Canadian Group Files Facebook Privacy Complaint

bergkamp writes "A Canadian public policy group filed a complaint charging Facebook with 22 separate violations of a Canadian personal information protection law. The Canadian Internet Policy and Public Interest Clinic, based at the University of Ottawa, asked the Privacy Commissioner of Canada to investigate what it describes as Facebook's failure to inform members (PDF) how their personal information is disclosed to third parties for advertising and other commercial purposes. The complaint also alleges that Facebook has failed to obtain permission from members for disclosure of their personal information. The claim is that that Facebook violates the Canadian Personal Information Protection and Electronics Documents Act, which Philippa Lawson, the clinic's director, said is much stricter than US personal information protection laws."

That's nice, and all

[bconway]

I wasn't aware that Facebook operated in Canada.

Re:

[mrbluze]

I wasn't aware that Facebook operated in Canada.

Borders are a thing of the past.

Re:That's nice, and all

[value_added]

Borders are a thing of the past.

LOL.

Be sure to email Lou Dobbs in case he didn't get the memo.

While you're at it, be sure to mention that you've found the solution to end all wars, territorial disputes, and cure the rising tide of nationalism in Russia, China, Kossovo and ... well, just about everywhere, and that fans attending football matches the world over can now settle down and share a quiet cup of tea.

Re:That's nice, and all

[mrbluze]

LOL.

In this context (legal action against a website which has a multinational presence), it is becoming more and more apparent that governments don't care where the website comes from. Sure there still are nominal borders but it's not like you can throw rubbish over the neighbour's fence and get away with it so easily on the Internet.

Re:

[value_added]

In this context (legal action against a website which has a multinational presence), it is becoming more and more apparent that governments don't care where the website comes from.

While that may be the real issue here, and worthy of prolonged discussion, Lou Dobbs jokes are infinitely easier. ;-)

Re:

[mrbluze]

While that may be the real issue here, and worthy of prolonged discussion, Lou Dobbs jokes are infinitely easier. ;-)

Tell that to.. uhm.. some other guy uhm.. ok ok you win!

Re:

[billcopc]

It's not so much about the multinational presence, it's about Facebook having oodles of advertising revenue.

Any sufficiently large target will be attacked, regardless of territory. If Facebook were located in China, I'm sure some dude named Cheung Goldberg would find an excuse to sue them!

Re:That's nice, and all

[CodeBuster]

it is becoming more and more apparent that governments don't care where the website comes from.

They might not like it, but there is not much that they can do about it unless they want to cut off trade, end normalized diplomatic relations, or go to war (not really a viable option anymore these days). They can block the website in question, but that will probably be the end of it.

but it's not like you can throw rubbish over the neighbour's fence and get away with it so easily on the Internet.

Sure you can. What are they going to do about it? Facebook is an American corporation with (as far as I know) no business operations in Canada. The Facebook executives just have to avoid entering Canada personally and never invest any capital there. The De Beers diamond cartel thumbed its nose at the United States for decades in just this way and their executives simply avoided visiting the United States. Canada can try and block Facebook, ala the great firewall of China, but that is about it.

Re:

[RealGrouchy]

Canada can try and block Facebook, ala the great firewall of China, but that is about it.

Not likely. Canada has the highest per-capita use of Facebook in the world (over 20% of the population), and the third largest Facebook population of any country, after the U.S. (reference [canada.com])

- RG>

Re:

[jbailey999]

They can also fine them, and intercept payments from Canadian advertisers in the same way that happens if you decide not to pay taxes.

They'd just cease any Facebook assets that happen to pass through Canada.

Re:

[DaveV1.0]

I was unaware that FaceBook maintained an office in Canada.

Oh wait, they don't.

Re:That's nice, and all

[ericspinder]

it's not like you can throw rubbish over the neighbour's fence and get away with it so easily on the Internet.

Have you ever seen Usenet?

Re:

[jo42]

Borders, that is nations, states, etc. are all people-made creations.

