Facebook Violates Canadian Privacy Law 179
Myriad and a number of other readers passed along the news that the Canadian Privacy Commissioner has made a determination that Facebook violates Canadian privacy law in four different respects. Canada has the highest per-capita facebook participation in the world — about a third of the population — according to coverage in The Star. The EU is also expressing similar privacy concerns, though Canada's action "represents the most exhaustive official investigation of Facebook privacy practices anywhere in the world," says Michael Geist. The CBC's coverage spells out the areas of privacy concern, in particular that nearly a million developers of Facebook apps in 180 countries have full access to the entirety of users' private data. Also of concern: Facebook holds on to your data indefinitely after you quit the site. The BBC notes that Facebook is working with the privacy commission to resolve the issues, and quotes a Facebook spokesman thus: "Overall, we are looking for practical solutions that operate at scale and respect the fact that people come to share and not to hide." (Schneier recently blogged about research on "privacy salience," and cited Facebook's practices among others' as practical examples of how social networking sites have learned not to push the privacy issue in users' faces.)
Draconian Laws (Score:5, Insightful)
Besides, who puts something on Facebook that they _want_ to keep _private_?
Re:Draconian Laws (Score:5, Insightful)
who puts something on Facebook that they _want_ to keep _private_?
People who don't know any better, who are (incidentally) the same people the privacy laws were written to protect.
Re: (Score:2, Interesting)
Re: (Score:3, Insightful)
who puts something on Facebook that they _want_ to keep _private_?
People who don't know any better, who are (incidentally) the same people the privacy laws were written to protect.
People who don't know any better?
I put a gigantic billboard in my front yard - 20' tall. Plaster all kinds of personal information on it. Maybe some racy photos. And then, when everyone in the world knows the intimate details of my life I can cry foul because some privacy law was supposed to protect me, because I didn't know any better?
What ever happened to common sense?
I'm not talking about understanding the intricacies of HTTP or how various web apps share information... I'm talking about basic, commo
Re: (Score:2, Insightful)
Re:Draconian Laws (Score:4, Insightful)
You're right, but I don't think Joe Sixpack necessarily understands the concepts of data mining, profiling, etc and how they might relate to social networking sites. Nor do I think he, or the average teenager, understands the permanence of data or the associated implications.
And frankly, what may make sense to post on a gigantic billboard in your front yard may not make sense, or even be legal, tomorrow. Times change. Governments change. Social mores change. I think expecting your average internet user to consider these things is asking a little much.
No it isn't.
People have been making decisions (sometimes stupid ones) and living with the consequences for centuries. Ok, maybe it's easier to squash a verbally-distributed nasty rumor than a digitally-distributed incriminating photo, but that doesn't mean that common sense no longer applies.
Look back at some printed statements over the years... Things that were appropriate at the time and showed up very proudly in newspapers all over the united states, and now look very embarrassing.
Political careers have been ended because of a youthful indiscretion or an incriminating photograph.
Tons of people have tattoos that they wish they hadn't gotten.
Plenty of people have taken pictures they shouldn't have, and had it used against them.
Ever hear of Nixon? Recorded some tapes he probably wished he hadn't.
How about Sotomayor? Bet she wishes she hadn't said some things right about now.
This isn't about understanding data mining or profiling, this is about simple common sense - which is apparently in short supply these days. If I proudly proclaim that I like big butts on FaceBook you don't need to mine any data - you know that I like big butts. You don't have to profile anything, I've stated it in plain text. Oh, now my mother read it and I'm embarrassed? I guess I shouldn't have written it where she could see it, now should I?
Twitter, FaceBook, MySpace, blogs, text messaging, cell phones... They're all just ways of distributing a message. The problem isn't that distribution has become insanely quick, easy, and efficient. The problem is that nobody is thinking about the message anymore.
Folks will call up a friend and have a running conversation about the random people walking by them and what they're wearing - why? Just because you can tell your friend that somebody wearing a Penny Arcade t-shirt doesn't mean you have to.
People actually report on their bowel movements! Why?!
Re: (Score:3, Insightful)
Yup, however...
Your examples are ones that have easily recognizable consequences for just about anyone. My point is more about the ones that take considerably more thought. For example, you give a big thumbs up to some fringe political party that, in the not so distant future, is outlawed with the supporters being flagged. Hell, atheism could become illegal someday if some fanatics got their way.
Extreme examples, for sure, but I believe the point is clear
Re: (Score:2)
Yup, however...
Your examples are ones that have easily recognizable consequences for just about anyone. My point is more about the ones that take considerably more thought. For example, you give a big thumbs up to some fringe political party that, in the not so distant future, is outlawed with the supporters being flagged. Hell, atheism could become illegal someday if some fanatics got their way.
Extreme examples, for sure, but I believe the point is clear
So, kind of like the folks who liked the Nazis and then looked embarrassed after WWII?
