Facebook has promised to give users more control over what
they share, but consumer advocates say the company has yet to deliver.
In fact, companies like Facebook and Google purposely
design their apps’ interfaces to confuse users into giving up personal
information, more than 30 consumer groups alleged in letters to the Federal
Trade Commission on Wednesday. In the letters, the groups encouraged the FTC to
investigate the companies and force them to implement more clear privacy
The letters to the FTC were prompted by a new report from
Norwegian Consumer Counsel Forbrukerrådet, which accused Facebook FB, -1.26%
and Google GOOG, +1.06%
of acting in “an unethical manner” by purposefully making it difficult for
users to increase privacy protections on their sites. The report also
accused the companies of giving consumers “take it or leave it” options, not
allowing them to customize how much information they share. On Facebook, for
example, when approving the company’s privacy policies, users have the option
to either “accept” or “delete account.” In other words, if you object to the
level of data Facebook is collecting about you, the only option is to leave the
“Facebook and Google make us share personal information
with cunning design, confusing interfaces, and take it or leave it options,”
Finn Myrstad, a researcher at Forbrukerrådet said. “Default settings should be
least intrusive to our privacy, and we should be in control of how our info is
being shared and used. They not provide us with meaningful choices.”
This comes after Facebook, Google, and most other companies
that do business on the internet have tweaked their privacy settings in
response to General Data Protection Regulation (GDPR) — a set of data-handling
rules put forth by European Union regulators that went into effect on May 25.
The Forbrukerrådet report, “Deceived by Design,” alleged that Google and
Facebook use inaccurate pop-up messages to alert users of what information the
companies are collecting about them.
“Companies employ numerous tricks and tactics to nudge
consumers toward giving consent to disclosing as much data as possible for as
many purposes as possible,” eight consumer advocacy groups, including Consumer
Watchdog and the Electronic Privacy Information Center (EPIC) wrote in a joint
letter to the FTC.
Google did not respond to request for comment on the
letter. A spokeswoman from Facebook told MarketWatch that the company has been
preparing for GDPR for the past 18 months and provides users options in both
“short form” and “long form” to make it easier for consumers to understand.
“We have made our policies clearer, our privacy settings
easier to find and introduced better tools for people to access, download, and
delete their information,” she said. “In the run up to GDPR we asked people to
review key privacy information which was written in plain language, as well as
make choices on three important topics. Our approach complies with the law,
follows recommendations from privacy and design experts, and is designed to
help people understand how the technology works and their choices.”
The design flaws that the report alleges are likely not
intentional, said Rishi Bhargava, co-founder at Demisto, a Cupertino,
Calif.-based provider of security automation and orchestration and response
technology. He said that companies that are trying to comply with GDPR are
figuring out new boundaries as they go.
“Just like any [user experience] design challenge, the
results are as good as the efforts,” he said. “In this case, most of the time
and energy from [user experience] team goes into improving engagement with the
user, rather than settings screen. If companies, such as Google and Facebook,
put an emphasis on these settings, which they are, we will see a different
But privacy advocates say the intentions of social media
companies are not so innocuous. Facebook, which is free to use and worth
more than $100 billion, makes most of its profit off user data. The
company has “made strides” in recent years making privacy features more
accessible, but has a long way to go, according to Neil Hughes, vice president
of labs at security research strategy company One World Identity.
“Facebook’s entire business model is built on collecting
your personal data and allowing them to track you around the web,” he said.
“They have historically made it difficult for users to adjust these settings,
burying them deep within the website or app, because it aids their business.”
Consumers concerned about privacy settings
on Facebook can disconnect third-party apps from the platform. In
response to the Cambridge Analytica scandal this year, 14% of users deleted
their Facebook accounts. Users can also turn
off location settings and limit visibility of posts on the site.
here for the original article from Market Watch.