What people can, in their capacity for infinite stupidity, make, they can, in their capacity for reasonable amounts of wisdom, unmake.

Re:

[helpfulcorn]

Like borders, facebook is a people-made creation, that is hopefully one day we can unmake networks where teens congregate and spread stupidity like conspiracy theories and rumors about each other. That and reality shows, I pray for the day they end.

Re:That's nice, and all

[sm62704]

Borders are a thing of the past.

Tell that to the Missouri Highway Patol when you cross the Mississippi river from Illinois on your motorcycle when you're not wearning a helmet.

Yes, borders are a thing of the past. They're also a thing of the present and a thing of the future.

If Facebook has offices in Canada, servers in Canada, or workers who live in Canada then Canada has a valid point. If not then Facebook can tell Canada to fuck off.

Re:

[mrbluze]

Tell that to the Missouri Highway Patol

Tell that to the router. We're not talking about roads but electrons.

Re:

[sm62704]

My hosting service was in Canada. That means I couln't host any content that broke US law, Illinois law, or Canadian law. I was free to completely ignore the laws of any other country.

Routers don't have to obey any laws except the laws of physice, but the people using them do. You don't send a gun to prison for murder, you send the human who fired the gun.

Re:

[Ripit]

Tell that to the Missouri Highway Patol when you cross the Mississippi river from Illinois on your motorcycle when you're not wearning a helmet.

Do I tell it to them before or after they're scraping your brains off of the pavement?

Re:

[sm62704]

What does that have to do with anything at all, let alone the subject at hand?

Re:

[ady1]

Facebook has advertisement deals with Canadian Companies. Choosing to abandon that revenue, whatever it accounts for, won't be that easy.

Re:

[mwilliamson]

So, need I actually abide by laws of other countries if my Website is hosted in the USA and I am a citizen of the USA living in the USA? If so, which countries? What happens if I don't and just ignore their BMCing.

My blogsite allows user registration and such. I really don't care to become a legal expert in foreign law as the US laws are complex enough. Actually, I don't really give a rats *ss about any foreign governments toes I just happen step on.

-Michael

Re:

[Anonymous Coward]

Actually, I don't really give a rats *ss about any foreign governments toes I just happen step on.

Up to a point, but you need to make sure that if you *do* offend any foreign governments or law enforcement bodies, that you do not subsequently either visit these countries, or hold any significant assets in their jusirdiction, or visit any country that might extradite you to the country or countries you offended. So you do need to 'give a rats ass' to the point of keeping track of where not to go. And be sure

Re:

[PinkPanther]

Actually, I don't really give a rats *ss about any foreign governments toes I just happen step on.

You will care if your business model includes selling advertising and other services in that foreign land, to foreign companies, via a foreign office or some other presence.

Re:

[CodeBuster]

Facebook doesn't have any offices in Canada and the ads on their website are served to whomever no matter where they are from. They don't care.

Re:

[PinkPanther]

They don't care...yet.

At one point eBay, Amazon and Yahoo! didn't care either.

Re:

[Obsi]

Those companies, Ebay, Amazon, and Yahoo, have business presence in those countries. Facebook, as far as I know, doesn't.

Re:

[PinkPanther]

Thus the "...yet".

Re:

[1u3hr]

So, need I actually abide by laws of other countries if my Website is hosted in the USA and I am a citizen of the USA living in the USA? If so, which countries? What happens if I don't and just ignore their BMCing.

Nothing will happen to you. Unless, like Facebook, you have 7 million members in Canada, take advertising money from Canadian customers and thus have millions of dollars in cashflow passing through Canadian banks, then you might have to take notice if you break laws relating to how you use the i

Re:

[jbailey999]

As long as you don't plan to have any presence in that foreign country, then you're fine. If your airplane happens to make a stopover in that country, and it turns out there's a warrant for your arrest for unpaid court fines, however, you could run into trouble.

