Last month, Facebook proposed changes to its privacy policy (officially called a “Data Use Policy” now).  The changes cover things like cookies, storing your data, and advertising.  Facebook has a rule that if at least 7,000 people comment on a proposed policy change, they have to hold a vote:  if more than 30% of Facebook users veto the changes, Facebook can’t make them.  Because over 42,000 people commented on Facebook’s proposed revisions, Facebook has put them to a public vote from today until June 8th.

There are areas of privacy concern in both policy versions–after all, Facebook wouldn’t be worth billions without your personal data–but now you can pick whether you want to keep the current one or adopt the new one.

Here’s how you can place your vote in only a few minutes.  Because of the privacy issues we’ve identified, we recommend that you place your vote in favor of the existing documents.  We list our privacy red flags underneath the voting steps below.

1.  Log into Facebook and go to their Site Governance page at https://www.facebook.com/fbsitegovernance.

2.  Click on the “Site Governance Vote” tab at the top of the page (it’s under the “Like” button).  Alternatively, follow this link:  https://www.facebook.com/fbsitegovernance/app_130362963766777

3.  The Facebook Site Governance Vote page will open.  Click the green “Enter Voting” button.

4.  A page called “Voting Information” will open.  Click the green “Continue” button.

5.  You’ve reached the voting page.  You’ll be asked, “Which documents should govern the Facebook site?”  Check the radio button next to “Existing Documents,” then hit the green “Submit Vote” button.

We wrote this post about an hour after the vote was posted, and only 478 people had voted.  “Proposed Documents” (i.e., the bad choice) was leading by a few dozen votes, so there’s still an entire week to get the word out and make your vote count!  Note that we need a lot of votes:  as Facebook states in its current policy, “if more than 30% of all active registered users vote, the results will be binding. If turnout is less than 30%, the vote will be advisory.”  If Facebook has about 901 million members, that means we need around 270 million votes.  It seems unlikely, but we’re hopeful.

Feel free to compare the policies yourself (here’s the current one, and here’s the proposed new one), but for those of you without several hours to kill, we scoured them ourselves and identified the 3 biggest privacy red flags in the new revisions:

1.  Laying the groundwork for launching an advertising network (think Facebook ads off of Facebook)

Facebook may launch its own ad network to compete with Google’s, so you’ll start seeing Facebook-style ads across the web that use your Facebook info to target you based on your interests.  Facebook has long been able to track both members and non-members off of Facebook through its Social Plugins, including its Like and Connect buttons.  Even if you never click these buttons, they can tell Facebook which sites you’re visiting, what you’re clicking, your IP address, and more.  If Facebook launches an ad network, it will have a much more noticeable presence across the Internet.

Facebook’s proposed revision contains language that supports this ad network prediction.  Facebook’s Chief Privacy Officer Erin Egan echoed this in a live Q&A video session a few weeks ago, stating, “We may serve you an ad off Facebook.  We have nothing to announce yet, but there was some language in the data use policy that indicated that we may show an ad with a social context or any kind of ad without a social context.”

2.  Making it easier for people to search for you and find you on Facebook

People will be able to find you through expanded search terms such as email address, phone number, and other info. The language that concerns us for privacy is “even if you have not shared your contact information with them on Facbook.” Here’s an example:  you dial a wrong number; the person you accidentally called can type in your number on Facebook, hit “search,” and voila:  there’s your profile.  We take this provision to mean is any person can find you on Facebook if they have other pieces of your information, like your email or phone number.

3.  Holding onto your data for (potentially) a longer time

Although the current policy limits data retention to 180 days, the proposed one will “retain [your] data as long as necessary to provide you services,” which may be longer than 180 days.


What do you think about your privacy on Facebook?  Do you think they’ve got your best interests in mind when they change their terms?  To take control over your privacy settings, check out our recent Channel Post 7 tips for going private in Facebook in 7 minutes.