Accueil
A partir de cette page vous pouvez :
Retourner au premier écran avec les dernières notices... |
Détail de l'auteur
Auteur Bart Preneel |
Documents disponibles écrits par cet auteur
Faire une suggestion Affiner la recherche
From social media service to advertising network : A critical analysis of Facebook’s Revised Policies and Terms / Peggy Valcke
Titre : From social media service to advertising network : A critical analysis of Facebook’s Revised Policies and Terms Type de document : document électronique Auteurs : Peggy Valcke, Editeur scientifique ; Jo Pierson, Editeur scientifique ; Els Kindt, Editeur scientifique ; Eva Lievens, Editeur scientifique ; Marie-Christine Janssens, Editeur scientifique ; Claudia Diaz, Editeur scientifique ; Bart Preneel, Editeur scientifique ; Brendan Van Alsenoy, Auteur ; Valérie Verdoodt, Auteur ; Rob Heyman, Auteur ; Jef Ausloos, Auteur ; Ellen Wauters, Auteur ; Günes Acar, Auteur Editeur : Brussel : User Empowerment in a social media culture (EMSOC) Année de publication : 2015 Importance : 67 p. Note générale : DRAFT 31 March 2015 v1.2
Extrait de la preface (p.2) :
" (...) The present report should be considered as provisional and will be updated after further research, deliberation and commentary."Langues : Néerlandais Catégories : MEDIAS:AUDIOVISUEL:NUMERIQUE Tags : Facebook internet droit des médias publicité réseaux sociaux protection du consommateur vie privée législation rapport Index. décimale : 004.678 Internet Résumé :
“Executive summary
1. CONSENT
Data subject consent is the only viable justification for many of Facebook’s processing activities. To be valid, consent must be “freely given”, “specific”, “informed” and “unambiguous”. Given the limited information Facebook provides and the absence of meaningful choice with regard to certain processing operations, it is highly questionable whether Facebook’s current approach satisfies these requirements.
2. PRIVACY SETTINGS
Facebook has not announced any changes to their privacy settings as part of its 2015 changes. Nevertheless, its current default settings with regards to behavioural profiling and advertising (essentially “opt-out”) remain problematic. According to the Article 29 Working Part, consent cannot be inferred from the data subject’s inaction with regard to behavioural marketing. As a result, Facebook’s opt-out system for advertising does not meet the requirements for legally valid consent. In addition, opt-outs for “Sponsored Stories” or collection of location data are simply not provided.
3. UNFAIR CONTRACT TERMS
In comparison to 2013, Facebook’s new Statement of Rights and Responsibilities (SRR) has not changed substantially. However, our analysis shows that there are several clauses which violate European consumer protection law. Specifically, Facebook’s SRR contains a number of provisions which do not comply with the Unfair Contract Terms Directive. These violations were already present in 2013, and they are set to persist in 2015.
4. HOW FACEBOOK “COMBINES” AND “SHARES” DATA ABOUT ITS USERS
Facebook combines data from an increasingly wide variety of sources (e.g., Instagram, Whatsapp and data brokers). By combining information from these sources, Facebook gains a deeper and more detailed profile of its users. Facebook only offers an opt-out system for its users in relation to profiling for third-party advertising purposes. The current practice does not meet the requirements for legally valid consent.
5. FURTHER USE OF USER-GENERATED CONTENT
Facebook’s terms allow the company to use user-generated content (e.g. photos) for commercial purposes (e.g., Sponsored Stories, Social Ads). While the revised terms communicate this practice in a more transparent way, Facebook fails to offer adequate control mechanisms. In addition, the actual use of user-generated content in commercial communications is not transparent at all. Users might be aware of the possibility that their content might appear in ads, but they are kept unaware about when and how this actually happens.
6. LOCATION
Facebook collects location data from a variety of sources. The only way to stop the Facebook mobile app from accessing location data on one’s smart phone is to do so at the level of the mobile operating system. Facebook should implement a granular location-data settings, with all parameters turned off by default. These settings should allow users to determine when and how location data can be used by Facebook and to what purpose.
7. TRACKING
Facebook monitors its users in a variety of ways, both off and on Facebook. While Facebook provides users with high-level information about its tracking practices, we argue that the collection or use of device information envisaged by the 2015 DUP does not comply with the requirements of article 5(3) of the e-Privacy Directive, which requires free and informed prior consent before storing or accessing information on an individual’s device. Facebook also tracks non-users in a manner which violates article 5(3) of the e-Privacy Directive.
8. DATA SUBJECT RIGHTS
Facebook’s terms do not properly acknowledge the data subject rights of its users. While mention is made of certain (limited) access rights and opt-out mechanisms, Facebook does not appear to give effect to data subject rights. For example, deleting one’s profile is an “all-or-nothing” exercise and only relates to “things you have posted, such as your photos and status updates”. Though users have some options to control the visibility of their information within their networks, they are not able to prevent Facebook from further using this information for its purposes.”