Re:

[griefers]

It surprisingly does, though the networks aren't that big due to the burden of getting electricity and internet in our igloos.

Re:That's nice, and all

[weffey]

A couple of months ago, I noticed that Facebook started telling me that I needed to turn on Javascript, even though I had facebook.com in my allow list in NoScript. I noticed that there was now a second server required, http://www.fbcdn.net/ [fbcdn.net] (I checked CIRA's WhoIs and facebook.ca was snatched up by someone else in 2005). I was recently in the states, so I disallowed fbcdn.net in NoScript (just to see), and there were no complains about my Javascript setting until I returned north of the border.

This seems to imply that there are separate servers running for Canadians accessing Facebook, so at a minimum, that would give some leverage into forcing them to follow Canada's rules. Now, if those servers are physically located in Canada (no, I haven't bothered doing a traceroute to find out where fbcdn.net ends up), that would definitely force them to follow those rules.

Slightly OT, but in my current job and we recently went looking for a new hosting company to host our database (which has a fair amount of private data in it). Because my company gets a large amount of our budget for the federal and provincial governments (it's a non-profit) we like to abide by as many of the federal government rules when it comes to IT and data privacy. One of those rules is any private data must only be hosted in Canada and it can not leave the country. A few companies came to us as "the Canadian branch of hosting company X". The conversations went like this:
Me: Where are your datacenters?
Them: We have them all over the world.
Me: Ok, but in which of those datacenters is our data going to be physically hosted?
Them: We can do distributed hosting so it's in many different datacenters
Me: Yes or no, Are these datacenters in Canadian territory?
Them:
Me: So, I'll take that as a no, which means that you know we can't host with you because of the government ruling about hosting private data outside the country.
Them:
Me:

More and more Canadian companies are taking the approach of hosting only in Canada, if only to ensure that they know the rules for data privacy and know there won't be a conflict between Canada's and the other country's.

Re:

[xaxa]

A couple of months ago, I noticed that Facebook started telling me that I needed to turn on Javascript, even though I had facebook.com in my allow list in NoScript. I noticed that there was now a second server required, http://www.fbcdn.net/ [fbcdn.net] (I checked CIRA's WhoIs and facebook.ca was snatched up by someone else in 2005). I was recently in the states, so I disallowed fbcdn.net in NoScript (just to see), and there were no complains about my Javascript setting until I returned north of the border.

Might fbcdn.com just be the Face-Book-Content-Distribution-Network? All static content (Javascript, images, CSS) is using static.ak.fbcdn.net when I look at a Facebook page (in the UK).

static.ak.fbcdn.net is hosted by Akamai, which could be interesting, legally. Might it mean that since bits of Facebook are being served from Akamai servers -- in many different countries -- Facebook have a presence in them? Hopefully (for Facebook) they are careful to ensure it's only static content.

Re:

[Devin Jeanpierre]

By the way, fbcdn.net is hosted in the US by all measures I could find. :p

Re:

[mazarin5]

I was recently in the states, so I disallowed fbcdn.net in NoScript (just to see), and there were no complains about my Javascript setting until I returned north of the border.

I have this problem in Ohio.

Re:That's nice, and all - insightful?

[subl33t]

insightful?

knuckle-dragger mods...

I don't get it

[thermian]

Facebook is free, and it's not mandatory.

It should be obvious to anyone with a level of intelligence higher then a chimp that Facebook shares information, it's an information sharing site!

If you don't like it, don't use it.

Re:I don't get it

[al3]

The issue is that in order for a company to do business in Canada it must respect this nation's privacy laws. In this case, it's about notifying people how their information will be used. Check it out: "[PIPEDA is] an Act to support and promote electronic commerce by protecting personal information that is collected..." http://www.privcom.gc.ca/legislation/02_06_01_01_e.asp [privcom.gc.ca] Facebook is being accused of not following the law of the land. The interesting legal test will be to see whether or not a US-hosted site is required to conform to this law, and how this will impact application developers inside and outside of Canada.