The real situation (Score:5, Insightful)
Twitter, FaceBook, MySpace, blogs, text messaging, cell phones... They're all just ways of distributing a message. The problem isn't that distribution has become insanely quick, easy, and efficient. The problem is that nobody is thinking about the message anymore.
Actually, the problems being cited by the privacy officials are more the kind of thing the average user probably would not realise/anticipate.
If I ask a site to delete my personal data when they no longer have any reason to hold it, I might reasonably expect them to delete it — not stick some flag in a database, and then find when they have a security breach in five years' time that the data was still there. If an organisation is unwilling to follow this rule, the law should make them; the consequences of failing to do so with modern technology are demonstrated all too frequently, and often with horrendous, underserved consequences for those affected.
If I flag my personal data as private and restrict access to only a select group of friends, I might reasonably expect that data to be kept private and accessible only to those friends — not made accessible, in its entirety, to a million arbitrary developers of Facebook apps around the world, many from countries with far less privacy protection than the law in my country (and other countries where Facebook is hosted) provides. Again, if a site that specialises in collecting personal data and attracts that data on the basis that it can be held in confidence is unable to keep that confidence, the law should compel them to do so.
The way Facebook doesn't really delete data and the way they allow app developers open-ended access to it are the two big reasons I personally don't use their service, and I would be interested to know how many of my Facebook-using friends would agree if they knew the full implications of signing up for one game of Scrabulous or whatever it's called these days.
The world has changed in the Internet age, because now transgressions that might have been forgotten or overlooked after a while in the past are kept on-file forever and searchable for all to see. That in itself makes both education (particularly for the young/vulnerable), privacy awareness, and explicit legal protections for personal information much more important.
Personally, I believe personal data protection and privacy laws are far, far too weak in most jurisdictions today, lagging well behind modern technology and its less constructive applications. I would like to see statutory safeguards on all collection, use and distribution of personal data, and awesome, business-destroying penalties for those who are not careful enough to do so.
Our current path, towards a database state and wholesale aggregation of personal data by private entities, using software that is frequently insecure, with low-level staff unreliable at following even basic security procedures, in a world where leaks can turn a victim's life upside down and the damage may be expensive or impossible to fix, is not a healthy path to follow.
Basically, it's reasonable to expect some common sense from those old enough to know what they're doing, but it is not reasonable to expect people to make decisions based on information they probably don't know or understand, and in any case, no-one is perfect and I personally think society would be a better place with stronger privacy laws governing organisations that compile massive databases of personal data. As I often comment in these discussions, just because we can do something does not mean we should, and just because someone who is only human once made a mistake does not mean we have to catalogue it and make it searchable by anyone for the rest of their life.
Re: (Score:3, Insightful)
Basically, it's reasonable to expect some common sense from those old enough to know what they're doing, but it is not reasonable to expect people to make decisions based on information they probably don't know or understand
The only thing you need to know is that you're posting information on the Internet.
If I ask a site to delete my personal data when they no longer have any reason to hold it, I might reasonably expect them to delete it
Sure, that's a reasonable expectation. But it isn't necessarily reality. If I give you a picture of me doing something lewd to a llama and ask you to destroy it I might reasonably expect you to do so... But that doesn't mean that you actually destroyed anything. And it doesn't mean that you have to destroy it either. Unless we signed some kind of legally binding contract that said you would destroy it... In which case I
Re: (Score:2)
The only thing you need to know is that you're posting information on the Internet.
As I do when I make a payment using on-line banking or give my credit card details to Amazon, you mean?
Sure, that's a reasonable expectation. But it isn't necessarily reality.
Not today, but it would soon become so if we started fining companies that failed to comply 10% of their annual profit and throwing a randomly selected member of the board of directors in jail for each lapse.
So it's limited to those people... Let's say FaceBook doesn't give out the information to other people, doesn't retain it after you deleted your account, etc. But one of your friends shares your information where they shouldn't have - re-posts it to a different website or something.
Ah, see, now you're getting to one of the real problems with privacy laws: it sucks that my friend did that, but in the days when it was probably an off-hand comment the damage was limited, whereas in
...an inaccurate view, IMO (Score:3, Insightful)
What you say would be true for people who make their facebook profile public, but what about those with private profiles that are visible only to their friends, and are basically being leaked to third parties?
How would you feel if your cell phone company were selling transcripts of your phone calls to advertisers and potential employers without your consent (ie. considering your use of their system as you granting your implicit consent)?
Re: (Score:3, Insightful)
What you say would be true for people who make their facebook profile public, but what about those with private profiles that are visible only to their friends, and are basically being leaked to third parties?
Your FaceBook profile is only private if your friends don't share anything with people you don't want them to. It doesn't much matter what FaceBook's privacy policy is... Or what kind of mechanics they've got in place to protect you... If you post something on FaceBook you have to assume that it'll wind up somewhere you don't want it to.
How would you feel if your cell phone company were selling transcripts of your phone calls to advertisers and potential employers without your consent (ie. considering your use of their system as you granting your implicit consent)?
