Due to increased pressure from privacy advocates, Facebook was forced to allow its nearly 1 billion users to vote on its privacy policy, reads a company announcement released on Friday, June 1. Facebook agreed to such a vote only once before, back in 2009, when it claimed a much smaller user base of 200 million users.
The changes subjected to a vote concern two different user documents: Facebook's Statement of Rights and Responsibilities (SRR) and Data Use Policy. Voting started on Friday, June 1, at 9 a.m. PT, and will close on June 8 at 9 a.m. PT. The most significant changes up for a vote are:
- A clarification that Facebook can use your data to display advertisements outside of Facebook.com, while you're browsing other Web sites;
- The addition of a detailed chart explaining how Facebook uses cookies to improve the social network, but not track users across the web;
- Updated language to clarify how Facebook will "retain data as long as necessary to provide services"
In order for the changes to go into effect, a full 30 percent of all active Facebook users, i.e. roughly 230 million people, must vote to approve them. If 30 percent of active users vote against the changes, Facebook will have to ditch them altogether. Meanwhile, if at least 30 percent of active users do not decisively vote for or against the changes, Facebook will consider the changes "under advisory." Users have until June 8 to vote on the changes.
Europe v. Facebook
Facebook proposed some "improvements" to its privacy policy, including "enhancing transparency," less than a month ago, in response to a major audit Irish data-protection authorities conducted last year. The audit, in turn, was triggered by the Europe v. Facebook campaign, led by 24-year-old Australian law student Max Schrems. After Schrems filed dozens of complaints in Europe last year against Facebook's privacy practices, the campaign took off and gained numerous supporters.
In response to Europe v. Facebook, the social networking company updated its "Download your Information" feature to include a wider set of data, including IP addresses used to access Facebook, account status changes, friend request history, and other such information. Even after this update, Schrems was still not satisfied with the company's privacy policy because it was "still not in line with the European Data Protection Law," he told the New York Times.
Voting Was Inevitable
Schrems mobilized his privacy group to flood Facebook's Site Governance Page, posting comments with pasted messages. The threshold for triggering a vote was 7,000 comments, and the number of comments posted exceeded it. "I really don't think any of our changes were controversial. [Max Schrems] is interested in us changing our product, but these revisions are about our policy. We can't please everyone," Erin Egan, Facebook's Chief Privacy Officer for Policy, told TechCrunch. "We did reach the threshold because a viral meme was created, and unfortunately the result is a vote." The meme Egan was referring to is Schrems' request, asking users to paste in the comment "I oppose to the changes and want a vote about the demands on www.our-policy.org." Over 42,000 comments were posted until the feedback period ended in May 18.
Users can find in-depth explanations of the changes regarding SRR here and Data Use Policy here.