Note de contenu : Table des matières :
PREFACE
LIST OF ABBREVIATIONS
EXECUTIVE SUMMARY
1. INTRODUCTION
A. HORIZONTAL EXPANSION
B. VERTICAL EXPANSION
C. GENERAL ASSESSMENT OF THE REVISED TERMS
2. CONSENT
A. ROLE OF CONSENT
B. REQUIREMENTS FOR VALID CONSENT
1) Indication of wishes
2) Freely Given
3) Specific
4) Informed
5) Unambiguous
3. PRIVACY SETTINGS
A. SETTINGS REGULATING ACCESS BY OTHER FACEBOOK USERS
B. APPLICATION SETTINGS
C. SETTINGS FOR ADVERTISING
D. ASSESSMENT
4. UNFAIR CONTRACT TERMS
A. WARRANTY DISCLAIMER
B. LIABILITY LIMITATION
C. INDEMNITY CLAUSE
D. UNILATERAL CHANGE
E. FORUM CLAUSE
F. CHOICE OF LAW
G. TERMINATION
5. HOW FACEBOOK “COMBINES” AND “SHARES” DATA ABOUT ITS USERS
A. FACEBOOK’S 2013 DUP
B. FACEBOOK’S 2015 DUP
C. ASSESSMENT
6. LOCATION DATA 36
A. FACEBOOK’S 2013 DUP
B. FACEBOOK’S 2015 DUP
C. ASSESSMENT
7. FURTHER USE OF USER-GENERATED CONTENT
A. FACEBOOK’S IP LICENSE
B. “SPONSORED STORIES” AND “SOCIAL ADS”
1) Unsolicited communications
2) Identifying commercial communications
3) Right to control the use of one’s image
8. TRACKING THROUGH SOCIAL PLUG-INS
A. TRACKING OF USERS AND NON-USERS
B. FACEBOOK AUDITS 2011-2012
1) The 2011 Report of Audit
2) The 2012 Report of Re-Audit
C. FACEBOOK’S 2013 DUP
D. FACEBOOK’S 2015 DUP
E. ASSESSMENT
1) Article 5(3) of the e-Privacy Directive
2) Position of the Article 29 Working Party
3) Facebook’s tracking of users
4) Facebook’s tracking of non-users
5) Facebook’s proposed opt-out mechanism
6) Alternatives
9. FINGERPRINTING
A. FACEBOOK’S 2013 DUP
B. FACEBOOK’S 2015 DUP
C. ASSESSMENT
10. DATA SUBJECT RIGHTS
A. RIGHT TO INFORMATION
B. RIGHT OF ACCESS
C. RIGHTS TO OBJECT AND ERASURE
En ligne : http://emsoc.be/ Format de la ressource électronique : https://www.law.kuleuven.be/icri/en/news/item/facebooks-revised-policies-and-terms-v1-2.pdf From social media service to advertising network : A critical analysis of Facebook’s Revised Policies and Terms [document électronique] / Peggy Valcke, Editeur scientifique ; Jo Pierson, Editeur scientifique ; Els Kindt, Editeur scientifique ; Eva Lievens, Editeur scientifique ; Marie-Christine Janssens, Editeur scientifique ; Claudia Diaz, Editeur scientifique ; Bart Preneel, Editeur scientifique ; Brendan Van Alsenoy, Auteur ; Valérie Verdoodt, Auteur ; Rob Heyman, Auteur ; Jef Ausloos, Auteur ; Ellen Wauters, Auteur ; Günes Acar, Auteur . - Brussel (9 Pleinlaan, 1050) : User Empowerment in a social media culture (EMSOC), 2015 . - 67 p.
DRAFT 31 March 2015 v1.2
Extrait de la preface (p.2) :
" (...) The present report should be considered as provisional and will be updated after further research, deliberation and commentary."
Langues : Néerlandais
Catégories : MEDIAS:AUDIOVISUEL:NUMERIQUE Tags : Facebook internet droit des médias publicité réseaux sociaux protection du consommateur vie privée législation rapport Index. décimale : 004.678 Internet Résumé :
“Executive summary
1. CONSENT
Data subject consent is the only viable justification for many of Facebook’s processing activities. To be valid, consent must be “freely given”, “specific”, “informed” and “unambiguous”. Given the limited information Facebook provides and the absence of meaningful choice with regard to certain processing operations, it is highly questionable whether Facebook’s current approach satisfies these requirements.
2. PRIVACY SETTINGS
Facebook has not announced any changes to their privacy settings as part of its 2015 changes. Nevertheless, its current default settings with regards to behavioural profiling and advertising (essentially “opt-out”) remain problematic. According to the Article 29 Working Part, consent cannot be inferred from the data subject’s inaction with regard to behavioural marketing. As a result, Facebook’s opt-out system for advertising does not meet the requirements for legally valid consent. In addition, opt-outs for “Sponsored Stories” or collection of location data are simply not provided.
3. UNFAIR CONTRACT TERMS
In comparison to 2013, Facebook’s new Statement of Rights and Responsibilities (SRR) has not changed substantially. However, our analysis shows that there are several clauses which violate European consumer protection law. Specifically, Facebook’s SRR contains a number of provisions which do not comply with the Unfair Contract Terms Directive. These violations were already present in 2013, and they are set to persist in 2015.