Re:I don't get it

[Attila Dimedici]

The issue is that in order for a company to do business in Canada it must respect this nation's privacy laws. In this case, it's about notifying people how their information will be used. Check it out: "[PIPEDA is] an Act to support and promote electronic commerce by protecting personal information that is collected..." http://www.privcom.gc.ca/legislation/02_06_01_01_e.asp [privcom.gc.ca] Facebook is being accused of not following the law of the land. The interesting legal test will be to see whether or not a US-hosted site is required to conform to this law, and how this will impact application developers inside and outside of Canada.

Actually, the question is, does Facebook do business in Canada, or does it merely do business with Canadians? If it is the former, it must follow Canadian law when doing business in Canada. If it is the latter, Canadian law does not apply. Or to put it another way, does Facebook have a physical presence in Canada?
If Facebook does not have a physical presence in Canada, exactly how will Canada enforce this law on them, should Canada rule that it does apply? I am pretty sure that the current U.S. Supreme Court would not rule in Canada's favor on this, considering that they still seem to support the ruling that state's cannot enforce their laws on businesses located in other states that do business with residents of said state (sales tax).

Re:

[debrain]

Actually, the question is, does Facebook do business in Canada, or does it merely do business with Canadians? If it is the former, it must follow Canadian law when doing business in Canada. If it is the latter, Canadian law does not apply. Or to put it another way, does Facebook have a physical presence in Canada?

While physical presence is one of the factors in a forum non conveniens motion, it is not determinative. In Rudder v. Microsoft Corp., 1999 CanLII 14923 (ON S.C.) [canlii.org], a Canadian court held that because the EULA required the dispute to be resolved in Washington, Canadian courts were precluded from hearing it. The other factors the Canadian courts (at least in Ontario) consider, per Rudder v. Microsoft, are as follows:

[20] The factors to consider may be paraphrased as follows:
(1) in which jurisdiction is the e

Re:

[debrain]

This isn't really a forum non conveniens issue, it's just a plain personal jurisdiction question.

You're absolutely right; the test I took from Rudder was jurisdictional. I noticed that after I had hit "submit". They are neatly intertwined, so I beg your indulgence (and indeed, it is worth noting that equivalent principles to prevent "long-arm" jurisdiction seen by using forum non conveniens in Canada is in many of the US states created by the in personam jurisdictional test arising out of the 14th Amendment

Re:

[Attila Dimedici]

Since when is Facebook a large company?

Re:

[neoform]

If Facebook does not have a physical presence in Canada, exactly how will Canada enforce this law on them, should Canada rule that it does apply? I am pretty sure that the current U.S. Supreme Court would not rule in Canada's favor on this, considering that they still seem to support the ruling that state's cannot enforce their laws on businesses located in other states that do business with residents of said state (sales tax).

If the Canadian government does not approve of the site it can threaten to block

Re:I don't get it

[hweimer]

It should be obvious to anyone with a level of intelligence higher then a chimp that Facebook shares information, it's an information sharing site!

The problem is not so much the information being shared by using the site as advertized, but the unintended consequences. Why does an application developer (read: everyone interested in your personal data) need to have access to all your data [slashdot.org]?

You are probably right that when posting on Facebook one should assume that the information will be essentially available to the general public. However, Facebook claims otherwise and therefore they should be liable for this.

Leaveing Facebook

[Saint Gerbil]

I'm surprised that its also impossible to leave facebook and have your details deleted, without contacting them directly and then there's about 100 step process in order to get shot of it.

Re:

[thermian]

I'm surprised that its also impossible to leave facebook and have your details deleted

When I'm going to leave it I'll just change the data first to nonsense, leave it for a few weeks to make sure it filters through the system, and then disable my account.

Not that I've ever put any really private stuff there.

Re:

[CodeBuster]

Why does an application developer (read: everyone interested in your personal data) need to have access to all your data?

