Facebook is spelling out in plain English how it collects and uses your data in rewritten versions of its Terms of Service and Data Use Policy, though it’s not asking for new rights to collect and use your data or changing any of your old privacy settings.The public has seven days to comment on the changes (though Facebook doesn’t promise to adapt or even respond to the feedback) before Facebook will ask all users to consent to the first set of new rules in three years.
Unfortunately, because the changes to the language and structure of the terms are so wide-reaching and the new versions are so much longer, it’s difficult to do a direct comparison of the differences between the old TOS and DUP and the new versions embedded below.
Perhaps the most interesting part of the expanded, plain-language terms are the specifics of how Facebook collects data from your devices. Conspiracy theories about it snooping on people through its microphone, and confusion about it collecting SMS and call log history likely pushed Facebook to give people details about what data it’s slurping up.
Facebook now explains that (emphasis mine):
Information we obtain from these devices includes:
• Device attributes: information such as the operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins.
• Device operations: information about operations and behaviors performed on the device, such as whether a window is foregrounded or backgrounded, or mouse movements (which can help distinguish humans from bots).
• Identifiers: unique identifiers, device IDs, and other identifiers, such as from games, apps or accounts you use, and Family Device IDs (or other identifiers unique to associated with the same device or account).
• Device signals: Bluetooth signals, and information about nearby Wi-Fi access points, beacons, and cell towers.
• Data from device settings: information you allow us to receive through device settings you turn on, such as access to your GPS location, camera or photos.
• Network and connections: information such as the name of your mobile operator or ISP, language, time zone, mobile phone number, IP address, connection speed and, in some cases, information about other devices that are nearby or on your network, so we can do things like help you stream a video from your phone to your TV.
Specifically regarding SMS history and call logs, Facebook writes, “We also collect contact information if you choose to upload, sync or import it (such as an address book or call log or SMS log history), which we use for things like helping you and others find people you may know.” Though Facebook asked users’ permission for this data, nothing about SMS and call logs wasn’t in the terms of service.
Disappointingly, the new explanation of helping you find friends doesn’t necessarily justify it collecting this data. Meanwhile, just today Facebook confirmed to Bloomberg that it does automatically scan all the text and image content of Messenger conversations to prevent violations of its Community Standards and the spread of spam or abuse. While other tech products like Google’s Gmail scan the contents of your messages for advertising and other purposes, the revelation could scare some privacy-focused users away from Messenger.
Facebook has also clarified how new products it’s launched since the last TOS update — like Marketplace, fundraisers, Live, 360 and camera effects — work. It explains how every user’s experience is personalized. A new Music Use Policy has been added as Facebook strikes deals with the major record labels.
Finally, Facebook makes it clear that it, WhatsApp and Oculus (as well as Instagram) are all part of one company that it refers to as “The Facebook Companies”, though WhatsApp and Oculus have their own data polices. Instagram is now repeatedly mentioned in the TOS and DUP, whereas before it wasn’t even mentioned. The recent #DeleteFacebook movement that missed Instagram indicated that many users don’t quite realize they’re part of the same corporation.
As Facebook deals with a disgruntled public and awoken regulatory bodies, the rewriting of these policies might be perceived as the company trying to cover itself after neglecting to detail how it pulls and uses people’s data. CEO Mark Zuckerberg might face questions about the changes and why they weren’t in place before when he testifies before the House Energy and Commerce Committee on April 11th regarding protections of users’ data privacy.
But today’s revamp could also give Facebook stronger documents to point to as it tries to prove it doesn’t need heavy-handed government regulation. Switching from a more “legalese” document full of jargon to a more layman’s version could also help it dispel myths or give people more transparency.
If Facebook can give users a better understanding of how it works, it might be able to diffuse privacy scandals and backlashes before they happen.