4. HOW FACEBOOK “COMBINES” AND “SHARES” DATA ABOUT ITS USERS
Facebook combines data from an increasingly wide variety of sources (e.g., Instagram, Whatsapp and data brokers). By combining information from these sources, Facebook gains a deeper and more detailed profile of its users. Facebook only offers an opt-out system for its users in relation to profiling for third-party advertising purposes. The current practice does not meet the requirements for legally valid consent.
5. FURTHER USE OF USER-GENERATED CONTENT
Facebook’s terms allow the company to use user-generated content (e.g. photos) for commercial purposes (e.g., Sponsored Stories, Social Ads). While the revised terms communicate this practice in a more transparent way, Facebook fails to offer adequate control mechanisms. In addition, the actual use of user-generated content in commercial communications is not transparent at all. Users might be aware of the possibility that their content might appear in ads, but they are kept unaware about when and how this actually happens.
6. LOCATION
Facebook collects location data from a variety of sources. The only way to stop the Facebook mobile app from accessing location data on one’s smart phone is to do so at the level of the mobile operating system. Facebook should implement a granular location-data settings, with all parameters turned off by default. These settings should allow users to determine when and how location data can be used by Facebook and to what purpose.
7. TRACKING
Facebook monitors its users in a variety of ways, both off and on Facebook. While Facebook provides users with high-level information about its tracking practices, we argue that the collection or use of device information envisaged by the 2015 DUP does not comply with the requirements of article 5(3) of the e-Privacy Directive, which requires free and informed prior consent before storing or accessing information on an individual’s device. Facebook also tracks non-users in a manner which violates article 5(3) of the e-Privacy Directive.
8. DATA SUBJECT RIGHTS
Facebook’s terms do not properly acknowledge the data subject rights of its users. While mention is made of certain (limited) access rights and opt-out mechanisms, Facebook does not appear to give effect to data subject rights. For example, deleting one’s profile is an “all-or-nothing” exercise and only relates to “things you have posted, such as your photos and status updates”. Though users have some options to control the visibility of their information within their networks, they are not able to prevent Facebook from further using this information for its purposes.”
Note de contenu : Table des matières :
PREFACE
LIST OF ABBREVIATIONS
EXECUTIVE SUMMARY
1. INTRODUCTION
A. HORIZONTAL EXPANSION
B. VERTICAL EXPANSION
C. GENERAL ASSESSMENT OF THE REVISED TERMS
2. CONSENT
A. ROLE OF CONSENT
B. REQUIREMENTS FOR VALID CONSENT
1) Indication of wishes
2) Freely Given
3) Specific
4) Informed
5) Unambiguous
3. PRIVACY SETTINGS
A. SETTINGS REGULATING ACCESS BY OTHER FACEBOOK USERS
B. APPLICATION SETTINGS
C. SETTINGS FOR ADVERTISING
D. ASSESSMENT
4. UNFAIR CONTRACT TERMS
A. WARRANTY DISCLAIMER
B. LIABILITY LIMITATION
C. INDEMNITY CLAUSE
D. UNILATERAL CHANGE
E. FORUM CLAUSE
F. CHOICE OF LAW
G. TERMINATION
5. HOW FACEBOOK “COMBINES” AND “SHARES” DATA ABOUT ITS USERS
A. FACEBOOK’S 2013 DUP
B. FACEBOOK’S 2015 DUP
C. ASSESSMENT
6. LOCATION DATA 36
A. FACEBOOK’S 2013 DUP
B. FACEBOOK’S 2015 DUP
C. ASSESSMENT
7. FURTHER USE OF USER-GENERATED CONTENT
A. FACEBOOK’S IP LICENSE
B. “SPONSORED STORIES” AND “SOCIAL ADS”
1) Unsolicited communications
2) Identifying commercial communications
3) Right to control the use of one’s image
8. TRACKING THROUGH SOCIAL PLUG-INS
A. TRACKING OF USERS AND NON-USERS
B. FACEBOOK AUDITS 2011-2012
1) The 2011 Report of Audit
2) The 2012 Report of Re-Audit
C. FACEBOOK’S 2013 DUP
D. FACEBOOK’S 2015 DUP
E. ASSESSMENT
1) Article 5(3) of the e-Privacy Directive
2) Position of the Article 29 Working Party
3) Facebook’s tracking of users
4) Facebook’s tracking of non-users
5) Facebook’s proposed opt-out mechanism
6) Alternatives
9. FINGERPRINTING
A. FACEBOOK’S 2013 DUP
B. FACEBOOK’S 2015 DUP
C. ASSESSMENT
10. DATA SUBJECT RIGHTS
A. RIGHT TO INFORMATION
B. RIGHT OF ACCESS
C. RIGHTS TO OBJECT AND ERASURE
En ligne : http://emsoc.be/ Format de la ressource électronique : https://www.law.kuleuven.be/icri/en/news/item/facebooks-revised-policies-and-terms-v1-2.pdf