Thursday, 28 May 2009

Facebook (my) Down!!

Last week, I received weird emails from friends in Facebook cryptically telling me to log on to some website. The URL suggests the websites were based in Germany (.de) and Estonia (.ee) Smelling a rat, I deleted the messages. A couple of days later, I received another message from the same friends that their Facebook accounts were compromised and that they had to take steps ranging from deactivating accounts to swearing never to use Facebook again. I share their grief. The manner in which Facebook has fulfilled our lives by allowing us to keep within our network of friends, reading constant status updates, responding to threads and posts, keeping our diaries filled and, those photos, of course! Where would we be today without Facebook?

The aftermath of friends who managed to restart life on Facebook share horror tales of deleted photos and the hassle of having to explain why they were adding friends to their accounts again. Doing all this to get back to the pre-virus infected days cost people lots of time and effort in having to re-create their lives and re-connect to friends again. But can you take any action for the loss you have suffered by all this? Well, apparently someone tried doing exactly that. Mr. Karantsalis of Miami Springs filed a suit against Facebook alleging that it had failed in its duty to exercise reasonable care to ensure the safety of its network. He has since, reached a settlement of sorts with Facebook - a tee-shirt did the trick and Mr. Karantsalis will be withdrawing his claim.

Under US law, the claim would not have stood much of chance due to s. 230 of the Communications Decency Act which stipulates that users or providers of an interactive computer service will not be liable for information provided by other users. Previous cases have ruled that viruses are a form of information, and the law operates to give immunity to service providers. It was perhaps wise for the suit to have been dropped.

So, the moral of this story so far: What's provided for free does not provide much protection for any precious memories you wish to store on it. Lest we forget, Facebook is a free service available for all and sundry to use. But the trade-offs are there. You may not always have the right to claim for any losses suffered while using that service. So, if you have photos you want to keep, or any contact list that's important to your work, back them up, in more than one place where possible.

Under Brunei law, ISPs would also be exempt from liability for 'third party material' (as described at s.10 of the Electronic Transactions Order) which would include a virus put onto the network by a user. The rationale behind such law is that the ISP cannot be expected to monitor every thing that is put on the network by its subscribers. As long as the ISP is not responsible for putting the virus onto the network and is merely transmitting what was put on by users, it should not be exposed to liability under the circumstances described above. The situation would be different if the ISP contractually warrants that its users will be safe from viruses online, but the last time I checked, no such clause exists under the t&cs of service, and I doubt such clauses will ever exist.

For those of you who suffered the fate of a virus infecting your Facebook account, my commiserations. But since the theme for this year's World Telecommunication and Information Society Day is "Protecting Children in Cyberspace" perhaps we should all grow up and be wiser to suspicious emails, spam and get-rich schemes that are perpetrated by cyber criminals, for if not, we might as well be 'children' in cyberspace and only use it in the presence and guidance of grown-ups.

1 comment:

Anonymous said...

The problem you are pointed here is a very real one that worth a serious debate. Did FB changed my life, yes, having a multinational life, I was finally able to find many of my old classmates and friends that I had lost through my expatriations for many years. For the rest, I am more active on Twitter where the issues are very similar to FB. Free networking service, allowing great networking opportunities with the past and the present and also making new contacts for the future. I can tell you with grate joy that my 'replies' on Twitter and Discussions on Linkedin have lead to few contacts by headhunters. On these 'maussade' economic climate, I shall feel happy.
Nevertheless, I have recently, encountered a similar issue with Twitter in which case, Twitter's liability is more evident.
Last week end again, Twitter was subject to several spam/fishing attacks (see Phish Twice a Day - The Twitter Diet -
Maybe this would be of any related to what happened to me but on Saturday night my account was 'suspended' with no any prior notice or explanation what so ever!!! I started using my private/back up account and with the help and support of other twitterers contesting for Twitter to #putitback, the account was 'liberated' yesterday, the same way as it was suspended, without any explanation from Twitter.
What is very regrettable here and I hope SNSs would admit liability for it
Is the damage caused not only because you are cut off your contacts but also a serious damage to your reputation.
The message posted by Twitter when trying to access the account, stipulated "Sorry, the account you were headed to has been suspended due to strange activity. Mosey along now, nothing to see here."
Isn't not enough shame to constitute a defamation when untruth and where the service provider has not notified the account holder in order to allow a defense, nor demonstrated any attempt to verify the allegations,?
Remember that most SNSs are now indexed and put-up by Google search engine which means that any search for the users name, would come out with the above message.
This is a very serious threat for users' integrity, reputation and rights not seriously considered under the argument that the service is offered for free!! But users pay their price to access to SNSs by their privacy and the advertisement revenues created for the Website owners although in the particular case of Twitter, the business model is kept secret.
Another case mentioned to me by Anne Collier, Director of Kids Safety and Net Family, is evoked in Anne's blog
These cases are not rare and there is serious need of reflexion on how to deal with the ISP liability issue.
As you mentioned, under the section 230 US DMCA , the service provider is exempt of immunity for third party content. The ISP immunity under the EU regulations is not so impermeable and if there is an immunity for ISP acting as mere conduit, passively caching or hosting third party content, the shield of protection of the E-commerce immunity for ISP's turns into a stick with which they can be beaten (to use Gavin Sutter's expression). As soon as the ISP has been notified, it has a duty to react 'expeditiously' to remove or block access to the infringing content. If the ISP does not comply, it becomes liable for content under the knowledge based liability of publisher or editor;
see 'Mumsnet settles with Gina Ford but queries libel law'
ISP's are also subject to a certain number of good practices, such as including clear, direct and immediate means of contact on their webpage in order to allow users to contact them for any complaints or assistance.
see 'ECJ says websites need phone numbers or web forms' and ECJ position
Now, all this development is based on the EU regulations and most SNSs are US based, are they subject to the U regulations when targeting EU users? This is a question of jurisdiction to clarify.
Tara T