Why Facebook is Losing Face (Trust)

Do you have a nagging sense that Facebook isn’t always straight with you about how they share your personal information, photos, posts, friend lists, networks, likes and surfing habits? That they are selling your data in ways that you have never even imagined?

Your instincts are dead on. Facebook has been saying one thing to our faces and doing another behind our backs. Facebook is in pre-IPO mode and has the propaganda machine running overtime like Big Brother at an Animal Farm.

Enter the Federal Trade Commission (FTC). The FTC just released a formal complaint identifying eight counts against Facebook for violating the Federal Trade Commission Act. The FTC confirmed what we’ve always known: Facebook tells us what they think we want to hear, not necessarily the truth. Here are the details of Facebook’s dishonesty:

  • Under the guise of increasing user privacy, Facebook has consistently provided their advertisers with ever-expanding access to sensitive user information, not less.
  • Contrary to Facebook’s marketing machine, user profiles are assigned a unique User ID that allows applications (e.g. Farmville) to track us as individuals, not as anonymous, aggregated members of a group.
  • Even if you restrict all applications’ access to your data, your friends can install applications that allow Facebook to expose your personal information without your consent or knowledge.
  • When a user deletes their account, Facebook will remove the user’s profile, but they do not remove the private data associated with the profile upon deletion. It remains stored on Facebook-managed servers, forever available to vendors, advertisers and applications.
  • Worst of all, the FTC confirms that anytime Facebook makes updates to the website, a user’s personal security settings are lost and must be re-set because prior settings have been “overridden” by the updates. In other words, all of the time and work you put into customizing your privacy and security settings are lost anytime Facebook adds or tweaks a feature.
  • Within every count in the complaint about Facebook’s business practices, the FTC used one or more of the following “qualifiers”: False or misleading representation, Deceptive act or practice, Unfair act or practice, Contrary to the statements made…

But Facebook hasn’t just violated a law imposed by the FTC, they have violated the trust of their profit-makers, all of us, the users. At the most basic level, Facebook has failed 6-7 clear litmus tests of trust leadership. Here are three of their biggest violations:

  1. Transparency – the right of those on the outside (users) to know what those on the inside (Facebook, application developers, law enforcement) know about us. Users know nothing, and in fact, it often seems that Facebook employees don’t know how the ‘engine on the inside’ works.
  2. Expectation – the reasonable assumption that Facebook honestly tells us how our data is being collected, aggregated, used and sold. As shown by the FTC complaint, they are doing no such thing.
  3. Respect – the most basic component of customer service, which says that users should be treated as stakeholders in the company, not as naive profit-centers who donate their data, for free, as endless inventory to be packaged and sold to multiple bidders.

The FTC reveals an arrogant Facebook, an organization that has systematically exempted itself from the rules, because of it’s size, it’s wunderkind story and our obsession with comparing our lives to others’. With an IPO expected early next year, it’s feared Facebook will tell the FTC what they think it wants to hear, once again, protecting their bottom-line at any cost.

Ultimately, if Facebook continues to ignore the elephant in the room, all stakeholders (including stock holders) will divest their investment and delete their profiles and we will start to speak of Facebook like we do MySpace. Of course, Facebook is too successful right now to fathom that outcome.

John Sileo is a leadership speaker on deception and trust, including: social media privacy, trust leadership and identity theft. His clients include the Department of Defense, Experian, Homeland Security Pfizer and the FDIC. Contact him on 800.258.8076. 

Facebook Gets Slapped on Wrist by FTC for Lack of Privacy

Can social media and privacy mix? The short answer is no. Social media is social by nature (meaning others are involved) and is media based (meaning that the materials are designed to be easily communicated and shared). When something is essentially named Share with Others, privacy is an afterthought. But that doesn’t mean it should be completely non-existant, or at least transparent – so that we know what we are sharing with others.

The FTC (Federal Trade Commission) is about to hold Facebook to stronger safeguards regarding user privacy, but in the end, it won’t matter very much because they are leaving Facebook with lots of wiggle room.

Rumor has it that Facebook will soon have to acquire users’ consent before making changes to privacy policies that affect current user data. That is a total contrast to what they’ve done in the past, which is to rewrite their privacy policies to be less protective without so much as giving users a whiff of the changes to their privacy.

It looks like Facebook, much like happened recently with Google, may have to submit to independent privacy audits annually over the next 20 years. At issue is the fact that the settlement will prohibit Facebook from making information that’s already on the site available to  a wider audience without user consent.

Here’s the rub: the ruling doesn’t affect any new features that Facebook adds to their service in the future. It’s likely going to be a retroactive slap on the wrist for rolling back user privacy in 2009.

Privacy is paramount. Dozens of privacy bills have been submitted to Congress this year alone. The Obama administration has called for a “privacy bill of rights” and the FTC last year called for the development of a “do not track” system that would make it easier for Internet users to protect their browsing habits.

Privacy settings and unannounced changes have challenged the reputation of Facebook. It’s not entirely clear if these privacy-settings guidelines are being implemented in the best interest of the end-user, or if Facebook is trying to bolster their privacy concerns, and user reception, in preparation for a pending IPO in April 2012.