I wouldn't be terribly surprised, to be honest.
I'd be even less surprised if they were doing that with my text messages. Or using the photos I take on that camera for pr
Re: (Score:2)
Or how would you feel if facebook allied with a dozen other unrelated sites to discretely build psychological profiles on you? I was particularly offend wen I was presured to join a facebook ripoff, I entered mostly false data, and yet it already has a good idea of which my contacts were, it's sick.
Now excuse me I'm going to make another tin foil cap for my tin foild cap.
Re: (Score:2)
One thing to keep in mind is that once people are on FB, private information about them can be posted by other people and linked to them via tagging and linking. Because of most default settings in FB, people can't easily control who sees what their friends and families post about them.
But you don't need to be on FaceBook for other people to post information about you. I can spread all sorts of nasty information about folks who don't have an on-line presence at all. I can upload photos, tag them with whatever I want to, and distribute them all over the place.
That's my point.
Whether or not FaceBook has a good privacy policy isn't going to protect anyone. If you do something stupid and/or incriminating, and there's evidence, you're just going to have to hope that nobody decides to share
Re: (Score:3, Interesting)
I'm not sure that privacy laws were written to protect the ignorant, so much as to protect the more savvy individual.
The guy who runs around bragging that he makes $200,000 a year deserves the parasites who hover around him. They KNOW he has money, because he told everyone. The guy who makes $80,000, and keeps it secret, can legitimately tell hopeful parasites to screw off, his money is none of their business.
Want to get more "personal"? The person who posts, "I'm a nubile teenage female, and I WANT TO G
Re: (Score:2)
who puts something on Facebook that they _want_ to keep _private_?
People who don't know any better, who are (incidentally) the same people the privacy laws were written to protect.
Laws designed to protect the ignorant can be dangerous things. If you set up your own personal blog site, do you really want to risk running afoul of various countries' laws because your users' postings are visible to the world. Yes, Facebook is larger and more commercial than your typical blog site, but think carefully about the implications of these types of laws when applied to typical blog sites.
Re: (Score:2)
Why does nobody get, that you can put things up such a site and expect them to be private too, IF:
You can configure privacy rules for every element of that data. Separately. For a fine grained self-definable set of rules over groups. Just as a firewall or other proper security system.
Re: (Score:2)
Does anyone actually expect privacy from these networking sites anymore?
Most Facebook (or any other popular social networking site) don't know (or don't care) any better. Even if someone sat them down and explained it to them
They only start caring when they mature a bit.
By which time, it's way to late to do anything about the pictures of them doing naked bong hits.
Re: (Score:2)
Easy data mining for 3rd parties (Score:5, Interesting)
Everybody seems to expect that Facebook has all this information, the issue is with applications/quizzes. By setting up some stupid quiz, you can collect contact and network data on everyone who fills it out. This could be used for everything from marketing research to "investigation" of various social/political groups.
They prompt you (Score:3, Insightful)
Any time you agree to take one of those quizes etc, Facebook pops up a GIANT box in your face basically saying that if you agree to take that quiz then you give all rights to your information and your first bord child to the developers of that application.
If the user is too stupid to read a giant disclaimer right in their face and decide it is not worth that risk to find out how much alike their taste in puppies is to Fergie, then I have no sympathy for them.
Re:They prompt you (Score:5, Interesting)
I agree with that one, but what if you want to play chess with your friend? You should be able to do that without giving someone access to everything. Either the Facebook API doesn't support requesting limited rights, or a I have never seen an app that uses that capability.
Re: (Score:2)
It used to.
You used to have the ability to control what the developers had access to. Now the choices are "give them everything" or "do not use the application"
Re: (Score:2)
So don't use goofy third party applications then.
Then don't use facebook to play chess??? (Score:3, Informative)
Problem solved?
Re: (Score:2)
Yes, that's the current solution. I think we could do a little better though, don't you?
Re: (Score:2)
No we can't do any better because the intermediary is not willing! Choose a different intermediary!
Re: (Score:2)
It sounds like the intermediary has been given a choice. Be willing (which they may well be), or don't do business in Canada.
I assume they'll amend their privacy practices for everybody while they're at it.
You're welcome.
Re: (Score:2)
I agree with that one, but what if you want to play chess with your friend?
Portable Game Notation [wikipedia.org]
Re: (Score:2)
Tech the tech teched.
Tech the teching tech?
[YES PLAY GAME] (no)
Re: (Score:3, Insightful)
Your American libertarian view of the law sees this as a business transaction, where the user can either use the product (and accept the terms of total data disclosure) or not use it.
Other countries with more civilized privacy laws prevent companies from demanding unnecessary personal data (i.e. anything not needed for the specific product or application) when providing a product. Terms of business have to comply with the law, just as they must in the U.S.; Canada just has more terms.
Yes I'm American.
