Facebook: Facebook has fought for user privacy by refusing to comply with some subpoenas requesting Facebook user records and information. In one case Facebook argued that federal privacy law prohibits Facebook from handing over such user information; in another Facebook refused to provide account information to the state of Virginia in a worker's compensation claim. The company’s Deputy General Counsel Mark Howitson acknowledged that Facebook regularly receives requests for information and that it hopes for clearer legal rules that will define Facebook's duties.

Facebook: In December 2009, Facebook rolled out a set of major changes to its privacy controls and settings. Although Facebook founder Mark Zuckerberg claimed that Facebook was giving users tools to control their information, many of these changes were actually harmful to privacy. One change made information such as Friends Lists and Fan Pages “publicly available information,” completely beyond the user’s ability to control; another introduced a "Privacy Transition Tool" which encouraged users to make their existing content less, rather than more, private. Instead of getting positive press for its actions, Facebook got slammed by the media and privacy advocates alike, and had to backtrack on some changes. Facebook has also been hit with a class action lawsuit and privacy complaints, both to the FTC and to the Canadian Privacy Commissioner, as a result of these changes.

Facebook: In March of 2009, Facebook quietly changed its Terms of Service, removing a sentence that expressly limited Facebook's license to use content that a user had deleted. Once the change was noticed, it triggered enormous media attention and drove 140,000 members to protest within Facebook. Ultimately, Facebook withdrew the new Terms and started an open dialogue with users about possible future changes in a late but welcome attempt to bring users into the process.

Facebook: The popular social networking site has repeatedly failed to include adequate privacy protections in its new features and has paid with complaints by hundreds of thousands of users, calls for boycotts, legislative proposals for industry regulation, and loss in both reputation and advertising partners. When Facebook announced its new Beacon advertising service in 2007, which tied a user's activity on external Web sites to the user's Facebook profile, the service leaked surprise holiday gifts, engagement plans, and other private information to friends and family. The widespread outrage and negative press forced the company to modify this feature, but not before several large advertisers withdrew from the new program and Facebook was hit with a class-action lawsuit. In 2009, Facebook settled the case, agreeing to fully shut down the ill-fated program and pay $9.5 million dollars to establish an independent foundation to fund projects that promote privacy, safety, and security.

Facebook: Facebook users were very unhappy in 2008 when they realized that it was nearly impossible to remove their information from the social network. One user reported that it took "two months and several email exchanges with Facebook's user service representatives to erase most of his information from the site." The lack of easy and effective deletion procedures led to anger from Facebook's users, and many bloggers encouraged users to delete accounts and posted detailed instructions of how to do so.

Facebook: Users were outraged and the company's reputation was tarnished in 2007 when it came to light that the company had very poor internal security measures. Users demanded change when it was widely reported that the company was not properly safeguarding the private profiles of its users from employee misuse and that employees could view users' private profiles and track which users were viewing particular profiles.