Monday morning Twitter World awoke to the news (first reported by the Consumerist) that Facebook had quietly changed its Terms of Service (TOS). I was not aware of the old TOS, which in itself was insidious. It gave Facebook an irrevocable and perpetual license to use and sub-license your content and identity information. The new TOS goes further by claiming that it has license rights over your identity information and intellectual property in FB even after you delete your Facebook account and stop using their services.
Is there a way to protect yourself? There might be.
I am not a lawyer but there is a clause in the new TOS which seems to restrict FB's ability to exercise the license based on your "privacy settings".
You hereby grant Facebook an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense) to (a) use, copy, publish, stream, store, retain, publicly perform or display, transmit, scan, reformat, modify, edit, frame, translate, excerpt, adapt, create derivative works and distribute (through multiple tiers), any User Content you (i) Post on or in connection with the Facebook Service or the promotion thereof subject only to your privacy settings (emphasis mine) or (ii) enable a user to Post, including by offering a Share Link on your website and (b) to use your name, likeness and image for any purpose, including commercial or advertising, each of (a) and (b) on or in connection with the Facebook Service or the promotion thereof.
Whether this clause or any other clause protects your intellectual property and identity information from invasion against FB, it's in your best interest to lock down all your information by making it explicit to FB that your information is to be shared only with your Friends. If it ever comes down to a legal case, then at least you will have some basis for arguing that FB's privacy settings created the presumption that your content would only be available to your friends and no one else.
Take a careful look at Sophos' recommended privacy settings for Facebook and take to heart their warning that "ID fraudsters target Facebook and other social networking sites to harvest information about you." Sophos' recommendations are a good start, but the privacy settings have several loopholes that users need to be aware of. I will post how to close some of those loopholes by tomorrow.