Because you gave it to him directly under terms (probably allowing them to share the data with advertisers) that you agreed to. This is not quite the same thing as a third party giving your information to another third party since all Facebook users signed themselves up for the service themselves. Facebook is an American corporation so if you want to dispute the terms of service (TOS) as violating privacy (and collect actual damages when and if you win) then you would have to do it in an American court and

Re:

[xaxa]

It should be obvious to anyone with a level of intelligence higher then a chimp that Facebook shares information, it's an information sharing site!

One of the points in the report is that Facebook presents itself as a social networking site and nothing else. The complainants argue that Facebook has other purposes (targeted advertising) which are not made clear. The law states that the use of personal information must be made clear to users when they provide it.

Re:

[fishbowl]

>If you don't like it, don't use it.

If you do use it, and they break the law, the fact that you used it for free is not a defense for illegal practices. You can think of examples where it's possible for a provider of a free accommodation to break the law right? Just because something is free and you don't like it, doesn't mean they get to say "no Irish" or violate privacy laws in your country.

Re:

[ArsenneLupin]

It should be obvious to anyone with a level of intelligence higher then a chimp that Facebook shares information, it's an information sharing site!

Problem is when it shares more information than it promised to do. You can for instance set certain pieces of information to be only shown to friends. However, this doesn't always work as expected, an info can leak out to non-friends.

Another problem is when it gathers information from third party partner sites, and broadcast this to your friends. Not everybody might be delighted when suddenly their friends see in their minilog that you just bought "How to Come Out to Family and Friends" ... (well at least

Re:

[griefers]

Actually the 'public policy group' is a group of 4 graduate students from the University of Ottawa.

If you are on facebook and are concerned about

[antifoidulus]

privacy, you are doing it wrong.

Re:

[Some1too]

This is so true. I just didn`t get the fascination with facebook. All my geek (and non geek) friends seemed to think it was the greatest thing since sliced bread. All i saw was a way for people I didn`t want to stay in touch with to find me easily. I suppose the interwebz for the masses needs to be something that they can just point, click and see pictures of themselves. It`s nice to see Canadians concerned about their privacy none the less. This being slashdot i haven`t read the article of course :-)

Re:

[SBacks]

Facebook is great for keeping up to date on all those people from your past that you care enough to know what they're up to, but not enough to actually talk to them. High school classmates, ex-girlfriends, etc.

It's the new equivalent of "Hey, did you hear x got married?"

Re:

[CastrTroy]

I don't really get it either. People send more messages on facebook now then they do emails. So now when I got check my email, I find out that I have a message from so-and-so, and then I have to go to facebook to actually read the message. Personally I see it waning in popularity. It was cool at first, but now it's kind of old news. I mostly only go on there if I get a message from someone else, which seems to becoming quite a bit less frequent. I'm sure it's still alive and kicking, but I really don'

Re:

[BForrester]

Excuse the blatant stereotyping for the purposes of making an analogy:

If a white person goes for a stroll through Harlem wearing an "I hate black people" t-shirt, and gets shot, that makes him a moron. And dead.

It doesn't mean that the shooter has a license to kill because of the victim's idiocy.

Much stricter?

[analog_line]

much stricter than US personal information protection laws.

Aside from medical records and IRS records, I wasn't aware that we actually had any personal information protection laws.

Wrong Target

[Anonymous Coward]

I've just got addicted to Facebook after months of my girlfriend nagging that she wanted to have "xxx is in a relationship with yyy" on her profile.

I've actually been very impressed with the level of privacy controls.

I'm a school teacher and have my collegues and students blocked from certain areas that only my close friends can access.

I can change what data applications can access, and edit it at a later date, and there is plenty of explanation of what will be shared.

Compare this to most sites with a simpl

Re:

[Anonymous Coward]

...after months of my girlfriend nagging that she wanted to have "xxx is in a relationship with yyy" on her profile.

