Chris Kelly, the former chief privacy officer for Facebook and now a candidate for Attorney General of California, has publicly criticized the social network over its new features, saying he believes that the company should not automatically “opt in” users to information-sharing services. Kelly — who was chief privacy officer at Facebook when it launched the ill-fated Beacon project in 2007 — also says that if he is elected he will ensure that the social network meets privacy laws as far as giving users “meaningful control” over the sharing of their personal information, and will prosecute the company if it does not do so.
In a blog post on his official campaign site, the former Facebook executive says:
I strongly encourage Facebook to structure all its programs to allow Facebook users to give permission before their information is shared with third parties.
He also says that he is “proud of the work I did at Facebook to make the Internet safer and more secure” and that because of his work there “the Internet is a safer and more secure place today,” noting that the recent changes to Facebook’s privacy policies and data-sharing practices occurred after he left the company. Kelly goes on to say that if he is elected Attorney General of California, he will be looking at whether the social network’s policies “meet the requirements of consumer protection law by giving users meaningful control over their personal information,” and that “any company that breaks the law, including Facebook, will face the full extent of the state’s prosecutorial powers.”
Kelly, a former attorney, left Facebook and launched his bid for Attorney General last year. Although he has a well-financed campaign (including $8 million of his own money), he is a political neophyte whose only prior experience in the political sphere was as an adviser to Bill Clinton’s 1992 presidential campaign. Consumer protection has been a significant plank in his campaign, as has his experience at Facebook in overseeing privacy policies. But his background with the company is seen by some as a liability, and his remarks about the new features could be an attempt to distance himself from the company and its policies.
Kelly was at Facebook when the company launched its Beacon advertising program, which was an attempt to use data from Facebook member profiles to serve up more relevant ads, and also displayed users’ behavior on external sites in their Facebook stream. After a public outcry from Facebook users and privacy groups, as well as several lawsuits related to the plan, the company shut the service down. In an interview in 2008, Kelly said the network “messed it up” with Beacon.
Facebook has come under increasing fire for privacy-related issues surrounding the new features it launched at the recent F8 conference. Four senators sent a letter to the social network criticizing the company for opting-in users to the new features. One of the senators, Charles Schumer, has also sent a letter of complaint to the Federal Trade Commission about the changes (we put together a simple guide to the new features and how to disable them here).
Among the features that have been criticized by the senators and others is one called “instant personalization,” which allows certain websites and services to personalize what they show users (without requiring them to log in) by looking at the details of their public Facebook profile. As Liz noted, this particular feature — which is being beta-tested with several partners, including Microsoft (s msft), the music-sharing service Pandora and review site Yelp.com — goes the farthest of any of them in terms of sharing data without explicitly asking users beforehand.
Related content from GigaOM Pro (sub req’d):