MPs have this week attacked social media giants such as Facebook and Twitter for failing to do enough to protect users' data privacy.
In a report issued on Thursday, the Science and Technology Select Committee of MPs accused social media firms of failing to clearly explain how they use personal data – branding their terms and conditions “impenetrable” and “laughable”, and highlighting the fact that Facebook Messenger's T&Cs apparently allow it to take pictures and video on a user's mobile phone without their explicit consent.
The committee, chaired by MP Andrew Miller, have called on the Government to set new standards for social media sites and apps, and warn that new laws will be needed if the companies fail to comply.
But while security industry experts back their call, they believe the MPs face an uphill battle in imposing changes unless end users start voting with their feet and refuse to use services like Facebook and Twitter.
In their report, the Committee say: “The UK is a leading player on the global stage in using social media data and we are keen for this status to be maintained, but only if that can be achieved while ensuring the personal privacy of UK citizens.”
However they say: “We are not convinced that users of online services such as social media platforms are able to provide informed consent based simply on the provision of terms and conditions documents.”
The Committee cite Minister Ed Vaizey as saying “the idea that people read 150 pages of terms and conditions is simply laughable; it is a complete nonsense”. And they highlighted evidence from Sir Nigel Shadbolt of the Web Science Trust who labelled the contracts "totally impenetrable" and "more complex than Shakespeare".
The Committee also cited press reports from August that Facebook Messenger's T&Cs allow the app to record audio, read personal profile information and take pictures and videos with a mobile phone camera, without the user's explicit permission.
The Committee conclude that current T&Cs are “lengthy and filled with jargon” making them “unsuitable for conveying an organisation's intent for processing personal data to users. These documents are drafted for use in American court rooms, and no reasonable person can be expected to understand them.”
The MPs also welcomed the fact that the UK's privacy watchdog, the Information Commissioner's Office (ICO), is investigating ways to simplify contracts.
Their stance has been backed by security industry figures.
Bob Tarzey, director of IT industry research firm Quocirca, told SCMagazineUK.com: “It absolutely makes sense that these big social media organisations should simplify their terms and conditions. We all sign up for these things and we don't read them - not just because we're lazy, but because generally they're incomprehensible and the main points aren't highlighted.”
Tarzey called for firms to provide “a high-level summary of what you're agreeing to”, so people would be aware of terms like those behind Facebook Messenger.
“That's exactly the sort of thing that needs highlighting in the high-level terms and conditions when you sign up to that specific application from Facebook. I think people would then think twice about signing up for it, but if it's buried in terms and conditions they won't notice and they will sign up.
“Therefore they're agreeing to something that they're not aware of and that's when these things become opaque and unacceptable.”
But security industry expert Brian Honan of BH Consulting, while welcoming the MPs' initiative as “a noble cause”, believes they will struggle to get firms like Facebook and Twitter to reduce the amount of personal data they collect.
He told SCMagazineUK.com: “The social media networks will resist because ‘we' are the product - the more information we agree to give freely to them, the more valuable as a product we become to those providers, so they can sell that information on to advertising companies.
“Therefore they are going to make sure that they have dotted all the i's and crossed all the t's to make sure that we voluntarily agree to give that information to them that they can sell on.”
Honan said: “The only thing that will influence these social media companies is if their product becomes less valuable – which means people stop using their networks because they feel their privacy is being invaded and the data is being abused.
“But until the mass market becomes more aware of privacy and more demanding of their privacy rights, then things will continue on as they have.”
Honan pointed out that social media networks continue to grow, saying: “If Facebook was a country, it would be the third most populated country in the world behind China and India.”
Bob Tarzey added: “I don't think an awful lot of people are against their data being used within reason, because that's part of the deal for getting the free service. I suspect the privacy concerns of Governments are greater than the privacy concerns of the individuals who sign up for these sites.”
The MPs' call has come in the same week that Facebook promised to update its T&Cs from 1 January 2015, saying its new ‘Privacy Basics' will make its data and cookies policies “easy to understand”.
But the company confirmed its continued use of personal data for advertising, saying that if users agree to provide their location data “you might see menus from restaurants nearby”.
Also this week, Twitter admitted it collects information about all the apps installed on its users' devices to provide tailored advertising content to them, but said users can “opt out of interest-based ads”.
Facebook also previously explained its Messenger T&Cs by saying “the way permissions are named doesn't necessarily reflect how Messenger and other apps use them”, and that the consent to take pictures and videos “allows you to take photos and videos within the Messenger app to easily send to your friends and other contacts”.
* Also this week, Europe's main data protection regulators have said Google should extend its ‘right to be forgotten' provisions worldwide to Google.com, to prevent the current law applying to its European search engine from being circumvented.