Modernizing Authentication — What It Takes to Transform Secure Access
Representatives of some of the leading social sites on the Web today urged federal regulators to resist calls to establish heavy-handed rules that would set limits on the use of consumer data on social networks, warning that far-reaching regulations would threaten to choke off a fast-growing sector of the digital economy.
The Federal Trade Commission continued its inquiry into the privacy implications of online marketing and data collection at a day-long forum at the University of California, Berkeley, hearing from privacy advocates and members of industry as it mulls new regulations.
"Regulation that's a one-size-fits-all will fail," said Erika Rottenberg, general counsel at LinkedIn. "There is self-regulation that is going on."
Each of the industry representatives agreed that in the increasingly cluttered social Web, there are bad actors who endeavor to trick consumers into sharing more information than they realize. However, they called for regulatory restraint, arguing that in most cases those sites or applications fail on their own because word gets around.
"We have on our site a ubiquitous ability to report an application that doesn't meet [consumers'] expectations," said Tim Sparapani, Facebook's director of public policy. "We literally have taken a crowd-sourcing approach to policing these applications."
Third-party apps occupied much of today's discussion. Facebook was recently forced to change its policies for developers concerning data collection and consumer notification after coming under fire from Canadian regulators.
But some advocates today argued that users are still in the dark about how their information is used when they interact with applications on the site.
"There are problems with third-party applications. People don't understand what they do," said Lillie Coney, associate director of the Electronic Privacy Information Center (EPIC). "We have got to be more aggressive in acknowledging the role or regulators and legislators in protecting people."
Coney's group has a long history with Facebook. Through each of its many dust-ups over user privacy, EPIC has been keeping a watchful eye.
Most recently, the group headed a list of nine other organizations in a complaint filed with the FTC arguing that the recent site-wide privacy overhaul Facebook undertook was deceptive and ran afoul of federal consumer protection law.
Facebook has defended the move, saying that by forcing each of the site's more than 350 million users to update their settings, more people became aware of privacy issues on the site.
Sparapani today said that 35 percent of Facebook's users adjusted their settings as a result of the change, meaning that 65 percent of the community accepted the default settings.
In making their case for regulatory restraint, Rottenberg and Sparapani argued their companies have every business interest to be responsible custodians of their users' personal information.
"It takes a long time for users to trust an ecosystem," Rottenberg said. "We can breach that trust in a heartbeat. Our interests are aligned with our users. If we breach that trust, our ecosystem will fall apart."
The timing of today's event was no coincidencein Europe and North America advocacy and industry groups are holding events to mark Data Privacy Day.
But it also continues what has been an ongoing probe into data privacy at the FTC. Today's event was the second of three public workshops the commission has scheduled to explore the issue, signaling that it could be ready to drop its self-regulatory approach in favor of stricter rules.
In the meantime, efforts are underway in Congress to draft legislation that would also seek to reshape the online privacy landscape.