In a move that would make Chuck Norris proud, Texas Attorney General Greg Abbott announced today that the state of Texas had reached an agreement with Tagged, Inc., a social networking site that was accused of tricking users into providing access to their address books. As part of the agreement, Tagged has to pay $250,000, which includes the cost of the state's investigation.
After Tagged had access to a user's address book, the social networking site sent messages that appeared to come directly from the user, offering to share photos with the recipient. When a recipient tried to view the pictures, which often didn't even exist, they were prompted to sign up, giving Tagged access to their address book and continuing the deceptive practice.
According the Attorney General's press release, "Tagged must implement new privacy features and take additional measures to inform users about how the Web site will utilize their personal information."
This means that Tagged must clearly state how address book information will be used, provide users with conspicuous "Skip This Step" or "Cancel" buttons, and require a single page disclosure for users to accept access to their address book.
While proper social networking sites like Facebook and yes, even Myspace, don't access your address book without your permission, up-and-coming sites like to steal your contacts and trick them into joining so that they can increase their user base and appeal to advertisers.
This is an important agreement, especially since it included a significant fine, because the practice of sending fraudulent emails can cause some embarrassing situations.
Just last month my mother was tricked into beginning the sign up process for a social networking website which sent out emails to all of her contacts inviting them to join her network -- which turned out to be an online dating website.
By the time she found out that the site had sent emails out on her behalf several of her professional contacts had been duped into signing up. My uncle's email address was used by the site to invite his son's teacher to join an online dating website. Needless to say, this resulted in an awkward parent-teacher phone call.
Remember, even if you get en email that appears to be from one of your contacts, it may not really be coming from them. When in doubt, especially if it is for something as insignificant as a social networking site, delete the email and send your friend a note letting them know their account's been compromised ... and to change their email password!
Tagged ... you're out! Texas social network dinged for abusing user data