Dude. Just fucking run... NOW!

Anyone who nags you to get a Facebook account just so she can say she's dating you... oh, forget it. It's far too early to start having this conversation.

Re:

[JasterBobaMereel]

...and what data did you put on Facebook

Mine contains my name and age ... and that's about it ... you might be able to work out more from my friends but ...

No contact details
No address
So ... no way of mining data

Re:

[Colonel Korn]

...and what data did you put on Facebook

Mine contains my name and age ... and that's about it ... you might be able to work out more from my friends but ...

I don't even think it's reasonable to put a real name up. All these companies share all the data they have on you, so if one of them has your name and another has your photo and another has your browser photo, they have a complete file on you. I think it's safer to remain anonymous everywhere.

Re:

[Quattro Vezina]

Just keep wearing that tinfoil hat...

Re:

[xaxa]

Compare this to most sites with a simple "We will share your info, OK?" box, and I think Facebook should be commended for giving users this level of control over their data.

The second point in the report is that Facebook doesn't have a "we will share your info" box, specifically, date of birth. You must provide the date of birth to use the service, which violates one of the privacy rules.

I'm a school teacher and have my collegues and students blocked from certain areas that only my close friends can access.

Teachers in Scotland have been asked ... [to] not involve themselves with social networking sites, or be in a situation where an online relationship could form with a pupil. [bbc.co.uk]
(Off-topic, but I thought I'd throw it in.)

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion

Odd that Slashdot dosent understand

[MrShaggy]

I am assuming this will hit the flametard mods. :) However, as being a Canadian, who feels reasonably well informed. I also did read the article, it did make sense. The laws are there to make for disclosure. Which according to many on this site, and others is a good thing. How many times is the battle cry 'how come they didn't open up this standard '. I would rather have this sort of law pushed internationally instead of that dread dmca, as well as many other entertainment industry issues, as well as setting international trade policies. At least this law is for the people. This is the same law that people are using to smack Bell with. Many people seemed to think that was also a good thing. In fact I believe that CPPIC was the same group that also lobbied the crtc with CAIP. I also for one would be using this law if I found out that some company decided to loose my credit card information. I think a few million dollars would do nicely to appease my pain and suffering.

Re:

[modustollens]

Yes, its true: modern Canadians are mindless sheep that fail to secure their own self-interests with a bit of practical forethought and need the nanny state to protect them from the evil internet that they willingly post their own private data to. Great.

Re:

[MrShaggy]

mmm nice troll... :) Anyways. Its just nice that there is something there to protect you consumer vs. BIG UGLY GORILLA(of your choice). Instead of the usual way in the states, when you feel your rights being violated, but the US Constitution dosen't mean anything. Especially when you let them take things away piecemeal.

Re:

[ArsenneLupin]

At least this law is for the people.

It depends. The same privacy laws are (ab)used by Canadian police when they lock up some poor tourist without access to a phone nor a lawyer.

Sometimes you do want your friends to know what happened to you, that knowledge might allow them to get you outta there...

In the meantime: when travelling to Canada, do not only leave the details of your trip with friends, but also with family... Friends might not be able to help if you suddenly drop off the radar (due to Canadian privacy laws), whereas family might

Re:

[MrShaggy]

What does this have to do with online privacy? This is part of Canadian law. Now, if there is an issue that happens becuse someone gets arrested improperly, I am sure that happens everywhere. It is easy to manufacture evidence. Look at what the states, have bben doing. Look out gitmo, here i come!

Re:

[ArsenneLupin]

What does this have to do with online privacy?

It does have nothing to do with online privacy, but it sure as hell has to do with privacy laws in general, because that's what police uses to hide behind in such cases.

Now, if there is an issue that happens becuse someone gets arrested improperly, I am sure that happens everywhere.

Sure enough... But at least places such as China will admit that they have arrested somebody, rather than hiding behind privacy and data protection laws.

