October 19, 2010: Markey, Barton Press Facebook On Reported Privacy Breaches

WASHINGTON – U.S. Reps. Joe Barton, R-Texas, and Edward Markey, D-Mass., co-chairmen of the House Bi-Partisan Privacy Caucus, have asked Facebook CEO Mark Zuckerberg to respond to questions about the privacy breaches reported by The Wall Street Journal Monday.

 
“According to the article, this series of privacy breaches affected “tens of millions” of users, even those who adjusted their privacy settings to the strictest settings possible,” the lawmakers wrote. “Given the number of current users, the rate at which that number grows worldwide, and the age range of Facebook users, combined with the amount and the nature of information these users place in Facebook’s trust, this series of breaches of consumer privacy is a cause for concern.”
 

Barton, ranking member of the House Energy and Commerce Committee, and Markey, chairman of the Energy and Environment Subcommittee, asked Zuckerberg to respond to the following questions:

1.      How many users were impacted by the series of privacy breaches discovered by The Wall Street Journal?

2.      What was the specific nature of the information transmitted from the third party application to other parties?

3.      When did Facebook become aware of this series of privacy breaches?

4.      Did you notify your users of this series of breaches, including the specific nature of the information shared without their consent? If not, why not?

5.      What terms contained in your privacy policy were violated by this series of privacy breaches?

6.      How many third party applications were involved in this series of privacy breaches?

7.      What procedures do you have in place to detect and/or prevent third party applications that may breach the terms of Facebook’s privacy policy?

8.      Have there been similar privacy breaches by third party applications in the past? If so, please describe the nature of those breaches.  Please also describe any measures you may have put in place following the discovery of any such breaches to guard against future breaches and to better protect consumer privacy.

9.      What guidelines does Facebook have in place for third party applications to protect its users from advertent or inadvertent privacy breaches?

10.  Please identify the officials or offices within Facebook who are responsible for ensuring that third party applications satisfy Facebook’s terms and conditions. What is Facebook’s procedure for reviewing third party applications to ensure they satisfy Facebook’s terms and conditions?

11.  Please provide copies of any agreements between Facebook and its third party application developers.

12.  Does Facebook receive any remuneration, financial or otherwise, as a result of the sharing of information between third party applications and internet tracking or advertising companies? If so, please disclose the nature and amount of the remuneration paid to Facebook.

13.  For each application, please provide a copy of the terms and conditions or notice that was presented to the user before using the application. If multiple versions have been used, please provide all versions and note their dates of use.  Please also identify any specific terms violated in this series of breaches.

14.  Will Facebook seek the deletion of its users’ personal information from data bases of the internet or advertising companies who received it as a result of this series of privacy breaches? If yes, when? If not, why not?

15.  To what extent has Facebook determined that data relating to minors 17 years of age and under were breached?

16.  To what extent has Facebook determined that personal financial or medical data were breached?

17.  Please describe any policy or procedure changes Facebook plans to adopt to ensure that users have better control over how their information is shared and with whom their information is shared when using third party applications.

18.  Please describe any changes Facebook plans to adopt in the terms and conditions or notices presented to users before using third party applications.

A copy of the letter to Zuckerberg can be found HERE .