Facebook, Unfriend The Dictators!
Facebook should be congratulated and condemned in one go: they've built a revolutionary platform that's catalyzed the political change sweeping the Middle East and beyond, but Facebook has also become a treasure trove of information for dictators, allowing them to identify and track down those who oppose them. In fact, under the existing Facebook platform all our photos, details, and contacts are at risk from identity thieves and hackers. While Facebook is reevaluating its policies, please sign the petition to protect our privacy and others' very security.
Dear Mark and the Facebook Board: "We acknowledge the extraordinary role that Facebook is playing in facilitating communications across the globe, and we call upon you to take immediate steps to protect your users' privacy and security. Specifically, you should secure your entire platform with HTTPS, allow users anonymity in high risk areas, protect human rights defenders with special security measures, and resist the handover of users' information."
Last modified: November 11, 2011
We strongly believe that you have the right to control the use of your personal information and that your privacy must be respected. Our broader policy is to collect less information rather than more. We take industry standard security measures to protect personal information under our control from loss, misuse, and alteration, but like with every website there are risks associated with uploading your information online.
In this policy, "Access" refers to Access staff, board members, cooperating attorneys, interns, volunteers, and consultants, all of whom are bound by law or contract to keep information they receive as part of their assistance to Access confidential.
Collection of Information
When you are on the Access website and are asked for personal information, you are sharing that information with Access alone, unless stated otherwise. Access collects personal information from users when they make a donation online or subscribe to our campaigns. Access collects information regarding website visitors, including IP address, browser and domain information, and information volunteered by you, such as your email address. We may also track visitor usage patterns on our website, including website hits.
When you make a donation online, Access collects a variety of information about you including your first name, last name, address, city, state/region/province, zip/postal code, country, and email address. We do not require you to input your billing address when making a credit card donation on our website, although it is a field on our donation forms. At this time, if you would prefer not to give us this information, just write “n/a” in the address field. However, in order to prevent fraud, we do require that you provide valid information for all other fields listed above.
Use of Information
Access does not sell, rent, or lease your personal data under any circumstances. We do not purchase lists from other sources.
Access uses the information you provide to us to enable us to send you communications such as our campaign emails and action alerts and to help administer and improve our website.
For Access petitions and surveys, we only require an email address, your name and country. Beyond that, it is up to you to decide exactly how much information to submit. We do not provide your full name, email address or other identifiable information to 3rd parties including to the media or decision makers (such as those who are the targets of particular campaigns). We provide compilations of petition numbers to 3rd parties but we will never disclose your personal identity. Occasionally we may publicize user’s general comments, which are connected with a first name and country (e.g., Michelle, Australia) but there no other identifiable information will be disclosed.
Disclosure of Information
Any subpoena or attempts by government agencies or private sector organizations to gain access to any information that you give us will be vigorously challenged.
In the unlikely event that we are required by law to disclose the information that you have submitted, we will attempt to provide you with notice (unless we are prohibited from doing so) that a request for your information has been made in order to give you an opportunity to object to the disclosure. We will attempt to provide this notice by email, if you have given us an email address or by phone if you have provided us with that information.
In addition, we will independently object to requests for access to information about users of our site that we believe to be improper.
Sending Emails Via Access
In certain cases, we enable you to send individual e-mails to friends through our website. These messages are generally sent in your name, with your e-mail address as the return address. Your name and contact information is provided as part of the submission. These messages will only be sent out under your name as you approve them on an individual basis using our email tool. You are solely responsible for the specific message(s) you send using our email tool. If those messages are to be sent out under the Access name we will advise you before sending.
Third Party Service Providers
Blue State Digital: http://www.bsdtools.com/pages/privacy/
Expression Engine: http://expressionengine.com/support/privacy_policy/
Access Weekly Brief Newsletter Provided by Gravit, Inc.
The newsletter is an opt-in service, which allows Access’ members to decide whether or not they want to receive this service. Members will also be able to opt-out from the service in the future at any time by using the unsubscribe link in the email itself or emailing email@example.com
Links to Other Websites
Berkman Center: http://cyber.law.harvard.edu/about/privacy-policy
Access uses social media and social networking services to advance our work. These applications require the use of third-party service providers.
If you click on a shortened-URL, it will most likely redirect you eventually to a third-party website that contains a file or document relating to the Tweet, and the third-party website will have its own privacy practices that may include trying to place a cookie and/or web-bug on your computer, collecting your IP address, and other forms of tracking. The Twitter feed may include the usernames of other Twitter users, particularly when we respond to questions and/or “retweet.” Apart from this information appearing on our website temporarily, we do not process this information beyond the Twitter-environment.
Google Buzz: https://www.google.com/buzz/help/intl/en/privacy.html
Access does not solicit personally identifying information from children. Visitors who are under 13 years of age should ask their parent or legal guardian for assistance when using our site and should not submit any personally identifying information to the Site.
All Access staff members with access to data are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
If you choose to make a donation to Access, your credit card information will be used only for this transaction through our secure online payment system. Access does not retain credit card information. We are pleased to receive anonymous donations, but please note that your personal information is required if you choose to donate using our online form. If you are interested in making a donation to Access by another method, please contact firstname.lastname@example.org.
Access employs industry standard security measures to protect the loss, misuse, and alteration of the information under our control. Information submitted through our sign up form or any other action forms is encrypted through a Secured Socket Layer (SSL) connection, which protects the information while in transit.
Access’ website, https://www.accessnow.org, is secured using Hypertext Transfer Protocol Secure (HTTPS), which utilizes a SSL certificate. HTTPS provides a secure channel over which data can be transferred from your computer to the web servers that host Access’ site. Please note, however, that several pages on the Access website contain mixed content (including Twitter feeds and YouTube videos) that is not necessarily secured by HTTPS.
Although we make every effort to store information collected by Access in the securest of operating environments, no organization or website can guarantee complete security. Therefore, if you believe that you may be at risk by putting your name to an online campaign or making a donation, we would encourage you to consider the implications before doing so.
Updating or Removing Your Information
You may choose to correct, update, or delete the information you have submitted to us by sending an email requesting changes to email@example.com.
Updated November 11, 2011 to include information about the new “Access Weekly Brief” weekly newsletter service provided to members through an agreement with Gravit, Inc.
Updated April 15, 2011 to reflect a change in Access’ policy on the collection of billing address information when making an online donation.
Updated December 31, 2010 to clarify Access’ ownership over user data on contracted and third-party websites and security features (HTTPS) on the Access site.
Updated November 9, 2010 to include more details about the way we collect information, how we use and disclose information, information on third-party providers, cookies and security.