Re:Easy data mining for 3rd parties (Score:4, Interesting)
..to keep the noise in Facebook down to a minimum. This way I don't see any of the quizzes people want me to take..
little known facebook trick, is that if you hover over the notification, then click the x, you can select hide all from this application (also report as spam), a similar thing can be done when hiding friends who talk too much!
Re: (Score:2)
Unfortunately idiots out number intelligent people. How many cases have you heard of where a kid postssomething stupid they did oy tohave their parents find out about it.
I don't face a facebook account(I am not narsisstic enough) yet I hear about that crap 2-3times a month.
Re: (Score:2)
kid postssomething stupid they did oy tohave
I don't face a facebook account(I am not narsisstic enough) yet I hear about that crap 2-3times a month.
I hear you man. It's almost pushed me to drink too :(
Re: (Score:2)
That or preview your posts while posting from your smart phone while eating lunch during a busy work day. Spell check will only save you so much.
Re: (Score:2)
Where, where?
Oh, here. [wikipedia.org]
Re:Draconian Laws (Score:5, Interesting)
Does anyone actually expect privacy from these networking sites anymore?
Yes many people do, not all countries believe so strongly in the market as the US and we often want restrictions put on businesses to keep our data the way we want it.
Besides, who puts something on Facebook that they _want_ to keep _private_?
People with friends, FB is not myspace (its not a site to go meet random people off the internet with) it's a site to allow friends (of varying levels of technical competency) to keep in touch and communicate. I put stuff i want my friends to see on my facebook profile that perhaps i don't want everybody in the world to know about! embarrassing pictures people take of me can be tagged on facebook, tbh i don't care if my mates see me passed out in a field but i sure as hell don't want everybody on the internet (including prospective employers) to see it. If i have a choice between
1)total privacy
2)a convenient way being able to organise events and nights out much easier at the expense of privacy.
I'm going to choose 2, however if that expense can be reduced then that is great.
Re: (Score:2)
So, let's say FaceBook has perfect privacy. You can share your information with whoever you want, and nobody else can get at that stuff. App authors can't get at it, FaceBook deletes it as soon as you quit. Perfect privacy.
You pass out in a field. Somebody takes a picture. You post that picture on FaceBook - only your friends can see it. Great!
Now one of your friends downloads it and emails it to his buddy, that you don't know, and that buddy re-uploads it to FaceBook.
Or maybe the guy who took the pic
Re:Draconian Laws (Score:5, Interesting)
Some people use Facebook to keep in touch with friends, not to post compromising pictures of themselves. Most Facebook profiles these days are only available to friends of the owner.
The apps thing has always bothered me about Facebook. The vast majority of apps are stupid and easy to ignore but there are a few interesting ones that I might use except that the only way to do so seems to be to give the free run of any and all personal information. Why did a game of Scrabble need to know anything more than my user number?
Re: (Score:3, Informative)
Yesterday I saw an IQ Test" app and thought "Why not?", so I took the test (one could argue I failed it by just using Facebook to test my IQ, but I'll leave that for another discussion).
When I was done, the app wouldn't give me my results until I gave it my cell phone number, so it could send me the results of my test to my cell phone. Not like I could read it off of the web browser, right?
Pissed me off to no end that the app would so underhandedly try to farm my cell number this way, so I just backed out
Re:Draconian Laws (Score:5, Interesting)
There's one thing that disturbed me about Facebook: I wanted to apply for a position there, but you need a Facebook account in order to do so. So why not ? You have to provide some personal information especially your birth date, which is illegal for a prospect employer to ask.
I understand the recruiters might not look actively look for your birth date, yet now it's there for them to look at, forever in their database.
Lie (Score:2)
I know this doesn't really address your issue, but it's a point worth making for anyone who bothers to read this comment.
Re: (Score:2)
The only thing he/she has lost is the opportunity to have submitted an application... Or arguably, the time it would have taken to make up a facebook page with a fake date of birth on it.
sodul has 'lost' very little, so he/she has very little to gain from a lawsuit.
What exactly is the incentive to sue? To expend that much time and money? For what? The burden of a moral case like this one should not fall into the hands of an individual. Or am I missing something about the legal syst
Re: (Score:2)
Never heard of that happening, but then I suspect most people don't have passports...you don't need one unless you plan on traveling out of the country. (I had to renew mine recently before a trip to Canada; my last trip out of the country prior to that was to Germany in 1998, and that trip was also on a brand-new passport.) They do usually have driver's licenses (or other DMV-i
Re:Draconian Laws (Score:5, Insightful)
That's not the point.
The point is that Facebook is disclosing personal information to any developer that asks for it, without regard to what the information is, or what use the developer has for the information. That's against Canadian law.
The quote in the article states it most clearly: "Why does a hangman developer have to know your address?"
Re:Draconian Laws (Score:5, Insightful)
It is worth noting that Facebook violates privacy of more than just its members.
The summary does not mention this, but one of the things the Canadian study found was that users of Facebook can post photos and Tag the names of each person in the photo (whether they are on Facebook or not).