John Sileo speaks on social media exposure and corporate risk. Learn more at

Identity Theft is #1 Consumer Complaint 11th Year in a Row

According to the Federal Trade Commission, Identity Theft still tops the annual list of consumer complaints. The list was released last Tuesday and Identity Theft was #1 for the 11th year in a row with more than 250,000 complaints. Identity theft accounts for 19% of all consumer complaints received by the FTC last year.

Why is this such a lingering, time-tested problem? Because most people, most businesses, read about it being such a terrible problem, and then go off an do little about it. Corporations fail to train their employees on personal identity theft, and that lack of skill and prevention framework seeps into the workplace. This, in turn, leads to the loss of more data, customer records, employee files and intellectual capital.

The report also states that the Miami-Ft. Lauderdale, Fla. area ranks #1 in the nation for identity theft complaints per capita. Number 2 on that list is Brownsville, Texas followed by Dunn, N.C.

The 10 top consumer complaints nationally in 2010 were:

  1. Identity theft
  2. Debt collection
  3. Internet services
  4. Prizes, sweepstakes and lotteries
  5. Shop-at-home and catalog sales
  6. Impostor scams
  7. Internet auctions
  8. Foreign money, counterfeit check scams
  9. Telephone and mobile services
  10. Credit cards

I’m betting that next year we will be celebrating the 12th consecutive year when identity theft is the leading thorn in the consumer’s side – but the fault is no one’s but those who fail to take action.

John Sileo speaks and consults professionally on identity theft. His clients include the Department of Defense, Homeland Security and hundreds of corporations and associations of all sizes. Contact him directly on 800.258.8076.

Online Privacy Needs A Federal Office

According to a recent New York Times article, the government may be creating a department solely dedicated to strenghthening privacy policies within the United States and other countries. A recent report details why such a force is necessary. Although this new office would lack enforcement authority, they would work directly with the administration and necessary agencies to attack and solve privacy issues.

“America needs a robust privacy framework that preserves consumer trust in the evolving Internet economy while ensuring the Web remains a platform for innovation, jobs and economic growth,” the Secretary of the Commerce, Gary F. Locke, said in a statement. “Self-regulation without stronger enforcement is not enough. Consumers must trust the Internet in order for businesses to succeed online.”

The policy task force already suggested we make visible exactly what information is collected online through a “Privacy Bill of Rights.” Companies that collect this information will then have increased accountability and limits on what they can do with information collected.

The FTC would remain in charge of consumer privacy issues, but privacy concerns extend beyond borders and need to be handled with other countries.  Information gathered from a 2009 study by the Interactive Advertising Bureau found that Internet advertising is responsible for approximately $300 billion of economic activity a year.

In the past, the FTC has called for improvements to online privacy policies by corporations. They have lobbied to give consumers the option of a “Do Not Track” button so third-party companies don’t have access to their information.

The more that internet users realize how much of their personal information is readily available to companies and advertisers, the more they want to put a stop to third-party tracking. Hopefully, such a task force can protect our privacy, while still giving us the ability to freely search the web.

John Sileo is the award-winning author of two identity theft prevention books, Stolen Lives and Privacy Means Profit (Wiley, August 2010) and America’s top Identity Theft Speaker. His clients include the Department of Defense, FTC, FDIC and Pfizer; his recent media appearances include 60 Minutes. Contact him on 800.258.8076.

Identity Theft Scam Stole Millions – Pennies at a Time

The FTC just busted a long-running internet scam where offshore thieves set up virtual companies and stole millions of dollars from US consumers  one small charge at a time.

“It was a very patient scam,” said Steve Wernikoff, a staff attorney with the FTC who is prosecuting the case. According to him, the scammers found loopholes in the credit card processing system that allowed them to set up fake U.S. companies that then ran more than a million phony credit card transactions through legitimate credit card processing companies.

The fraudsters were able to fly under the radar for so long because they only charged consumers between $ .25 and $9 and set up over 100 fake companies to pull off these transactions. In this specific case they charged over 1.35 million credit cards a total of $9.5 million dollars – those nickles and dimes really add up! Shockingly, 94% of these charges went undetected by the credit card holder because they didn’t notice an unusual charge on their credit card statements and fraud detection agencies rarely detect anything under $10.

With more and more credit cards being accepted for smaller purchases (e.g., soda machines and parking meters) thieves have taken this opportunity to cash in on the frequency of these charges. While 6% of the charges were detected and reported, the huge number that didn’t even realize they had an unauthorized charge shows how lax we are about checking our statements. Here are some simple steps you can take to catch fraud early:

  • Set up automatic account alerts to monitor your daily credit card purchases. That way, anytime money is spent on the card, you receive an email or SMS text to your phone alerting you to the charge. If you didn’t use your credit card, you immediately know it’s a fraud and you can call and shut down your card.
  • A more basic step is to simply monitor your bank accounts and credit card statements closely. Rather than trusting that all charges are accurate you should make sure you know exactly when the charge was made, for what, and by whom.
  • If you aren’t sure about a charge, call the bank and ask them to confirm it is a legitimate charge.
  • Sign up for an identity monitoring service that can help with this. Although these victims only lost a few dollars here and there those small charges can add up – to the scammers it added up to $9.5 million!

Read more about how this scam was able to become so profitable to the thieves.

John Sileo became America’s leading Identity Theft Speaker & Expert after he lost his business and more than $300,000 to identity theft and data breach. His clients include the Department of Defense, Pfizer, the FTC and the FDIC.  To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076.