Safety, Privacy, and Security @ Facebook

Simon Milner

Policy Director, UK, Middle East, and Africa

March 2014

Safety, Privacy, and Security are at the core of

everything we do at Facebook …

…helping people to resolve problems…

…providing transparency and control over their data…

…keeping data and systems secure…

…respecting legitimate security and law enforcement

interests

Safety: A Shared Responsibility

Safety @Facebook

• For the Facebook Community Policies

• To help people resolve problems Tools

• At every point in the service Help

• To complement our expertise Partnerships

• To keep on improving Feedback

A Concerning Post

Family Safety Center

Privacy: Transparency, Control, and Accountability

www.facebook.com/policies

In-Line

Privacy Controls “View Your Profile As”

Facebook and Privacy Page

Security: Understanding and Remediating Risk

HTTPS

Whitehat Bug Bounty

Program

Facebook Security

page

Anti-Virus Marketplace

Protecting the Data of the

People That Use Facebook

Facebook Security Page

Validation of our Internal Controls

PCI Audit

• Validation of credit card processing

• Level 1 certified

DPC Audit

• Validation of all internal security controls based on ISO 27002 standard

• No outstanding security issues

FTC Assessment

• Validation of all internal security controls based on GAPP standard

• No top level findings

Law Enforcement: Respecting Their Legitimate Security Interests

How Law Enforcement Can Make Requests for Data from Facebook

Being Clear about What Governments Request

(c) 2009 Facebook, Inc. or its licensors. "Facebook" is a registered trademark of Facebook, Inc.. All rights reserved. 1.0