Irish data protection watchdog rules on Facebook

Irish data protection watchdog rules on Facebook

Summary: Facebook has agreed to over a dozen privacy improvements following a review by the Irish Data Protection Commissioner of its non-US operations. Will these changes benefit and help educate Facebook users concerning data protection?


A full audit has recently been completed by the Irish Data Protection Commissioner of Facebook's non-U.S operations.

It has resulted in the social networking giant being told to stop its practice of indefinitely retaining advertising data.

A number of privacy changes have been recommended.

The social network giant currently can boast over 800 million users worldwide, and houses all operational data outside the United States and Canada, in Ireland. The recent review by the Irish DPC is one of many that are currently reviewing Facebook privacy protocols.

The social networking giant has been criticised on a number of occasions for altering user privacy protocol without notice or explanation, but Facebook has now agreed to a number of changes.

(Source: Flickr)

Facebook has agreed to the new regulations -- including anonymising aspects of retained data, and deleting unrequired information permanently after a fixed time period. The proposed improvements are likely to be rolled out across the platform globally, and this includes the U.S platform.

According to the Irish Data Protection commissioner, Billy Hawkes, Facebook has agreed to over a dozen privacy improvements to become implemented within the next six months. Many of the changes are focused on improving privacy and allowing users greater control over how their information is used.

When a user currently logs in to websites using their Facebook identity, the information from third-party sites is passed back to Facebook and retained. The data stored currently logs all the personal information concerning the user.

Data is collected in this manner to prevent fraudulent logins -- and some aspects are required for Facebook functionality purposes in order to maintain high-quality user experience.

However, that's a lot of personal data. There are currently over 500 million users of Facebook outside of the US.

Following the review, Facebook is allowed to retain the data, but has to keep certain aspects anonymous. For example, it can share how many people have clicked on an advert, but is now not allowed to share the personal details of specific users.

The data must be also be irrevocably deleted after 90 days.

The social network has also been told to improve users' control over social advertising. Its privacy policies must become more prominent for new users of the social networking platform. Explanations of the privacy policies are expected to become simplified and easier for users to understand.

Regulators also investigated Facebook’s use of facial recognition technology -- that encourages users to "tag", friends in photographs. They found fault how it was introduced -- without notice in June -- but admitted it did not breach data protection law.

There was also no indication of the 'Shadow profiles' that Facebook allegedly created to collect user data.

Tightening up privacy protocols is extremely important -- especially considering the inclusion of the Facebook Timeline and the recent proposal to include 'Sponsored Story' advertising within Facebook feeds.

Users have a right to know exactly how their information is being used, or may be used for future purposes.

Social networking platforms are rapidly changing and user data protection must be enforced. The proposed changes, when implemented, may be a step in right direction to make Facebook's data policies more transparent and secure for its users.

Data protection is not necessarily something the Generation Y care about enough -- but they should. Once something is online, we don't necessarily maintain control over that data. Therefore, any improvements on widely-used social networking platforms can only benefit and help educate users in how their data may be stored or used in the future.


Topics: Social Enterprise, Data Centers, Data Management, Storage

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: Irish data protection watchdog rules on Facebook

    'Bout time. I no longer use Facebook because of the privacy issues.....
  • Why no penalty?

    Hasn't it been proven many times that facebook as google, etc. have violated European data privacy laws. Why did they never pay a huge penalty or somebody responsible went to jail? If someone steals from your home he/she goes to jail. If someone steals from your computer it is OK.
    This imposes the assumption that the government is so lax about this (only) with major companies, because prosecution and so called terror control wants to access that data, which they can't collect legally by themselves, too. All those deliberate violations and voluntary misstatements should be punished accordingly.
  • RE: Irish data protection watchdog rules on Facebook

    I recently deleted all my friends 2490 because my facebook account was being keylogged! I didn't want the keylogger to attack them. FB's recent changes allowed keyloggers to get into peoples accounts and change profile info and SEE EVERYTHING that person did online. I believe it was FB's greed for more money from advertisers that lead to my account being keylogged.
    • RE: Irish data protection watchdog rules on Facebook

      did you click on an advertisement? if not, then no, that wasn't likely the case. how do you know you were being targeted by a keylogger anyway? did your antivirus software catch it in the act? if you used any of facebooks "apps", that's likely how you got infected(that's how a lot of people's accounts get compromised). almost none of those apps are made by facebook and none are monitored by facebook what-so-ever. Very poor business practice regardless of intent, but that's their decision albeit a poor one. best things you can do, is disable and block all the apps you use, get that pesky keylogger taken care of, then change your passwords everywhere, as I doubt that'll be the only account affected. you shouldn't have 2000+ people on your facebook friends list anyway. I seriously doubt you know anything beyond a name(probably not a real name for most of those, anyway) for more then 90-200(should be your maximum number range anyhow) of them. your friends list should be strictly reserved for people you personally know very well, your real friends and family. It's a harsh lesson on security(and privacy), but one everybody NEEDS to know. I hope you have a good firewall up at all times from now on . . .remember, you can only be infected if YOU ALLOW IT. *sighs* it never ceases to amaze me how many people surf the net without the most basic of protections....far too many. :(