Should the FTC Regulate Privacy on Social Networking Sites?

Font Size:

A recent paper argues that regulation of social networking sites could help protect privacy and reduce litigation.

Font Size:

When the Federal Trade Commission (FTC) recently announced a major settlement of charges that Facebook misled users into believing their information was private, the agency heightened the salience of the government’s role in regulating the privacy settings on networking sites such as Facebook and Google Plus.

In a recent paper published in the Journal of Law and Policy for the Information Society, Robert Lemons argues that the government should play a still more central role.

Lemons, a third-year law student at Ohio State University, claims that both users’ privacy and the financial interests of social networking companies would be better served if modifications of networking sites’ privacy controls were submitted for governmental review in advance of implementation. Such a regulatory review requirement would increase transparency and force sites to examine the impact of privacy changes before they go into effect. It would also, Lemons argues, offer members of the public an opportunity to stop using a website before their privacy is compromised.

Lemons proposes that Congress outline the broad characteristics of “social networking sites” (SNS) through legislation while allowing the FTC to come up with an exact definition. The Commission could periodically reconsider how it defines these websites as new SNS appear. Sites that fall under the FTC rubric would be required to submit proposed privacy changes to the Commission detailing the precise nature of the modifications. They would also be required to explain how these alternations would improve or at least avoid serious harm to user privacy.

The FTC would provide an opportunity for SNS users and other members of the public to comment on the proposal. After collecting input from interested parties, the Commission would issue a report describing public concerns and offering its recommendations regarding the changes. This report would serve a purely informative and advisory function. An SNS would be free to disregard the FTC’s recommendation, but would have to repost its proposal, as well as the Commission’s report for a reasonable amount of time in advance of their implementation.

In addition to the potential benefits that Lemon has put forward for such a system, the opportunity for prior review of SNS privacy changes could prevent serious violations of broadly held privacy values from occurring.  Companies would be less likely to implement controversial changes if users and technology bloggers express dissatisfaction with them during the proposed notice-and-comment period. The FTC report generated under the proposal would essentially put an SNS on notice of issues that could cause the company legal troubles down the line.

Since 2010, Facebook, Twitter and Google have all agreed to submit to privacy audits for a period of either 10 or 20 years as part of FTC settlement agreements. Their acceptance of these audit practices indicates that oversight of SNS’s may be an acceptable and appropriate way to protect user privacy. A government system of prior review like that proposed by Lemons would essentially apply this precaution to all such companies, not just those who have committed prior violations.