In 2008, a non-profit advocacy group filed a complaint against Facebook under PIPEDA with the federal Government’s privacy commissioner. Of the 24 allegations over 11 subjects, the Assistant Commissioner concluded that 4 of the 11 subjects included well-founded non-resolved complaints. In particular, the finding concluded;
On the remaining subjects of third-party applications, account deactivation and deletion, accounts of deceased users, and non-users’ personal information, the Assistant Commissioner likewise found Facebook to be in contravention of the Act and concluded that the allegations were well-founded. In these four cases, there remain unresolved issues where Facebook has not yet agreed to adopt her recommendations. Most notably, regarding third-party applications, the Assistant Commissioner determined that Facebook did not have adequate safeguards in place to prevent unauthorized access by application developers to users’ personal information, and furthermore was not doing enough to ensure meaningful consent was obtained from individuals for the disclosure of their personal information to application developers (Denham, 2009).
Facebook continues to struggle with privacy issues.
At the time, Facebook’s researchers took to the site to engage directly with users, provide more details and apologize (Kramer, 2014).