I believe there are good reasons why a non-Facebook user would not want their images posted, and for that matter, have a searchable Tag posted against that image.
Presently, I can't 'opt-out' of images of myself being posted by members, even though I am not on Facebook.
And on the same subject-- should I even need to 'opt-out'? Maybe they should require 'opt-in'?
Re: (Score:2)
No, for the same reasons you can't stop anyone creating a web site (e.g. a blog) with a picture of you and the caption "This is $yourname", posting a picture of you with the same caption on a usenet group, or going to a bar, holding your picture in the air and shouting "This is a picture of $yourname".
Iff t
The boss of MI6 (Score:2)
http://news.bbc.co.uk/1/hi/uk/8134807.stm [bbc.co.uk]
The (wife of the) boss of britains MI6 apparently.
Re: (Score:3, Interesting)
Facebook made it's mark by being a place you could safely share things that were only meant for friends and family. It offered a place where you had some privacy and could put up pictures that you wouldn't put on the general internet. That was what made it go big. People who would never put their kids pictures up on a my myspace profile felt this was a safe way to share pictures with grandma.
It was all a big snow job, but sti
Re: (Score:2, Funny)
There's a reasonable expectation.
For example my private information shouldn't automatically be made available to some third party just because some half-wit on my friends list took at 'Which punctuation mark are you?' quiz.
I can't view other peoples profiles if they don't want me to, unless I make some idiotic quiz that they take.
Re: (Score:2)
YES. I. FREAKIN. DO!
I do not think that they will keep it private though.
But I do think that private data should have a huge price tag on it (think infringement), and that Facebook should then be sued for it, and for making money out of it.
So much that they not only go down, but will have to work off debt for the rest of their lives.
But there is one more rule: Give them one, and just one, chance to fix it. A month should be enough, and be realistic. Also bugs are not intended breaches of privacy, and have t
Re: (Score:2)
The answer is pretty simple (Score:5, Informative)
Re:The answer is pretty simple (Score:5, Interesting)
In addition, they should review apps (not sure if they do this now or not, if they do their criteria are laughable) before allowing them on to the site...and part of their review of an app should include whether or not the app is asking for more information than it actually needs.
And for the love of God, instead of making every stupid little quiz a separate app, Facebook should maintain its own in-house developed "quiz app" and allow random idiots to submit quizzes to it. I'm tired of having to block every stupid quiz individually because they're all individual apps. This would also have the side effect of not needing to give all of your information to a random 14 year old so you can find out which Teletubby you are...your information would only be shared by the developer of the Quiz App (Facebook itself). Of course, this would only work in conjunction with the review process mentioned above, as any other quiz apps would be rejected by the review and the developers pointed to the Facebook Quiz App.
Facebook strikes me as a company with a lackadaisical approach to privacy and a generally lazy approach to the design and implementation of site features. It angers me that the site could be so much better than it is if someone at that company gave a damn about these things.
Re: (Score:3, Insightful)
"allow a developer of an App to determine what information from a user's profile they actually need"
This sidesteps the issue under discussion. The issue is, some developers might be data mining, and some people don't desire all their data to be mined. Whether or not I am developing a legitimate app or not, I can claim to need personal data, right down to the size of a member's panties and bra. Or, maybe my app is just a front for a personnel screening service. While I claim to be developing the app, I'm
Re: (Score:2)
Re: (Score:2)
Because all we need is another App Store.
Don't get me wrong, I agree that there should be better control over Facebook apps, especially from the privacy standpoint. However, Apple is doing a fine job of demonstrating that one central point of review isn't the greatest way to go.
Re: (Score:2)
That was my old policy, however check this [facebook.com] out it does allow much greater control over apps than previously available. At a minimum i have to give the app maker "my name, networks, and list of friends", which is much better than the old choice of everything/nothing, and IIRC the defaults are fairly tight too mine only gave away basic info ("Your basic info consists of your birthday, gender, hometown, political views and when you last updated your profile.") & my profile pic.
Re: (Score:2)
The answer is pretty simple DO NOT RUN ANY APPS!!!
Yeah, the answer to the drug problem is simple: don't buy any drugs!!! Unfortunately just because someone is accepting payment in return for illegal drugs does not mean it's legal. Thus, just because Canadian Facebook users have the option not to run applications doesn't mean that they don't/won't.
Re: (Score:2)
DO NOT RUN ANY APPS!!! Sorry for shouting, but I have been saying this to people for years now (since the first time i read the terms for FaceBook apps). I am not knocking FB as a tool in and of itself, in fact I am very grateful to them for letting my daughter find me after 16 years of seperation (true story - she searched my name and sent me a message) but come on, they state clearly that if you want to plant a garden (or whatever) the developer gets to see all of your info. just Don't Do It. thanks for the rant-space.
