The Federal Trade Commission (FTC) now has a final settlement agreement with Myspace (www.ftc.gov; “FTC Finalizes Privacy Settlement with Myspace”).   As I mentioned in my prior post about the proposed settlement, the FTC had alleged that Myspace had misrepresented its privacy practices.

This settlement is, therefore, important news for Myspace users.  Those of you who use Myspace will want to keep an eye on your usage to make sure the settlement terms are being fulfilled.  I read both the FTC’s announcement as well as the final settlement agreement.

Here is a brief summary of the settlement:

  1. Myspace is barred from making future misrepresentations (directly or indirectly) about its privacy practices;
  2. It has to create a comprehensive privacy program that includes, but isn’t limited to, appointing a Myspace employee, or employees, to be responsible for the overall privacy program and training its staff on privacy requirements;
  3. Myspace can’t misrepresent the way in which it maintains and protects the privacy and confidentiality of users’ “covered information” including the purposes for which Myspace collects and discloses “covered information” and the extent to which Myspace “…makes or has made covered information accessible to third parties.”;
  4. “Covered information” is defined in the settlement as covering a user’s: first and last names; home or other physical address; email or other online contact information; mobile or other phone number; photos and videos; Internet Protocol (IP) address, device ID, User ID or other persistent identifier; list of contacts; or physical location; and
  5. Myspace agrees to having its’ privacy program assessed for 20 years on a regular basis by an independent auditor.  This is to ensure Myspace’s compliance with the settlement terms.

These are important privacy safeguards for Myspace users.