• Facebook can no longer make misrepresentations about the privacy or security of users’ personal information.
• Facebook must obtain consumers’ affirmative express consent before implementing changes that are in contrast to users’ privacy preferences.
As Facebook has been on the forefront of internet-based privacy issues in the past few years there are several instructional points for website owners to take away from the suit and settlement.
Third, the Facebook settlement may represent the final tidal wave in the sea change from opt-out privacy options to opt-in. Facebook liked to change its privacy options by making users’ personal information public and then asking users to “opt-out,” meaning that the information was first made public, then users had to manually find the option and click the option to make it private. Now, when Facebook wants to change its privacy protocol, the personal information will be kept private until the user chooses to allow the information to be public, thus “opting-in.” Opt-in privacy options are likely to become the privacy norm and depending on your business model and how you use your users’ information, you may be well advised to follow this principle in your own privacy practices.