And you also need to not let any friends who you allow to see your page to run any apps. Another possibility is to not put any information at all on FB that you want to keep private. If a conversation turns toward something private, switch to email, IM, or, you know, spoken words. FB isn't a necessity for fully maintaining anyone's modern social life, despite the frequent claims I see here.
Re: (Score:2)
What happens if someone that has you as a friend does an app? Are you compromised then? I have only created 1 account with all bogus information, just to see what the damned facebook thing looks like. That account has no friends. It's a very sad account...;-(
Don't you have to accept first? (Score:2)
Okay, the thing with holding onto your data after you have closed your account is a genuine point, but don't you see the "allow app xzy to access your profile data?" warning clear enough? If you willingly let someone pull your profile data then for sure there is no violation of a law. Well either that or Canada has some crazy laws in this regard.
It is annoying nevertheless that you can't select what portion of your profile data is visible to some app.
Re: (Score:2)
but dude, I want to spend hours a day growing a virtual garden.
Comment removed (Score:3, Interesting)
Re: (Score:3, Informative)
How robust is Canada's analog to the 4th amendment? Does it even have one?..
Part of the Charter of Rights and Freedoms [wikipedia.org] which is as robust as it gets in Canadian constitutional law.
8. Everyone has the right to be secure against unreasonable search or seizure.
Re: (Score:2)
Re: (Score:2)
You're forgetting about the Notwithstanding Clause
Uh... no I'm not. Hence the comment "as robust as it gets in Canadian constitutional law".
Invoking notwithstanding requires an act of provincial parliament, this is not something that can be thrown about like a warrant on the whim of an individual judge or a casual rule of engagement that the average cop on the beat can abuse.
So while it is possible for the MAJORITY of a provinces ELECTED representatives to agree to TEMPORARILY overlook certain constitutional provisions for "the greater good" it is rarely i
Re: (Score:2)
Perhaps I was unclear. Acts of parliament must be passed by the members by means of a vote. These are not edicts. (Which I felt was worth pointing out to our cousins to the south who frequently forget that they are not the only democracy.)
I was not referring to whether or not the governing party held a majority. (But I can see the confusion as we tend to over use that meaning especially when minority governments are sitting.)
Re: (Score:2)
This is much better than not having constitutional rights at all, but it falls short of a system where the courts can keep rogue governments in check.
So far, fortunately, this has only been a problem in places that will A) voluntarily elect rogue governments and then B) not insist that subsequent governments repeal the legislation. i.e. Quebec, where you can be a blatant racist and still get elected to the highest offices.
Re:Priorities (Score:4, Informative)
As another poster mentioned, the Canadian equivalent of the 4th Amendment is Section 8 of the Canadian Charter of Rights and Freedoms.
More to the point, Canada has a very powerful Privacy Act ("An Act to extend the present laws of Canada that protect the privacy of individuals and that provide individuals with a right of access to personal information about themselves") that limits the government's ability to collect and retain private information, and a Privacy Commissioner to enforce it. I don't think there's anything comparable in the US, as Canada's privacy laws are probably the toughest in the western world.
Re: (Score:2)
http://en.wikipedia.org/wiki/Section_Eight_of_the_Canadian_Charter_of_Rights_and_Freedoms [wikipedia.org]
It's more or less equivalent to the US forth amendment. However, our tougher privacy laws seem to indicate that Canadians are more interested in the government actually obeying the spirit of the charter section, rather than making excuses to try and get around it.
Facebook app privacy (Score:4, Interesting)
I'm assuming facebook gives this control to the app makers - but as we know - when you have an option and it is free then why not use it?
Re: (Score:3, Insightful)
Is this [facebook.com], what your looking for?
Facebook privacy not that bad! (Score:3, Interesting)
Unlike many slashdoters i feel the need to keep in touch with my friends outweighs the need to live in a basement with a tinfoilhot keeping my data (that nobody wants as anyway) private, so i do have a facebook account *gasp*. I have always taken care to keep my data private though, this is so that while i can tell my friends that im a racist, in-bread(hence all the spelling mistakes), thieving, crack addict, hopefully prospective employers will never know about it. It's surprising that facebook is in trouble now, because i was surprised at how well i can keep my data private while still using 3rd party apps. Originally there was no privacy on FB, then you could protect yourself from facebook themselves, but if you installed one bad app all your data goes straight to the CIA, now this page, that i noticed the other day in my regular app clean-up (how could i not accept an invite to pacman), allows you pretty granular control over your data, ranging from all your data (which some apps may use) to "name, networks, and list of friends", which I'm pretty happy to hand out.
Privacy is not black/white, i was never happy giving a stupid flash game developer access to all my information for whatever evil purposes they have, but tbh ill trade my list of friends and name (which they can surely indirectly get from my friends list of friends) for a stupid flash game anyday! I assume the problem the canadians have is that even without installing any apps, if all my friends do they get access to my name, my list of friends, my wall posts, photos of me taken by others and photos of others including me. Perhaps that will be the next push in the facebook privacy API, stopping friends from giving your data away?