It is easy to manufacture evidence

... and it is also easy to manufacture entire trials...

Look at what the states, have bben doing. Look out gitmo, here i come!

Yes, Canada is probably not the worst place as far as police abuse is concerned... That still doesn't make it right. And hiding

Crazy

[hairykrishna]

Facebook is not a good site for the privacy concious. My friend always maintained that the one thing that orwell didn't forsee is that people would pay for and maintain their own cameras.

Re:

[CodeBuster]

It is ironic isn't it that during the Cold War the Soviet block governments employed armies of agents to compile and maintain paper dossiers on their citizens (particularly in the former East Germany) and now people do the government's work for them by posting every detail of their lives on websites where any intelligence agency can easily find them. The kids who are doing this are apparently completely naïve about the possible long term consequences of what they are doing.

Re:

[stuntpope]

I don't know what other people are posting on their Facebook profile, but I wonder about the long-term consequences of the government knowing I was mowing my yard on Thursday, and I like Johnny Winter.

Re:

[CodeBuster]

From what I can see it is not uncommon for people to be members of political groups or pontificate on controversial subjects in their journal all while using their real name for their profile complete with pictures. Now obviously some people, a perspective employer for example, might decide that they would rather not be associated with a "flaming liberal" or a "right wing nutcase" and since job candidates never find out why they were not hired these days, because of discrimination lawsuits, it would be diff

Promoting 'opt in' privacy provisions in contracts

[GlowingWhispers]

The issue of whether there should be "opt in" or "opt out" privacy terms is critical. The use of "opt in" contractual terms promotes companies providing more carrots to get a bite from you.

I am canadian but..

[anethema]

I don't really understand this. Is any part of Facebook based in Canada? If not, how are they subject to our tighter privacy laws?

I can't see how they would be.

Of course profit trumps privacy...

[Bullfish]

and why should Facebook tell you what they are doing? That would give away a competitive edge.

Stupid Canadians are so un-American.

FaceBook

[Presto Vivace]

The is a reasonably good video on FaceBook's privacy policy [youtube.com]

Just cut out Canada...

[CohibaVancouver]

If this 'noise' becomes a problem for Facebook Inc. I suspect the simplest solution for them will be to simply lock out Canada. The market here in Canada is pretty small (population 33 million) and probably not really worth the effort. You could just say that in we're 'not accepting new users from Canada and in 90 days all Canadian accounts will be deleted.'

Re:

[Anonymous Coward]

I'm not sure Facebook would lock up 10% of its user bas.

"Facebook [...] has around 70 million registered users worldwide - including around seven million Canadians."

http://www.bigmouthmedia.com/live/articles/facebook-falls-foul-of-canadian-law-students.asp/4795/

Re:

[CohibaVancouver]

I'm not sure Facebook would lock up 10% of its user bas.

"Facebook [...] has around 70 million registered users worldwide - including around seven million Canadians."

The math is more complicated than that, though. If the 7M hoseheads are high school kids with no spending power, or users that log in infrequently, then their value goes down - You can't just base it on numbers. My wife is a Canadian Facebook user who hasn't logged in in 2 months.

Re:

[Bananenrepublik]

... and with no further data to the contrary you would assume that Canadian users are just like other facebook users, i.e. if they're 10% of the facebook population, they constitute 10% of Facebook's value.

Re:

[vajaradakini]

And how many users from other countries log in infrequently?

Furthermore, how do you determine which users are Canadians? If I leave all my networks, I could be living anywhere in the world. If you go by IP addresses you'll be eliminating people who are just living in or visiting Canada, but not Canadians living or visiting abroad.

Re:

[CohibaVancouver]

Furthermore, how do you determine which users are Canadians?

As a Canadian, when I surf the web I encounter content that isn't available to me - Amazon.com won't let me put an MP3 purchase in a shopping cart, even if I'm not logged in. CBS.com won't let me watch the latest episode of "Survivor" etc. etc. etc.

