are essentially the lies Facebook has told us over the last two years: