Facebook settled an investigation by the New York State Attorney General’s office in what must be record time yesterday, by announcing an agreement that will create and enforce new safeguards protecting young Facebookers from sexual predators and obscene content.
The scene at Attorney General Andrew Cuomo’s New York City office was genial as the agreement was announced. Chris Kelly, Facebook’s Chief Privacy Officer, did a fine job representing the company and setting out the terms of the agreement. Kelly wears pressure well; he seems to be exactly the kind of person you’d want to have in your life boat. (And he’s strapping enough to dispatch a predator personally, should he encounter one.) The terms of the agreement are groundbreaking and should lead to a safer site.
They also sound pretty expensive.
The investigation began after the Attorney General’s office began receiving complaints from worried parents about pornographic material and predatory behavior on the site. Investigators went undercover to test Facebook’s safety by creating profiles posing as underage users. The profiles were targeted by sexual predators; the undercover “teens” also had access to pornographic material on the site, according to the AG. Facebook’s failure to respond to complaints spurred a subpoena which was announced on September 24th.
The agreement has three main parts:
1) Facebook agreed to create a new and easy-to-use process in which complaints about nudity, pornography or harassment can be made confidentially via hyperlinks placed throughout the site, and via firstname.lastname@example.org
2) Facebook promises to address complaints about nudity or pornography or unwelcome contact within 24 hours, and to report back to the complainant with action steps within 72 hours.
3) Facebook agreed to have their review process and execution examined by a third party. The auditor will be called an Independent Safety and Security Examiner (ISSE – pronounced “ice”), who will report bi-annually to the AGs office, and may recommend additional safety measures concerning complaint handling.
When I asked the Attorney General who was going to be the ISSE man, who was going to pay for his services, and whether or not best practices would be shared with Facebook competitors, he got particularly animated. “Facebook pays!” he laughed, pointing to Chris Kelly, who also laughed along with the reporters. The AG’s office would approve of the verifier Facebook selects, said Cuomo, expecting it “will be a qualified company, with proficiency in this area.” The compliance review period will last two years.
Cuomo said that he believed that this was the first time that this sort of independent oversight had been instituted, and he hoped it would spread throughout the 2.0 world. “I think it’s fair to say that Facebook will have the safest interaction of its kind in the marketplace. The extent to which the competitors of Facebook will have to become safer to compete with Facebook – I think that’s a good thing.” He hailed the public/private partnership aspect of the agreement. “The government and the private sector are working together to make the private sector more competitive… and we have a race to the top and a race to a safer site, that is a good thing.”
Chris Kelly also shared some details about the company’s existing safety personnel.“We will welcome the Independent Safety and Security Examiner to work closely with me and the other members of our Privacy and Safety team, including former Indiana Attorney General Jeff Modisett, and former Federal Trade Commissioner Mozelle Thompson.” This came as news to me. When I followed up with Facebook, I learned that Modisett and Thompson are outside consultants and have been working with the company for about two years; the rest of the core security team of ten people consists of customer service and security experts on staff. The front line customer service team is now 100 strong – doubling in size since March – and handles the day to day customer service issues, with oversight from the core team.
Although it’s too soon to determine how much this will ultimately cost Facebook – compliance audits, new technology, new staff, etc. – they’ve done a fine job thus far responding to a very serious problem. And they’ve made some heady promises – answering a complaint withing 24 hours, reporting some sort of resolution within 72 hours is going to take some serious doing. Clearly the wizards who stay up late will take on user safety as a math problem, and find interesting new ways that technology can detect and circumvent unwanted behavior on the site. And the human beings who handle the training, phones and investigations will no doubt step up as well. And increase in number. Dramatically, I imagine.
I’m guessing that (alleged) Microsoft money will come in handy.