Europe vs. Facebook: Just Getting Started
Chances are that you are on Facebook. And maybe recently or a while ago you vented to a friend about something in a message. Then you cooled down and deleted it. No use clogging up your inbox. So how would you feel if you found out the message wasn’t actually deleted, but still available somewhere?
Max Schrems is a law student in Vienna. His particular interests are data protection and privacy. During his semester abroad in the US he wrote a paper on Facebook, coming to the conclusion that the social networking site largely ignores data protection laws for European users.
Not too long ago Facebook opened an office in Ireland, which is responsible for users in Europe and therefore obligated to follow EU laws on data protection. Max got together with a few friends, and so www.europe-vs.facebook.org was born. The website highlights the ongoing case against Facebook and makes for some pretty serious reading about things most of us here on the continent might have suspected or heard about, but maybe not yet summed up. Max is committed to the case and explains in detail what the website and his friends set out to achieve.
It all began with a request to Facebook when Max got home after his studies in the US. He filled out an online form requesting his user data. He received a CD, with a file on it that turned out to yield shocking results: more than 1000 pages of supposedly deleted information. During August and September 2011 Max, along with a group of friends, filed a total of 22 complaints with the Irish Data Protection Commission (DPC). “We just want to use Facebook without being able to worry about privacy”, Max says on the website, probably echoing the view of millions of others. Europe boasts massive numbers of Facebook users. As of January 2012, according to socialbakers.com, the EU member state with the most is the UK, at more than 30 million. In Germany alone more than 28 million people visited Facebook in 2010, according to a survey by comScore Media Metrix. All of them have something to worry about: just how Facebook is using – and saving – their personal data.
Europe vs. Facebook sees its main objectives as gaining transparency about just what Facebook does to personal data, though Max himself says that after months of studying privacy guidelines, there is still no clear picture as to what exactly is being done with that information or just why supposedly deleted data is still available and stored somewhere. Further data requests from the group were unsuccessful. They received replies saying it was too hard to send, a trade secret or Facebook’s intellectual property. To use a German phrase, but hello?! At this point one feels like throwing a tantrum and screaming, “MINE!” At the very least.
Max and his partners on the project did not directly sue Facebook. They filed complaints with the Data Protection Commission in Ireland. According to the website, it is easier and possible to do without a lawyer. The group is then also protected from legal and financial risks.
Max points out that privacy control should be a public interest. Such practices as retaining user data even after a Facebook account has been deleted are considered illegal by the group. A complaint on that score has been filed as well.
Earlier in December 2011 the Irish DPC issued the first general report on “Facebook Ireland Ltd”. Europe vs. Facebook later posted a reaction. “In a first reaction to the report Facebook managed to only highlight the one complaint (“shadow profiles”) that was explicitly not found to be right by the DPC. The numerous limitations the report is forcing upon Facebook are somehow “forgotten” by Facebook. This makes a lot of sense if we think of the fact that Facebook soon wants to go public on the stock market. The limitation of one’s business model does very likely not fit into that plan. …but at least it seems like we are both generally happy with the report, isn’t that a good thing?!”
And it does not stop with the case Max is building. There is a fierce current underway in Europe regarding Facebook’s views on user privacy. And it’s spreading, with Germany being the frontrunner.
In September 2011 German media were abuzz. Ilse Aigner, Consumer Protection Minister in Germany, went so far as to publicly ask her colleagues to consider signing off from Facebook completely. As Spiegel International reports, in a letter to all German ministries at that time she wrote, “Following an extensive legal probe I think it is essential that we should no longer use the Facebook button on all official government Internet sites under our control.” The previous year Ilse Aigner herself had deleted her Facebook account. The German state of Schleswig-Holstein had earlier also made moves to tighten Facebook’s access to user information: they wanted to ban the “like” button, amid fears that it could enable advertisers to track consumer preferences and IP addresses. The same state even banned Google Street View from its region in 2008.
Various meetings between state and national authorities and Facebook representatives followed, with the latter ensuring the social network takes users’ privacy seriously. Yet Minister Aigner remained sceptical last year. Spiegel International further quoted her spokesperson as saying on her behalf, “It remains to be seen if this is just more lip service or if Facebook will actually improve its data protection settings.”
In a world where information is becoming available on demand quicker than ever, one would like to have control over at least that information which has to do with oneself. Statistics on internet users worldwide are impressive, with more than 476 million users in Europe in 2011. About a fourth on them is on Facebook. So with regards to personal data, personally, it’s back once again to the already mentioned old playground standby: MINE!
Image note: this image is released under the wikimedia commons license (source: NASA)