Facebook to 'automate' data requests, campaigners say

The social-networking firm is developing a scalable system to help people request and extract the data it holds on them, the group Europe v Facebook has claimed

Facebook will make it much quicker for people to extract the data the social networking company holds on them, a campaign group has claimed.

Facebook facial recognition

Privacy campaigners in Europe say that Facebook is to create an automated system to process data requests from users. Photo credit: Facebook

The Austrian-based organisation Europe v Facebook said on Thursday that Facebook was working on an automated system in response to a campaign, in which the group had urged people to request the personal data it holds on them.

Europe v Facebook says the current system, in which users can wait up to 30 days to get the data, contravenes European privacy law. It is possible for users to download most of their own data from the site, but that only covers the information that they themselves have uploaded. It does not include information that other people have put up, which Facebook has linked to the user in question.

"A Facebook representative has now told the group that, after receiving a massive amount of access requests following the campaign of Europe v Facebook in German-speaking countries, Facebook is now working on a system to automatically process access requests," the campaigners said in a statement.

In an email seen by ZDNet UK, the Facebook representative told Europe v Facebook that the company is sorting through the various legal and technical issues that surround setting up a scalable data request fulfilment system.

The campaign group noted that it is unclear if the new system will satisfy its demands, as the nature of the system is itself not yet apparent, nor is a timescale for its release. It is also unclear how many data requests have been made in response to Europe v Facebook's urging, although the organisation says the page explaining how to make such requests has received 47,818 hits.

Privacy campaign

Europe v Facebook began its campaign against the social network's privacy policies in August, when it filed 16 complaints with the Irish data-protection authorities. The group targeted Facebook in Ireland because that is the base for all the company's operations outside the US and Canada.

The Irish Data Protection Commissioner (DPC) has now opened an investigation into Facebook, including an audit of its premises.

Impressed with the stance taken by German data protection officials in Hamburg and Schleswig-Holstein, the group also said on Thursday that it had added a further six complaints to those already lodged with the Irish DPC.

One of the new complaints echoes Schleswig-Holstein's fears over the 'Like' button, arguing that people should not have their information processed whenever they visit a page with that feature. Another is "concerned with Facebook's privacy settings, that seem to be rather easy to circumvent, or 'deleted' pictures that are still public on the internet after deletion", Europe v Facebook said.

The campaign group was started by three Austrian students who had made their own Facebook data-access requests. They eventually received the data in PDF form on CDs, with the documents running to 780, 1,142 and 1,222 pages respectively.

According to Europe v Facebook, in all of these data sets "you could find sensitive information such as political and religious beliefs, or sexual orientation of the user".

ZDNet UK has asked Facebook to confirm the new data request system's development, but no comment was forthcoming at the time of writing.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.