April 13, 2012
As Privacy and Security Concerns Escalate, Facebook Opts for More Transparency: Social Giant Announces That It Will Provide Users With More Information About the Data It Collects About Them — But Critics Say It's Not Enough
In an effort to address concerns about the personal information it collects on its users, Facebook said this week that it would provide any user with more information about the data it tracks and stores. In a posting on its privacy blog, Facebook said the expanded archive feature would be introduced gradually to its 845 million monthly active users. It goes beyond the first archive made available in 2010, which has been criticized as incomplete by privacy advocates and regulators in Europe. Facebook, which is preparing for an initial public stock offering in the coming weeks, has been trying to accommodate government officials in Europe, where privacy laws are more stringent than in the U.S. The social giant's data collection practices have tested the boundaries of Europe's privacy laws. Last December, the Irish Data Protection Commission reached an agreement with Facebook, which runs its international businesses from offices in Dublin, to provide more information to its users and amend its data protection practices. "We took up their recommendation to make more data available to Facebook users through this expanded functionality," the company said in a statement, the NY Times reports. But Max Schrems, the German law student who filed the complaint leading to the agreement with the Irish authorities, criticized Facebook's latest offer as insufficient. "We welcome that Facebook users are now getting more access to their data, but Facebook is still not in line with the European Data Protection Law," said Schrems, a student at the University of Vienna. "With the changes, Facebook will only offer access to 39 data categories, while it is holding at least 84 such data categories about every user," he added, the Times reports. In 2011, Schrems requested his own data from Facebook and received files with information in 57 categories. The disclosure, Schrems said, showed that Facebook was keeping information he had previously deleted from the website, and was also storing information on his whereabouts, gleaned from his computer's IP address.
In Europe, 40,000 Facebook users have already requested a full copy of the data that the site has compiled on each of them, straining the company's ability to respond. Under European privacy law, the company must comply with the requests within 40 days, the NY Times reports.
Facebook's data collection practices are being scrutinized in Brussels as European Union policy makers deliberate on changes to the European Data Protection Directive, which was last revised in 1995. The commissioner responsible for the update, Viviane Reding, has cited Facebook's data collection practices in pushing for a requirement that online businesses delete all information held on individuals at the user's request, reports Times writer Kevin J. O'Brien.