Re: (Score:2)
Unlike many slashdoters i feel the need to keep in touch with my friends outweighs the need to live in a basement with a tinfoilhot keeping my data (that nobody wants as anyway) private, so i do have a facebook account *gasp*.
Imagine the thousands of years of humans struggling to create society without having the benefit of Facebook. These poor longers roamed the dark recesses of Earth's caves in a desperate attempt to entertain themselves without the ability to connect socially with other humans.
Oh wait, that didn't happen. Instead, we as a species and as a collection of cultures evolved to depend on and function with communication that *gasp* didn't depend on Facebook or an analog. If you weren't using FB, you'd be surprise
Re: (Score:2)
FB is a tool, I use at such, it is useful for organising events/parties/nights out/etc Are you amish? do you shun phones? perhaps letters too? Just because you drive round peoples houses (assuming you don't shun houses/cars) to organise events, doesn't mean its the best way to do it.
If i didn't use facebook my social life would diminish, I get invites to parties/gigs/etc that i probably wouldn't otherwise, why bother ringing up 30+ people and make definite plans when you can just send put the idea out there
Gah! (Score:2)
Gee a company operating outside of Canada does not adhere to Canadian Law? Impossible!
Seriously though this is just the Privacy Commissioner's Officer playing the political game. Target some company with "Gee Whiz" factor and make a stink. This is all to get PR and good vibes. See look, we do stuff, aren't you happy? Now back to work!
Granted Facebook does business in Canada, but it isn't like they are going to lose any business, nor can they be stopped from operating. If anything this warning may scare off
People are surprised when I have this conversation (Score:2)
People are surprised when I have this conversation with them.
They think I'm nuts until I make it clear that the reason I don't make stupid little facebook apps is because I don't agree with their information sharing.
I use facebook (no, I have an account, I seldom use it), but I don't add apps.
Do what you want, but I think Facebook should make it perfectly clear what type of information is being given to app developers. A checklist confirming what type of information that particular developer gets access to.
Wouldn't be surprised if it broke British law too (Score:2)
but the UK ICO has only once taken serious action that I'm aware of and it's had the power to do so for 10 years or more.
Let's see, under UK law:
The "user beware" argument is faulty (Score:3, Interesting)
While many comments here are along the lines of... well then just don't use any apps. Or... just let the people who don't know any better, suffer the consequences of their ignorance. Etc. This is a faulty argument. If we always take the stance that no one should be protected from exploitation because of their ignorance then we will all end up in that boat.
Maybe you're so smart, you know better than to use Facebook at all or maybe just keep your personal info off it. But many people don't know this and Facebook actively encourages you to fill in and post as much info as possible.
Ok, you're too smart for Facebook. But are you overweight? Do you read the ingredients and nutrition info of everything you eat? Maybe we should allow restaurants and food companies to fill their products with trans-fats and all kinds of harmful but tasty chemical garbage, or exorbitant calories because well, if you're too stupid to read the ingredients or research the process to make the food- you deserve what you get.
Ok, maybe you are a conscientious eater and are careful of what you put in your body. You're too smart here. But do you use a cell phone? Maybe we should let cell phone makers create devices that emit tons of radiation and make all the cellphone users who are too stupid to research how much radiation their particular model of phone emits suffer the consequences of their stupidity.
Do you know the safety rating of your car?
Do you know the actual interest rates that payday lenders and/or your credit cards are charging you?
Etc, etc etc.
None of us are totally free of ignorance in every single area of our lives. User beware will bite all of us in the ass eventually. It needs to be a two way street. Buyers need to be aware and sellers need to be responsible for what they produce and how they treat their customers.
Iceland is #1 per capita (Score:2)
And for those that care, the USA stands at #14 with 19.55%.
Data taken from http://www.nickburcher.com/2009/04/facebook-usage-statistics-by-population.html [nickburcher.com]
The Problem... (Score:2)
The biggest problem I see with Facebook is the stupid, silly apps that get *full* access to your data. I create a dancing Christmas tree that everybody sends to their friends, or similar banality, and I can scam tons of personal data, that I really don't need to show that dancing Christmas tree.
The Canadian report recommends that these third party apps only request the data they need to perform their function, that the app let's the user know what data is using, and gets the user's approval. If that Danci
Re: (Score:2)
Farcebook doesn't have any servers in Canada.
Re: (Score:2, Insightful)
Then how can they be subject to Canadian law? If they're found guilty of violating privacy laws, where's the enforcement mechanism? It's not like they're going to send Mounties to the U.S. or require ISPs to block Facebook.
Re: (Score:3, Insightful)
Facebook does business in Canada. SO while they cant 'shut down' the servers, they can stop Facebook from doing business in Canada.
Re:Simple solution (Score:4, Informative)
It's not like they're going to send Mounties to the U.S. or require ISPs to block Facebook.
