Senator Wants Privacy Breach Info From Facebook, MySpace

The chairman of the Senate Commerce, Science, and Transportation committee fired off letters Tuesday to top dogs at Facebook and MySpace requesting more information about privacy breaches at those social networks reported in the press.

"These reports raise serious questions about social networking sites' commitment to enforcing their own privacy policies on behalf of consumers,"" Sen. John D. (Jay) Rockefeller IV (D-WV) said in a statement.

"As Chairman of the Senate Commerce Committee, I am dedicated to protecting American consumers from abuse and violations of their trust," he continued. "I intend to find out whether today's social networking sites are adequately protecting their users' personal information."

In his letter to Facebook CEO Mark Zuckerberg, Rockefeller demanded to know:

- How does Facebook enforce its privacy policy on application providers?
- What resources does Facebook dedicate to monitoring and enforcing compliance to the service's privacy policy by application providers?
- What penalties does Facebook impose on application providers and websites that violate the socnet's privacy policy?
- Does Facebook take any steps to retrieve information obtained in violation of its privacy policy?
- What past problems has Facebook had with privacy infractions by its application providers and what has it done to rectify them?
- What steps has Facebook taken to notify members whose personal information has been mishandled?

In his letter to MySpace president Michael Jones, the senator rapped the service's privacy policy. "MySpace's Privacy Policy provides insufficient basic privacy protections that other social networks employ," he wrote.

The news reports and MySpace's current privacy policy "raise serious questions about your commitment to develop and maintain strong privacy protections for consumers," he added.

Rockefeller also asked MySpace to explain why its privacy policy placed the responsibility of controlling personal information on its members when dealing with advertisers and application providers, and why it says it "does not control" and "cannot dictate" how application providers retrieve and use member information when other social networks are able to implement stricter privacy policies that better protect privacy and are able to impose limits on how their third-party partners handle member information.

Rockefeller's questions are good ones and we can't wait to see what kind of response he receives from the bigwigs at Facebook and MySpace.

Subscribe to the Security Watch Newsletter

Comments