Facebook, social networks, businesses 'must adhere' to EU law

An updated European directive will shake the cloud computing industry to the core, as lawmakers single out social networks as a prime target for change.
Written by Zack Whittaker, Contributor

BRUSSELS -- The European Commission (EC), the governing body of 27 European member states, wants non-European businesses and social networks, including Facebook and Twitter, that store information on European citizens, to be subject to updated European data protection laws.

The European Commission's justice commissioner Viviane Reding met with German Consumer Protection Minister Ilse Aigner, said in a joint statement:

"We both believe that companies who direct their services to European consumers should be subject to EU data protection laws. Otherwise, they should not be able to do business on our internal market. This also applies to social networks with users in the EU. We have to make sure that they comply with EU law and that EU law is enforced, even if it is based in a third country and even if its data are stored in a cloud".

But social networks like Twitter and Facebook could face extreme difficulty in complying with the new law.

Two excerpts from the statement should send shivers down the spine of Facebook founder Mark Zuckerberg. His company was recently found under the privacy spotlight, after one Austrian student disclosed the vast amount of data the social network has on its users, even after the data was seemingly deleted.

In a previous interview with The Register, Reding was hostile towards the practices of the Palo Alto-based social networking giant, saying that Facebook "has nowhere to hide".

"EU law should require that consumers give their explicit consent before their data are used. And consumers generally should have the right to delete their data at any time, especially the data they post on the internet themselves".

European parliamentarians have discussed the notion of 'deleted' data, and how users should be given the right to delete data that belongs to them or relates to them.

Even at the European Parliament's Privacy Platform in September, a spokesperson for Facebook who appeared as part of the questioning panel was rebuked by other members of the panel, as well as sitting MEPs, for its data practices and data protection policies -- or lack thereof.

But as the statement went on it was made clear that European law will continue to be enforced, even if the company is based in a non-European country, and has its properties, datacenters or consumers outside the European zone.

Facebook, along with many other companies, should be worried. The wide-ranging changes expected from the new and updated directive could shake the cloud computing industry to its very core.

Read more: Europe's data protection laws are changing, to prevent the U.S. government from invoking its post-9/11 counter-terrorism laws such as the Patriot Act from accessing EU-based data. See the article here.


Editorial standards