Third party FaceBook apps are giving rise to serious privacy & legal concerns
Our second FaceBook related story of the day is about the third party apps that can be used in FaceBook. FaceBook recently opened its doors to third party applications, and there are already many thousands of applications available for use, ranging from the completely silly (I am particularly entertained by the Zombies app!) to those aimed at businesses and professionals.
I've been working on the legals for a new FaceBook application called Blog Friends. This is the brainchild of Luke Razzell. Luke is an entrepreneur and thinker on technology and identity issues, and also writes the Weaverluke blog. Blog Friends is a very clever blog aggregator and means of getting your blog content to others. It should be of great interest to bloggers, many of whom are also FaceBook users (hence the number of blogs commenting on the Oxford University FaceBook/privacy story).
During my preparation for the Blog Friends legal work, I was staggered by how few third party FaceBook applications have even considered the legal and compliance issues that they face. Very few have terms & conditions or even a privacy policy. These third party apps aren't FaceBook's responsibility, as the FaceBook terms & conditions state, so app writers can't just shrug their shoulders about point to the FaceBook terms or privacy policy.
This failure to address legal issues raises risks for both users of the apps and the creators of the apps.
Key risks for users
Users of these apps have no way of knowing:
- What data is being collected about them by the apps
- Where this data is being held, and for how long
- What it's being used for
- Who else has access to the data
Whilst many FaceBook users probably don't care about the issue, it is likely that many do. Privacy and data protection are big issues these days; check out the coverage received by the ICO's latest campaign and the drop in trade suffered by TK Maxx following a major security breach (see IMPACT story).
Key risks for application writers
By having no terms & conditions or privacy policy for their applications, application writers face the following key risks:
- Breach of data protection law (in the UK, the Data Protection Act 1998)
An appropriate privacy policy is an essential element of data protection compliance. E-businesses that do not have appropriate policies, or any policies at all, risk an investigation from the data protection authorities (to take an extreme example, the investigation into Google by the Article 29 Working Group). Being investigated by the data protection authorities is damaging in itself from a PR perspective. If found to be in breach of these laws, application writers could ultimately face a fairly decent-sized fine and possibly even a criminal conviction. See our guide to the Data Protection Act for more information on this subject.
- Unnecessary exposure to commercial risks
Having terms & conditions in place means that the position on the big issues connected with the application are recorded in one place, and (if implemented correctly) are contractually binding. Decent terms & conditions bring certainty, meaning that important issues aren't left to be decided in a dispute situation.
Writers of the more daft, just-for-fun, FaceBook applications may choose to ignore these risks. However, any business that is using FaceBook applications to generate revenue should seek legal advice from the outset, to minimise the risks of the law or compliance issues tripping it up later.
16.
facebook is growing fast, in general the future of communication is in control of the social mobile networks. Their growing past each one attaacts a different audience, peekamo hit their audience on a more persoanl level through text, facebook is hitting everyone through pics, groups. Networking is now a business itself.
Posted by: kory | 18 July 2007 at 09:13 PM
Usefulness of apps like this one will continue to outstrip concerns for privacy: http://apps.facebook.com/thenewsroom
Posted by: Ian from www.thenewsroom.com | 04 August 2007 at 05:25 PM