Facebook on EU data protection laws: We're already compliant

Facebook on EU data protection laws: We're already compliant

Summary: The European Commission says companies like Facebook need to be subject to European data protection laws. Facebook says it is not worried because it is already compliant with said regulations.


Earlier this week, the European Commission (EC, the governing body of 27 European member states), declared it wants non-European businesses that store information on European citizens, such as Facebook, to be subject to European data protection laws. German Consumer Protection Minister Ilse Aigner, who you may remember as the woman who told her colleagues to avoid Facebook, met with EU Justice Commissioner Viviane Reding, and the duo released the following joint statement:

We both believe that companies who direct their services to European consumers should be subject to EU data protection laws. Otherwise, they should not be able to do business on our internal market. This also applies to social networks with users in the EU. We have to make sure that they comply with EU law and that EU law is enforced, even if it is based in a third country and even if its data are stored in a cloud.

My colleague, Zack Whittaker, argues this updated European directive will shake the cloud computing industry to the core since lawmakers will single out social networks as a prime target for change. He believes the statement should "send shivers down the spine of Facebook co-founder Mark Zuckerberg."

I contacted Facebook and unsurprisingly, a representative told me the company isn't worried. The reason is simple: Facebook maintains that it adheres to the laws in Europe.

"Facebook understands and respects European sensitivities around data protection," a Facebook spokesperson said in a statement. "Facebook is already compliant with European data protection law through its international HQ in Dublin. The EU Single Market arrangements which offer businesses the opportunity to become established in one country and trade across the whole EU are very sensible. This single market approach can both protect privacy and support innovation in digital services and economic growth."

Facebook has 800 million active users, but its headquarters in Palo Alto is not responsible for the majority of them. The company's international headquarters handles all users outside the US and Canada. In other words, the social networking giant's operations outside the US and Canada are subject to Irish and European data protection laws.

This is the same tune Facebook has been singing for a while now. Despite its stance though, the company is facing intense scrutiny in Europe; please refer to the links below for more information.

See also:

Topics: Social Enterprise, Government, Government UK

Emil Protalinski

About Emil Protalinski

Emil is a freelance journalist writing for CNET and ZDNet. Over the years,
he has covered the tech industry for multiple publications, including Ars
Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: Facebook on EU data protection laws: We're already compliant

  • RE: Facebook on EU data protection laws: We're already compliant

  • To be so they would

    ... have to have all EU data stored in Europe, backed up in Europe and not transferred outside of Europe under any circumstances.

    Oh, and for the UK, the data actually has to be secure. Our data commissioner has started handing out hefty fines for any loss of data.
  • Data? What data?

    The last I read was that Facebook would not only not reveal how it manages customer data, it would not even admit to what data it keeps. Was that reporting in error?
  • RE: Facebook on EU data protection laws: We're already compliant

    Also important is the Irish Data Protection Commissioner's investigation of Facebook, from the complaint of 'Europe v Facebook'