Blog Post

Update: Facebook's Privacy Day Diversion

Clever Facebook. The social network has the media singing its praises as a civil rights champion on the same day that it shuffles its privacy policy.

Facebook is making headlines today that say it might sue employers who force job seekers to turn over passwords. Respected tech-blog Ars Technica, for instance, reports:

“Facebook says it may sue employers … While Facebook is often criticized for privacy violations of its own, this time it’s fighting on behalf of its users … Facebook said it could expose employers to legal liability.”

Facebook is right to speak up about a growing controversy that led the ACLU this week to write that, “Your Facebook Password Should Be None of Your Boss’ Business.” The issue has also produced calls on Capitol Hill for a law to prevent employers from snooping on private social spaces.

But even though Facebook’s message is a good one, its legal argument seems thin. While Facebook says it will sue employers who violate privacy, it’s hard to see how it has the legal standing to do so — the job-seeker not Facebook is the one who must sue.

The timing of Facebook’s decision to get religion about privacy is also curious. It comes on the same day that the social network is changing the rules for what it can do for legal data. Normally, such a change brings a media fuss about privacy (see Google) but in this case the media is instead hailing Facebook as a privacy good guy.

The privacy policy itself features a name change to “Data Use Policy” and will change the scope of what and how the company can collect information. A report by Elinor Mills at CNET suggests the changes may be tied to a plan for Facebook to launch an ad network after its IPO.

Facebook, like other leading tech companies, operates on a delicate tradeoff in which it gives users a popular free service and collects their personal information in return. Companies say the public debate over privacy is often misinformed.

Update: Facebook issued a follow-up “clarifying statement” to the legal position it set out in an initial blog post this morning. The statement is:

“We don’t think employers should be asking prospective employees to provide their passwords because we don’t think it’s right the thing to do. While we do not have any immediate plans to take legal action against any specific employers, we look forward to engaging with policy makers and other stakeholders, to help better safeguard the privacy of our users.”