In the Wall Street Journal, Geoffrey Fowler has a piece on Facebook asking for real-life identification. Due to a recent bout of spamming, Facebook asked a number of users to verify their identity by submitting–on the site–a copy of their real-life identification. I’ve been aware of this for some time, but here’s what I found particularly interesting:
Facebook says it will only seek to verify ID on the site — never by email. “We deliberately don’t send an email so that people don’t think it’s a scam,” said Axten. First you have to log in with your correct password, and then you would see a message telling you that your account is disabled with a link to a page in Facebook’s Help Center.
Actually, that’s simply untrue. While Facebook may have changed that policy, they most certainly have asked users to submit identification via e-mail in the past. As I described in my recent paper, Policing Content in the Quasi-Public Sphere, Facebook users whose names seem fake or questionable (or who are clearly using a fake name) have been asked to submit identification to prove their identity, in line with Facebook’s real name policy. The following email was shared with me by Najat Kessler, a Facebook user whose (very real) cross-cultural name was clearly too strange for Facebook (or, more likely, whose name was reported by other users as being fake). Note the date.
On Mon, Apr 5, 2010 at 5:23 PM, The Facebook Team
At this time, we cannot verify the ownership of the account under this address. Please reply to this email with a scanned image of a government-issued photo ID (e.g., driver’s license) in order to confirm your ownership of the account. Please black out any personal information that is not needed to verify your identity (e.g., social security number). Rest assured that we will permanently delete your ID from our servers once we have used it to verify the authenticity of your account.
Please keep in mind that fake accounts are a violation of our Statement of Rights and Responsibilities. Facebook requires users to provide their real first and last names. Impersonating anyone or anything is prohibited.
In addition to your photo ID, please include all of our previous correspondence in your response so that we can refer to your original email. Once we have received this information, we will reevaluate the status of the account. Please note that we will not be able to process your request unless you send in proper identification. We apologize for any inconvenience this may cause.
This begs a few questions: Did Facebook in fact change their policy? Why act like this is a new thing? Also, while I understand the need to eliminate spam, Facebook must surely be aware that their site is rife with fake accounts; one need only search “Santa Claus” to see just how many. And yet, according to the BBC, Facebook actually blocks certain words (such as “Beta”) from being used as names…even if they are real.
While I find Facebook’s policy toward real names ludicrously out of touch, I recognize that it’s their right as a company to stand by it. Nevertheless, I don’t think it’s acceptable for users to submit identification over the Web (and given that Facebook does not use HTTPS by default–something I doubt most users are aware of–it becomes significantly more troublesome). As Fowler said in his piece, advice worth repeating yet again: “sending a copy of your ID over email is probably never a good idea.”
(Ed note: Apparently, submitting confidential information over e-mail networks is also in violation of my employer’s–Harvard’s–policies!)