Public interest group urges FTC to investigate Facebook for Timeline privacy violations

A prominent public interest group is once again targeting Facebook for questionable privacy practices.

The Electronic Privacy Information Center (EPIC) is urging the Federal Trade Commission (FTC) to investigate Facebook for its implementation of Timeline, the social networking company’s radical new profile feature.

The group believes that Timelne exposes user information to the public without explicit consent from the user, and as such violates the conditions set forth in a recent, highly-publicized settlement between Facebook and the FTC.

In a late December open letter to the FTC, revealed by ZDNet, EPIC alleges that, “Facebook is changing the privacy settings of its users in a way that gives the company far greater ability to disclose their personal information than in the past. With Timeline, Facebook has once again taken control over the user’s data from the user and has now made information that was essentially archived and inaccessible widely available without the consent of the user.”

At the heart of the matter is Facebook’s role in surfacing stories and status updates from the past. During the initial implementation process, Facebook members are given a seven-day window to tweak the information and privacy settings around the content that appears in their Timelines. But, according to EPIC, this window doesn’t equate to “affirmative express consent,” a condition of Facebook’s settlement with the FTC.

“As we explained when we announced timeline in September, and we reiterated last month when it became available worldwide, Timeline doesn’t change the privacy of any content,” a Facebook spokesperson told VentureBeat. “Everything is accessible to the same people who could or likely had seen it already in their News Feed sometime in the past. In addition, Timeline offers a number of new, simpler, and more effective ways for people to control their information, including activity log, the most comprehensive control tool we’ve ever developed. We think these innovations are things privacy advocates should be applauding.”

In the November settlement, a disciplinary response to Facebook changing the privacy settings of its users without permission in 2009 (a matter brought to the FTC’s attention by EPIC), the FTC found that Facebook’s prior privacy claims were unfair, deceptive and in violation of federal law.

“The proposed settlement bars Facebook from making any further deceptive privacy claims, requires that the company get consumers’ approval before it changes the way it shares their data, and requires that it obtain periodic assessments of its privacy practices by independent, third-party auditors for the next 20 years,” the Commission said.

In response, Facebook agreed to create a comprehensive privacy program, hired Erin Egan and Michael Richter as co-chief privacy officers and revised its corporate structure.

But the changes have done little to appease EPIC.

The post was updated with a statement from Facebook.

[Image via Andrew Feinberg/Flickr]