Earlier this week, the European Commission (EC, the governing body of 27 European member states), declared it wants non-European businesses that store information on European citizens, such as Facebook, to be subject to European data protection laws. German Consumer Protection Minister Ilse Aigner, who you may remember as the woman who told her colleagues to avoid Facebook, met with EU Justice Commissioner Viviane Reding, and the duo released the following joint statement:
We both believe that companies who direct their services to European consumers should be subject to EU data protection laws. Otherwise, they should not be able to do business on our internal market. This also applies to social networks with users in the EU. We have to make sure that they comply with EU law and that EU law is enforced, even if it is based in a third country and even if its data are stored in a cloud.
My colleague, Zack Whittaker, argues this updated European directive will shake the cloud computing industry to the core since lawmakers will single out social networks as a prime target for change. He believes the statement should "send shivers down the spine of Facebook co-founder Mark Zuckerberg."
I contacted Facebook and unsurprisingly, a representative told me the company isn't worried. The reason is simple: Facebook maintains that it adheres to the laws in Europe.
"Facebook understands and respects European sensitivities around data protection," a Facebook spokesperson said in a statement. "Facebook is already compliant with European data protection law through its international HQ in Dublin. The EU Single Market arrangements which offer businesses the opportunity to become established in one country and trade across the whole EU are very sensible. This single market approach can both protect privacy and support innovation in digital services and economic growth."
Facebook has 800 million active users, but its headquarters in Palo Alto is not responsible for the majority of them. The company's international headquarters handles all users outside the US and Canada. In other words, the social networking giant's operations outside the US and Canada are subject to Irish and European data protection laws.
This is the same tune Facebook has been singing for a while now. Despite its stance though, the company is facing intense scrutiny in Europe; please refer to the links below for more information.
- EU to probe Facebook over facial recognition feature
- Germany: Facebook Like button violates privacy laws
- Facebook agrees to sign voluntary privacy code in Germany
- Irish Data Protection Commissioner to begin Facebook audit
- Europe versus Facebook: The law protects program logic, not data
- German state to sue Facebook over facial recognition feature