FTC gives tips on how to avoid Facebook's fate

ADVERTISEMENT
 In the blog post, Fair urged companies to avoid that kind of crackdown by making sure that they are carefully abiding by their own privacy policies.

"Like any other advertising claim, what you say about how you handle people's info has to be truthful, not deceptive, and backed up with objective proof," Fair wrote.

She encouraged companies to avoid "geek-speak and legal mumbo jumbo" and to add some color to their privacy pages.

"[Privacy policies are] often formatted in snooze-inducing shades of grey, in contrast to the eye-catching graphics on parts of the website designed to sell something," she wrote. "So here's a crazy idea: How about giving your creative team a crack at rebooting the look of your privacy policy?"

She noted that vague platitudes, which are common in privacy policies, are still legally enforceable. She said the FTC settled charges with a company that said it was "committed to maintaining our customers' privacy" but failed to protect users from a well-known hack attack.

Fair encouraged companies to keep their privacy policies up to date, but warned that they need to notify consumers about changes.

Part of the reason for the FTC's action against Facebook was that the social network changed its privacy settings in 2009 without its users' consent.