Updated Jan. 9 at 12:00 pm MT
Facebook again finds itself in the cross hairs of privacy advocate the Electronic Privacy Information Center (EPIC) just about a month after a high-profile settlement between the social networking site and the Federal Trade Commission.
EPIC sent a letter to the FTC on Dec. 27th asking it to investigate Facebook's new "Timeline" feature to insure that it meets with the terms of a Nov. 29th FTC-Facebook settlement that requires the social networking site's privacy practices be audited every two years for 20 years by an independent third-party. The settlement also barred "Facebook from making any further deceptive privacy claims, and requires that the company get consumers' approval before it changes the way it shares their data."
The first FTC-ordered audit is scheduled for mid-May.
But EPIC could not wait and in fact had complained when Timeline initially rolled out. Its latest letter to the FTC states that with Timeline "Facebook is changing the privacy settings of its users in a way that gives the company far greater ability to disclose their personal information than in the past. ...With Timeline, Facebook has once again taken control over the user's data from the user and now made information that was essentially archived and inaccessible widely available with the consent of the user. "
Facebook has not publicly responded to the new allegations.
EPIC's letter is significant given that another such letter in 2009 spurred the initial investigation that led to Facebook's November settlement with the FTC.
In that letter, EPIC asked the FTC to investigate privacy changes Facebook made to its site. Other groups including the American Library Association, the Center for Digital Democracy, Patient Privacy Rights, and the U.S. Bill of Rights Foundation also signed the complaint.
After November's settlement, Facebook CEO Mark Zuckerberg admitted the company made a "bunch of mistakes," including, "poor execution as we transitioned our privacy model two years ago." But he added, "Overall, I think we have a good history of providing transparency and control over who can see your information."
Facebook began a staggered rollout of Timeline around Dec. 6. Users have the option to update to the new feature now but will eventually be upgraded to Timeline automatically. It cannot be disabled once it is activated.
The feature, which tracks a user's entire catalog of Facebook activity from the day they signed on, provides options to hide posts from public view.
Facebook describes Timeline as "your collection of the photos, stories, and experiences that tell your story." Within the Facebook Help Center Q&A, the company makes numerous references to options for tweaking privacy settings for Timeline.
But without initiating those tweaks, for example, a user's cell phone number would be exposed publicly. And posts, photo galleries, and comments that were once only available to friends would be exposed to anyone. Facebook has now issued a statement saying Timeline has nothing to do with privacy settings. It also offers this guide to controlling sharing with Timeline.
A handful of articles, however, have emerged, see CNet, ZDNet (video), PaulSpoerry.com, that instruct users how to protect privacy by changing existing settings on certain pieces of data or modifying actions taken by Facebook Apps before activating their Timeline. In addition, Timeline has also raised a level of ire with users that scammers are trying to capitalize on the angst.
Timeline does automatically make three bits of information a public: Timeline exposes every "public" event a user RSVP'd to on Facebook, along with the date a user's Facebook page was started and the dates the user signed on to particular Facebook applications.
ZDNet blogger Zach Whittaker says it took him four days to wipe his Timeline clean.