They say that we must check our privacy policy with curl. I tested this with Google's privacy policy to see what the fuss is about with http vs https. I believe the issue is that they are not following the redirects with -L. What should I do?
curl http://policies.google.com/privacy returns nothing
curl https://policies.google.com/privacy
returns the full privacy policy
curl -L http://policies.google.com/privacy returns the full privacy policy
We sent a note to Facebook and they fixed it. There really wasn't anything for us to do once the helpful people here pointed out the site was flagged.