Can you trust Facebook (part 2)

In my previous post about the Facebook chaos that ensued on 31 July 2007 I talked about Facebook’s privacy policy. I also mentioned another important document on the Facebook website, the Facebook terms of use. It is almost a given that when people sign up for a service on the Web they routinely check the box that says something along the lines of “I have read the terms of use and I agree to them” without actually reading those terms of use. Here is the first thing Facebook users need to know about the terms:

These Terms of Use constitute the entire agreement between you and Company regarding the use of the Site and/or the Service, superseding any prior agreements between you and Company relating to your use of the Site or the Service.

Facebook’s terms of use constitute a contract between you and Facebook. Your use of the service and clicking on the checkbox are both indications that you have agreed to the terms and consider yourself bound by them. If you do not agree to the terms of use then you must not use Facebook. You don’t need to sign something with a pen for this contract to bind you, the act of checking that box or using the service will probably be sufficient because they evidence your intention to be bound by this contract.

This is just the starting point.

Facebook’s terms of use are pretty detailed and cover a range of topics from the scope of the terms, definitions of words and phrases used in the terms of use, disclaimers of liability, limitations of liability, consents to jurisdiction and governing law, licenses applied to your content on the site and more. This is an important document to take a look at it because through these terms of use you and Facebook have shaped your rights and remedies available to you.

The clause that is particularly relevant given yesterday’s events is the clause dealing with user content posted on the site:

You are solely responsible for the photos, profiles, messages, notes, text, information, music, video, advertisements, listings, and other content that you upload, publish or display (hereinafter, “post”) on or through the Service or the Site, or transmit to or share with other users (collectively the “User Content”). You may not post, transmit, or share User Content on the Site or Service that you did not create or that you do not have permission to post. You understand and agree that the Company may, but is not obligated to, review the Site and may delete or remove (without notice) any Site Content or User Content in its sole discretion, for any reason or no reason, including without limitation User Content that in the sole judgment of the Company violates this Agreement or the Facebook Code of Conduct, or which might be offensive, illegal, or that might violate the rights, harm, or threaten the safety of users or others. You are solely responsible at your sole cost and expense for creating backup copies and replacing any User Content you post or store on the Site or provide to the Company.

 

When you post User Content to the Site, you authorize and direct us to make such copies thereof as we deem necessary in order to facilitate the posting and storage of the User Content on the Site. By posting User Content to any part of the Site, you automatically grant, and you represent and warrant that you have the right to grant, to the Company an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense) to use, copy, publicly perform, publicly display, reformat, translate, excerpt (in whole or in part) and distribute such User Content for any purpose on or in connection with the Site or the promotion thereof, to prepare derivative works of, or incorporate into other works, such User Content, and to grant and authorize sublicenses of the foregoing. You may remove your User Content from the Site at any time. If you choose to remove your User Content, the license granted above will automatically expire, however you acknowledge that the Company may retain archived copies of your User Content.

The next important clause is the disclaimer clause in terms of which Facebook disclaims liability for a number of things. This means Facebook doesn’t regard itself as being liable for the following:

The Company is not responsible or liable in any manner for any User Content or Third Party Applications, Software or Content posted on the Site or in connection with the Service, whether posted or caused by users of the Site, by Facebook, by third parties or by any of the equipment or programming associated with or utilized in the Site or the Service. Although we provide rules for user conduct and postings, we do not control and are not responsible for what users post, transmit or share on the Site and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on the Site or in connection with any User Content or Third Party Applications, Software or Content. The Company is not responsible for the conduct, whether online or offline, of any user of the Site or Service.

The Site and the Service may be temporarily unavailable from time to time for maintenance or other reasons. Company assumes no responsibility for any error, omission, interruption, deletion, defect, delay in operation or transmission, communications line failure, theft or destruction or unauthorized access to, or alteration of, User communications. The Company is not responsible for any technical malfunction or other problems of any telephone network or service, computer systems, servers or providers, computer or mobile phone equipment, software, failure of email or players on account of technical problems or traffic congestion on the Internet or at any Site or combination thereof, including injury or damage to User’s or to any other person’s computer, mobile phone, or other hardware or software, related to or resulting from using or downloading materials in connection with the Web and/or in connection with the Service, including without limitation any Mobile Client software. Under no circumstances will the Company be responsible for any loss or damage, including any loss or damage to any User Content or personal injury or death, resulting from anyone’s use of the Site or the Service, any User Content or Third Party Applications, Software or Content posted on or through the Site or the Service or transmitted to Users, or any interactions between users of the Site, whether online or offline.

There were rumours yesterday that the Facebook site was hacked. It also seems that the site was undergoing maintenance. It doesn’t really matter which took place because the end result is that people gained access to messages and information they should not have gained access to. This disclaimer means that Facebook is not contractually liable for any losses or damages you may have suffered when your inbox found itself in the hands of some other user. This protection is expanded through a limitation of liability clause and an indemnity clause. The end result is that Facebook has sought to minimise its possible exposure as a result of the service being hacked or just going wonky, if not eliminate the risk of exposure altogether. To add salt to your wounds, when you contracted with Facebook you also agreed that the law of the State of Delaware would govern your contract with Facebook and any dispute arising between you and Facebook. Where a dispute is not to be dealt with through an arbitration (which you also agree to), you specifically agree that the state and federal courts in California have jurisdiction to adjudicate any dispute you may have with Facebook. This means that if you decide to litigate you will have to submit to the law of the State of Delaware and you will either go through an arbitration process under the auspices of the American Arbitration Association or in Californian courts. Few things focus your attention on the value and merits of your claim than the requirement that you institute that claim in a foreign country with a foreign legal system. If you thought you could persuade a local court to override these terms, think again. Our courts place a fair amount of importance on your freedom to contract and the desire to enforce contracts.

What this all boils down to is that you could have contracted yourself out of a claim against Facebook if some sensitive information you published on Facebook (privately or publicly) is passed on to a third party. The outrage about people’s inboxes being swapped around as a result of a hack or maintenance glitch simply don’t translate into an actionable claim against Facebook that that means you have to be careful about what you publish on Facebook. A number of people have seen the potential value of Facebook for business users (I have tended to agree with them lately) but this most recent issue casts some doubt over whether Facebook is the best platform for potentially sensitive communications. The same could be said for your personal communications.

Granted this post and my previous one have focussed on Facebook but what I have said probably applies to just about every other social networking site available at the moment. All of these sites have terms of use that shift the responsibility for just about everything to do with your use of the site onto your shoulders, including having to bear the risk of some unauthorised person seeing your content and information. Short of unplugging, these are risks that will have to managed rather than avoided. There are a couple things you can do to protect yourself and while I certainly don’t profess to be an expert in these measures, I do suggest deciding in advance where your comfort level is and how much information about you, you are comfortable with floating around on the Web. At the very least I would suggest that you not reveal your home address or any information that could help indentify your home address or your kids’ schools. Don’t give out your identity number/social security number or your credit card details (unless you are satisfied the site has adequate security to protect your information – a bank may be a good example). Beyond that you need to operate on the assumption that everything you publish on Facebook (even the information that is not totally public) could be leaked out into the Wild and act accordingly.

Identity theft is one thing (and even here you have a measure of control if you are careful) and giving your identity away is quite another.

Who do you trust?

Leave a Reply