I'm sure I could do all kinds of proxy cleverness, but I suspect the vast majority of Facebookers would simply give up on the service if it was unavailable in Canada.

Not a bad idea

[scamper_22]

I know many people are going to say well...it's the users choice to paste their pictures or write about their life, or sign up to applications...so it's their responsibility/fault.

However, there is nothing wrong with having a commission look at facebook. I hope as a productive force, as opposed to a legal force. By that I mean a commission to look at how facebook can improve privacy/protect citizens, as opposed to finding a way to sue it.

Maybe we need to change the default options for some parts of facebo

Yeah, good luck with that lawsuit.

[DaveV1.0]

I don't think they will have standing because Facebook operates under U.S. rules.

step to enhance privacy on Facebook

[Benjamin_Wright]

Facebook users do not have to be passive about privacy. To deter employers from viewing social networking pages, employees might post terms of service [blogspot.com] under which employers agree to scram. This idea should not be taken as legal advice, just something to think about. --Ben http://hack-igations.blogspot.com/2007/11/privacy-advocates-such-as-nyu-professor.html [blogspot.com]

Today is the day that Canadian reason died

[Secret Rabbit]

Point of fact, Facebook does NOT have offices in Canada. They have offices in Palo Alto, London (UK), NewYork, Los Angeles, etc. But, not one in Canada. Therefore, they are not bound by Canadian law. Quite frankly, as a Canadian, I encourage Facebook to tell these nut jobs to go f**k themselves.

As an aside, this is what happens when Conservatives are in power, and education takes a downturn. No offence to the US people here, but, this is just an indication that we are well on our way down the path to wh

I'm on so much stuff now I can't think anymore!

[LaoziSailor]

I'm on so much stuff now I can't think anymore!

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[PinkPanther]

Your definition of need and mine differ dramatically.

Re:

[Seoulstriker]

The issue in it is that Facebook's actual privacy implementation is significantly worse than what its privacy statement implies. If you knew the Facebook sells your personal information to 3rd parties, and that 3rd parties submit your external facebook activities to Facebook, would you sign up in the first place?

Re:Don't use it then!

[xaxa]

There are still privacy issues even if you don't use Facebook, as identified in the document. Facebook users can still tag non-Users in photos and videos, and invite them to events. Facebook collects and retains this information without the non-User providing any consent!

Here's one extract:

When Facebook collects non-Usersâ(TM) email addresses to send them invitations to Facebook, it collects this personal information from parties other than the individual in question. By retaining
such email addresses for its own purposes, Facebook is violating the âoeknowledge and consentâ principle outlined in Principle 4.3.3 of PIPEDA by not informing the individual why his or her email address is kept. The non-User has not consented to this retention of information, and is most likely unaware that it is taking place. The non-User only receives an automated email from
their friend via Facebook, which encourages the individual to join the Network. The email gives no indication to the receiver that their information will now be kept on file or that they must contact Facebook directly to remove themselves from the list. Furthermore, if the individual has received more than one invitation to join Facebook, all past invitations will reappear on the new invitation. This is a clear example of how Facebook retains non-Userâ(TM)s information.

Re:Don't use it then!

[Anonymous Brave Guy]

It was always the information collected from other users that bothered me about Facebook. I signed up briefly in the early days, keen to see what all the fuss was about. Despite deliberately giving them almost no personal information about me, within a few days they practically had half my life story, generously volunteered by my friends with no doubt the best of intentions but certainly not my permission or consent. I deleted my account soon after joining, only to discover later that they don't really delete the information anyway.

There doesn't seem to be much point suggesting on Slashdot that this is unreasonable, maybe even dangerous, behaviour, though: last time I just got heavily down-modded and told I should read some Ts&Cs page on an obscure URL that I was supposed to have found before signing up (which, as far as I could tell, was not even available to non-users at the time). I guess "information wants to be free" mentality trumps "identity theft can ruin your life" and "privacy is important" around here. :-(