Facebook plays down crisis talks as it faces further criticism over privacy from the European Commission

Facebook has downplayed claims that it was forced into crisis talks over privacy settings.

SC Magazine reported yesterday that Facebook was calling all of its staff to discuss the company's overall privacy strategy. However blogger Nick O'Neill, writing on the allfacebook.com website, said that Facebook had confirmed the meeting but clarified that it was a Q&A session with its 1,000+ employees.

O'Neill said: “The company has told us: ‘We have an open culture and it should come as no surprise that we're providing a forum for employees to ask questions on a topic that has received a lot of outside interest'.

“While many were hoping Facebook would make a significant change in their privacy stance, it sounds as though the company may instead stay the course. For many users (and people in the press), this could be a huge disappointment.

“While we are still hopeful that Facebook will decide to make a change to their ‘Instant Personalisation' service, it sounds as though we shouldn't expect any imminent changes any longer.”

Facebook has come under further criticism from the European Commission, who has sent the social networking site a letter saying changes to its privacy settings are unacceptable.

Specifically targeting changes that allow business partners to make more use of members' data, the Article 29 Working Party, the committee comprising the data protection regulators of the European Union's 27 member states, said that it was ‘unacceptable that the company fundamentally changed the default settings on its social-networking platform to the detriment of a user'.

The Working Party emphasised the need for a default setting in which access to the profile information and information about the connections of a user is limited to self-selected contacts. Any further access, such as by search engines, should be an explicit choice of the user.

The Article 29 Working Party also raised the issue of data of third persons contained in users' profiles, claiming that providers of social networking sites should be aware that it would be a breach of data protection law if they use personal data of other individuals contained in a user profile for commercial purposes if these other individuals have not given their ‘free and unambiguous consent'.

On a more positive note, Facebook has added a security feature designed to keep users abreast of suspicious activity on their accounts. Lev Popov, a software engineer on Facebook's site integrity team, explained that over the last few weeks, it had been testing a new feature that allows users to approve the devices they commonly use to log in, and then to be notified whenever their account is accessed from a device they have not approved.

This feature has now been rolled out across the site, and can be accessed at the account settings page and by selecting the option to receive notifications for logins from new devices.

Popov said: “For example, you can save your home computer, your school or work computer, and your mobile phone. Once you've done this, whenever someone logs in to your account from a device not on this list, we'll ask the person to name the device.

“We'll also send you an immediate email notification - and if you want, a text message - so that you're always up to speed on how your account is being accessed. This notification will provide steps on how to reset your password and remove the device, so you can quickly secure your account if it's being accessed from a device you don't recognise. We're not aware of any other service that does this, and we encourage you to try it out.”

He also said that a new system had been built to block suspicious logins before they happen, as when someone is trying to access an account from an unusual device, it will ask the person to answer an additional verification question to prove his or her identity as the real account owner.

“These questions are designed to be easy for you, and hard for a bad guy, and we've already seen some great results. You won't go through this flow often. We'll only ask you to prove your identity on the rare occasion that we notice something different. If you're ever asked to go through this flow, that's just Facebook's site integrity team saying "Hi" and that we're here to help you protect your account.

“We're confident that these new tools and systems will do a lot to prevent unauthorised logins and the nuisance they can cause. As always, though, the first line of defense is you. We need you to help by practicing safe behavior on Facebook and wherever you go online,” he said.

Sign up to our newsletters