Facebook deciding to clarify its privacy policy under legal pressure demonstrates the unavoidable risks associated with sharing personal information on a social network.
On Thursday, Facebook notified users of its plans to change its data use policies in settling a class-action lawsuit. The plaintiffs in the complaint argued Facebook had violated their right to control the use of their names and profile pictures by using them to promote advertisers' products and services.
On Monday, a federal judge approved a $20 million fund set up by Facebook to settle the suit. In addition, Facebook was ordered to change its privacy policies to give users a better understanding of, and control over, how their information is used with advertisers.
The revised policies would state that in joining the site, the user is agreeing to "permit a business or other entity to pay us to display your name and/or profile picture with your comment or information, without any compensation to you."
The legal skirmish raises the question whether people and businesses can expect Facebook, or any other for-profit social network, to place their privacy above increasing revenue? The answer is no.
[Also see: Facebook report on government data requests a reminder there is no privacy]
"They're going to continue to push the limits on what people allow them to do because that benefits them," IDC analyst Scott Strawn told CSOonline. "And they'll continue to do that until something stops them."
That approach to user privacy, which can lead to infringements, is why Internet companies such as Facebook and Google can provide free services, they say. The strategy also pays for future innovation.
In agreeing to accept those services, people are accepting the risk that how their information is used will change as companies look for more profits. "The technology changes and the use of the data may change, [which] may be problematic in some circumstances at some point in the future," Strawn said. "It's hard to quantify and fully understand what those risks might be."
If users believe a company has crossed the privacy line, then the courts are often the only way to rein in the use of personal data.
Read more about data privacy in CSOonline's Data Privacy section.