FTC Still Seems More Interested In Making Headlines Than Really Protecting Privacy

from the picking-on-the-headline-winners dept

So, the FTC got some press today for announcing a high profile "settlement" with social networking startup Path. You might think that this is entirely about the news that came out a year ago, about Path uploading entire user address books to its server. If you don't recall, that story got a lot of press coverage. Basically, Path, like tons of social networks and mobile apps, had a feature which was "see if your existing friends already use this app and connect to them." But, to do that, it needed to know who your friends are. The process it used to do this was to upload your address book in the background and then compare it to their user base. This was, certainly, a somewhat questionable practice on privacy grounds, but it was something that lots of companies did, because it was a simple way to use the "find your friends" feature.

Of course, as soon as the story about Path went viral, most companies who were doing this very, very quickly dropped the practice, and figured out other, less privacy-invasive ways to connect you to your friends. That's a good thing. So, does the company need to be punished? It seems like negative publicity and the market took care of everything.

Well... if you look at the details of the Path "settlement," it wasn't even really about that issue at all. Yes, Path agreed to have outside privacy audits for the next 20 years (which is the FTC's go to "punishment" plan), but the hyped up $800,000 payment actually had nothing whatsoever to do with the uploading address books. Instead, it dealt with a different issue. During the investigation, the FTC also found that Path likely violated COPPA, the silly and misguided law that basically means most sites put in their terms that they don't allow anyone under 13 to use it. Of course, in practice this has significant unintended consequences, including not letting perfectly reasonable services be available to kids and (more likely) parents teaching their kids to lie about their age.

It turned out that for a brief period of time, Path did not exactly follow the COPPA rules, and actually let a few thousand kids under the age of 13 sign up. So, they may have violated the rule. But... Path had discovered and fixed this well before the FTC investigation began. The company claims it was just an oversight that their system did not automatically reject users under the age of 13.

So... the company made a mistake, caught it and fixed it, without having the FTC get involved at all. And there's no evidence, at all, that it misused the data it collected here. And yet it needs to pay $800,000? Why? For a big company, $800,000 may be small beans, but for a startup, that's significant money.

Oh, and even more bizarre: as noted earlier, lots of companies did similar things to Path, but the FTC only went after Path. When asked why they only went after Path, outgoing FTC boss Jon Leibowitz gave a non-answer, saying that they're just a small agency and so they have to "pick and choose which malefactors you want to go after." So they chose the one most likely to create headlines -- and forced them to cough up $800,000 over a "violation" that was the result of an accident, which the company had already discovered and fixed, and for which no abuse was found. That doesn't seem like good policy. It seems like vindictive choices by the FTC focused on the maximum potential to create headlines, rather than actually protect people's privacy.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: coppa, ftc, grandstanding, headlines, privacy
Companies: path


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That Anonymous Coward (profile), 2 Feb 2013 @ 4:35am

    Well its nice to see that the FTC is kept small enough to not chase large corporations... well unless someone needs Google to pay a whiner because they have money that they should pay to them.
    Look over here everyone! See we got $800,000 for these people violating your privacy... now stop worrying about the Government or large corporations doing it.

    link to this | view in chronology ]

  • identicon
    Bill, 3 Feb 2013 @ 10:18pm

    FTC not interested in protecting privacy?

    The FTC is part of the US government, right? Which, more or less by definition, these days, means that they're interested in protecting their budget, and promoting themselves. And nothing else.

    And if that requires fucking citizens, well, so be it.

    link to this | view in chronology ]

  • icon
    Ninja (profile), 4 Feb 2013 @ 1:50am

    Path made quick headlines, bigger companies would have fought harder...

    link to this | view in chronology ]

  • identicon
    747, 15 Feb 2013 @ 11:34am

    But what about the EFF, surely they'll protect our rights (intense sarcasm)

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.