Facebook Forbids the Use of User Data for Surveillance
Though exactly what counts as “surveillance” may remain up for debate.
Following no shortage of pressure, Facebook has finally announced that data about its users must no longer be used to provide surveillance capabilities.
Recommended for You
Facebook knows all kinds of stuff about you and your weird little preferences—from personal details you offer directly to preferences based on your clicks and likes (which can often do a better job of describing you than your friends can). And some of that information is made available to developers.
Last October, an investigation by the American Civil Liberties Union revealed that a company called Geofeedia had analyzed data provided by Facebook, Twitter, and Instagram in order to supply police in Ferguson with surveillance information to track minorities. The social networks neatly packaged up streams of public data for Geofeedia that would otherwise have been impossible to gather without violating the websites’ terms of service. It then analyzed the information to find trends in users’ behavior.
When that news broke, the social networks revoked Geofeedia’s access to the data. But only Twitter overhauled its policies to try to stop the same thing from happening again.
Public pressure to limit access to user data has been mounting. Just last week, for instance, we reported that civil liberties advocates were more concerned than ever about the government’s “incidental” tracking of U.S. residents’ communications during surveillance of foreign targets.
Now, Facebook has announced that developers cannot use data obtained from either Facebook or Instagram, which it owns, to produce systems that can provide surveillance capabilities. Under its Platform Policy it now says: “Don’t use data obtained from us to provide tools that are used for surveillance.”
The ACLU has praised the move but points out that “written policies must be backed up by rigorous oversight and swift action for violations.” That process may yet prove to be more subjective than it seems. While Facebook has said that it wants its policy on surveillance to be explicit, it doesn’t actually expand on what, precisely, is meant by “surveillance.”
Does feeding any data at all to law enforcement agencies count as surveillance? Or just data that ties together a user’s behavior with some other feature, like location or race? And what about private companies that might want to keep tabs on users? The lack of clarity may yet give Facebook some room to maneuver in the future.
(Read more: Facebook, ACLU, “Scrutiny Intensifies on the Warrantless Collection of Americans’ Communications,” “How Facebook Learns About Your Offline Life,” “How Do We Stop Our Social Feeds from Being Spied On?”)
Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.Subscribe today