Congressmen Question Facebook About Alleged Privacy Breach

Two powerful U.S. Congressman have asked Facebook CEO Mark Zuckerberg to respond to a series of questions regarding an alleged privacy breach reported yesterday in the Wall Street Journal. Facebook responded, saying it aims to clear confusion the story may have caused, and calling the report of a privacy breach “curious at best.”

Representatives Joe Barton of Texas and Edward Markey of Massachusetts, co-chairs of the House Bi-Partisan Privacy Caucus, said answers Facebook gives in response to a letter they sent yesterday will inform discussions surrounding pending privacy legislation.

“Given the number of current users, the rate at which that number grows worldwide, and the age range of Facebook users, combined with the amount and the nature of information these users place in Facebook’s trust, this series of breaches of consumer privacy is cause for concern,” wrote the Congressmen.

They continued, “As I am sure you are aware, the Committee on Energy and Commerce is the primary House panel responsible for oversight of consumer privacy. As I am sure you are also aware, comprehensive privacy legislation is currently pending before the Committee.”

Though a looming privacy bill has focused primarily on behavioral ad targeting, the heightened interest in Facebook privacy could inspire additional language affecting privacy in social media arenas like Facebook.

A Wall Street Journal story published yesterday made waves, alleging that some of the top Facebook applications such as Zynga’s FarmVille had transmitted “Facebook ID numbers to at least 25 advertising and data firms, several of which build profiles of Internet users by tracking their online activities.” The article referred to the transfer of Facebook user IDs as a “privacy breach” because, the story stated, “Facebook prohibits app makers from transferring data about users to outside advertising and data companies, even if a user agrees.”

The article prompted the letter from Barton and Markey, who expect Facebook to respond to a series of questions listed therein by October 27. Among the 18 questions and requests: “What terms contained in your privacy policy were violated by this series of privacy breaches?” “What procedures do you have in place to detect and/or prevent third-party applications that may breach the terms of Facebook’s privacy policy?” and “Will Facebook seek the deletion of its users’ personal information from data bases of the Internet or advertising companies who received it as a result of this series of privacy breaches?”

The legislators also asked Facebook to “identify the officials or offices within Facebook who are responsible for ensuring that third-party applications satisfy Facebook’s terms and conditions.” They also expressed concern regarding possible leaking of financial or medical data and data relating to minors.

“We look forward to addressing any confusion that has resulted from the Wall Street Journal article and we’re happy to work with Reps. Markey and Barton to answer any questions they may have,” wrote Andrew Noyes, Facebook’s manager of public policy communications in a statement sent to ClickZ News.

“As our privacy policy states, when a Facebook user connects with an application, the user ID is part of the information that the application receives. The suggestion that the passing of a user ID to an application, as described in Facebook’s privacy policy, constitutes a ‘breach’ is curious at best. We also prohibit applications from transferring user data to ad networks or data brokers, and when we receive a report that such an improper transfer has occurred, we investigate and take action as appropriate. We are continually working with developers and other responsible parties in the community to put in place further safeguards against violations of our terms.”

Related reading