YES facebook IS VERY MUCH bound by Canadian law and it IS enforceable to a large degree. And yes, Facebook CAN be taken to court if they do not make efforts to meet the commissioner's recommendations.
If Pandora can be ordered to refuse entry to non Americans via geolocation, etc. to adhere to DMCA and license agreements in the US, you can ABSOLUTELY expect that Facebook can be ordered to shut off access in Canada (note that this does NOT involve ISPs--it is a function of the web site itself). Proxies, etc. make enforcement imperfect, but by law in both cases the website MUST take "reasonable efforts" to abide by local laws.
Only if websites refuse to cooperate would the issue be escalated to more draconian means (the Canadian gov't CAN file lawsuits in an American juristiction or an international venue you know--and CRTC can mandate ISPs follow certain rules too)
whether this is a problem or such action is right or wrong, it CAN be done.
Re:Simple solution (Score:5, Insightful)
I agree - if Facebook doesn't have a Canadian legal entity, nor Canadian hosting, the answer is "who cares"? I'm Canadian, BTW.
Just because there's users on FB from all around the world, it doesn't mean that FB has to abide by all countries' laws. If that were the case, the Internet would be a hobbled and useless mess.
MadCow.
Re:Simple solution (Score:4, Insightful)
If you're serving, catering, and marketing to users in Canada, and even partnering with Canadian telecoms to get your software on their phones, then a physical presence might not be required.
The mere fact that I can walk around Montreal and see advertisements for Facebook indicates that at the very least they could be forced to stop advertising in Canada, and the telecoms could be forced to stop distributing/bundling the Facebook apps. Even if they don't have a legal presence in Canada, they certainly do have *a* presence, and that's enough to force changes. That gives the Canadian government leverage to force Facebook to make changes.
"Comply with our laws or we'll cut off all your marketing and partnerships in Canada."
Re: (Score:3, Insightful)
Just because there's users on FB from all around the world, it doesn't mean that FB has to abide by all countries' laws. If that were the case, the Internet would be a hobbled and useless mess.
MadCow.
Actually it doesn't matter where servers are located--what matters is how business is conducted in the country in question. Also, the Internet is hobbled and a mess, though it is still rather useful.
There is already historical precedent. Totalitarian governments, notably those of China and Cuba, thoroughly monitor Internet traffic and routinely block sites that conflict with their propaganda. The Pirate Bay was hosted in Sweden, but it is banned in China and several EU countries have had legal battles ov
Re: (Score:3, Insightful)
I don't dispute your arguments above, especially regarding Canadian-hosted/based Apps within Facebook.
However, FB cannot be held legally accountable to laws of a foreign country where they have no legal presence. Sure, that country can block the site if they think that it's hazardous to their citizens, but that's the only consequence I can even imagine being appropriate. It's a business risk at that point - losing a potential market of customers. It's not like their corporate officers could be extradited
Re: (Score:2, Informative)
I agree, per the Yahoo! and Belgium issue. But:
http://strategis.ic.gc.ca/cgi-bin/sc_mrksv/corpdir/dataOnline/corpns_re?company_select=4496906 [ic.gc.ca]
ONE THIRD of Canada on FB (Score:3, Interesting)
if Facebook doesn't have a Canadian legal entity, nor Canadian hosting, the answer is "who cares"? .... Just because there's users on FB from all around the world, it doesn't mean that FB has to abide by all countries' laws. If that were the case, the Internet would be a hobbled and useless mess.
You may be right about most things internet-wise. However, Facebook is an interesting case; fully one-third of the canadian population subscribes to FB (so a much more sizeable proportion of internet users), and thus the privacy commissioner is well within their mandate to ring alarms by whatever means necessary. The implications are enormous.
The nature of Facebook's control over the personal information of our citizens means that if we don't have a clear legal means to manage privacy issues of our nation,
What about my mafia? (Score:2, Funny)
Re: (Score:2)
Canadian mafia members, now that's scary~
Oh no, there going to politely and reasonable try to extort from me.
Re: (Score:2)
No, they are going to beat you with Hockey sticks until you give them money.
Signed, A Proud Canadian.
Re:Simple solution (Score:4, Insightful)
They still do business in Canada when they sell ads for Canadian companies/sell stuff to Canadians/etc, now they could lose that revenue, or they could work with officials to improve the privacy of their users, thus keeping that revenue while improving their site. Do facebook really want to lose 11m users worth of revenue (and probably more long term as the EU may follow suit) ?
Re: (Score:2)
My theory is this: being ruled illegaly invasive in Canada, which has a good international reputation, is extremely bad publicity for a user-driven website, which would scare away users from all around the world.
That's probably *the* reason why they are working with the Privacy Commissionner, and not direct canadian revenue loss.
You're totally right! (Score:2)
Re: (Score:2)
funny story, when facebook changed their TOS [bbc.co.uk], it made all the major news channels in the UK and the anti-new-tos group [facebook.com] quickly racked up ~150k people and got an official response [facebook.com] and a TOS change