Privacy & Information Security Law Blog

A new bill proposed in California, the Social Networking Privacy Act (the “Act”), would force social networking websites to establish default privacy settings for their users that prohibit such sites from publicly displaying most information about users without the users’ consent.  Given that many social networking websites currently have default settings that make user personal information and photos public unless the user changes those settings, the Act would represent a fundamental shift in social networking privacy.

The Act also would require that social networking websites (1) include choosing privacy settings as part of the registration process, (2) explain privacy options to users, and (3) remove a registered user’s personal information within 48 hours of the user’s request (or the request of a user’s parent, if the user is under 18 years of age).  The Act would impose civil penalties of up to $10,000 for each willful and knowing violation of its requirements.

Facebook, Google, Twitter and other social networking companies have stated that they “strongly oppose” and the Act.  Facebook spokesman Andrew Noyes called the Act a “serious threat” to Facebook, while Tammy Cota, Executive Director of the Internet Alliance, stated that the Act “would force users to make decisions about privacy and visibility of all information well before they even used the service for the first time, and in such a manner that they are less likely to pay attention and process the information.”  The Act’s sponsor, California Senate Majority Leader Ellen Corbett, has accused Facebook of “stealth opposition” to the Act.  This is the second major piece of legislation Senator Corbett has introduced that targets social networking websites.  In 2010, she sponsored a bill that would have prohibited social networking websites from displaying “the home address or telephone number” of a minor to the public or to other registered users.  That bill passed the California State Senate, but failed to pass the Assembly.

Update: On May 27, 2011, the Social Networking Privacy Act was rejected by the California State Senate on a 16-16 vote.  Senator Corbett promised to bring the Act up again before June 3, 2011, which is the deadline for bills to be passed by their house of origin in order to remain alive for the 2011 legislative session.