Irish data protection watchdog rules on Facebook

A full audit has recently been completed by the Irish Data Protection Commissioner of Facebook's non-U.S operations.

It has resulted in the social networking giant being told to stop its practice of indefinitely retaining advertising data.

A number of privacy changes have been recommended.

The social network giant currently can boast over 800 million users worldwide, and houses all operational data outside the United States and Canada, in Ireland. The recent review by the Irish DPC is one of many that are currently reviewing Facebook privacy protocols.

The social networking giant has been criticised on a number of occasions for altering user privacy protocol without notice or explanation, but Facebook has now agreed to a number of changes.

(Source: Flickr)

Facebook has agreed to the new regulations -- including anonymising aspects of retained data, and deleting unrequired information permanently after a fixed time period. The proposed improvements are likely to be rolled out across the platform globally, and this includes the U.S platform.

According to the Irish Data Protection commissioner, Billy Hawkes, Facebook has agreed to over a dozen privacy improvements to become implemented within the next six months. Many of the changes are focused on improving privacy and allowing users greater control over how their information is used.

When a user currently logs in to websites using their Facebook identity, the information from third-party sites is passed back to Facebook and retained. The data stored currently logs all the personal information concerning the user.

Data is collected in this manner to prevent fraudulent logins -- and some aspects are required for Facebook functionality purposes in order to maintain high-quality user experience.

However, that's a lot of personal data. There are currently over 500 million users of Facebook outside of the US.

Following the review, Facebook is allowed to retain the data, but has to keep certain aspects anonymous. For example, it can share how many people have clicked on an advert, but is now not allowed to share the personal details of specific users.

The data must be also be irrevocably deleted after 90 days.

The social network has also been told to improve users' control over social advertising. Its privacy policies must become more prominent for new users of the social networking platform. Explanations of the privacy policies are expected to become simplified and easier for users to understand.

Regulators also investigated Facebook’s use of facial recognition technology -- that encourages users to "tag", friends in photographs. They found fault how it was introduced -- without notice in June -- but admitted it did not breach data protection law.

There was also no indication of the 'Shadow profiles' that Facebook allegedly created to collect user data.

Tightening up privacy protocols is extremely important -- especially considering the inclusion of the Facebook Timeline and the recent proposal to include 'Sponsored Story' advertising within Facebook feeds.

Users have a right to know exactly how their information is being used, or may be used for future purposes.

Social networking platforms are rapidly changing and user data protection must be enforced. The proposed changes, when implemented, may be a step in right direction to make Facebook's data policies more transparent and secure for its users.

Data protection is not necessarily something the Generation Y care about enough -- but they should. Once something is online, we don't necessarily maintain control over that data. Therefore, any improvements on widely-used social networking platforms can only benefit and help educate users in how their data may be stored or used in the future.

Related:

• Facebook News Feed adverts: How many is too many?
• Take a tip from ‘Mark Zuckerberg’: Change your name
• Facebook Timeline a ’stalker’s paradise’: Mass exodus on the way?