Consumers in Europe should see their data strongly protected, regardless of the EU country they live in and regardless of the country in which companies which process their personal data are established, said Viviane Reding, vice president of the European Commission.
Facebook has been castigated by users, critics and political officials for the way it harvests information from its site, despite the user's privacy settings, to make it available for advertisers. For example, the Palo Alto, Calif.-based company can detect subtle lifestyle changes, like marriage engagements, to show the user ads for wedding dresses and photographers.
The European Commission aims to put the brakes on Facebook's eyebrow-raising activities with a new EC Directive, which hopes to ban targeted advertising unless users specifically allow it. The directive would also amend the current European data protection laws to ensure consistency in how offending sites are dealt with across the EU.
I call on service providers - especially social media sites - to be more transparent about how they operate, Reding said. Users must know what data is collected and further processed [and] for what purposes.
If the European Commission has its way, Facebook would suffer big losses in advertising dollars that fund its site, which would further damage the company's plans to go public next year.
Most of the information Facebook takes is stored on its U.S. servers, but the company's foreign offices have also received flack for secretly keeping user information. In June, a 24-year-old Austrian law student Max Schrems asked Facebook for a copy of all of his personal data. The company complied and sent him a CD filled with 1,200 pages of data, including his history of likes, chats, friends and defriends. Problem was, Schrems had deleted a good amount of the data from his profile that Facebook returned to him.
In response, Schrems launched an initiative called Europe vs. Facebook, which sought to compile user complaints and weaponize them against Facebook. Schrems filed 22 individual complaints about the social network's practice in the hope of bringing attention to Facebook's lack of transparency. Schrems filed the complaints with the Irish Data Protection Commissioner (DPC), which regulates the data use of Facebook Ireland Ltd., the arm responsible for responding to users outside of the U.S. or Canada.
The European Commission hopes to establish its new Directive in January to limit what information Facebook can store and analyze, such as likes, pokes and pictures. The company has also been known to store old chat messages and music preferences to make it available for advertisers, yet, Facebook argues that users agree to let the company use their personal information in this way.
Whether they realize it or not, every one of Facebook's 800 million-plus global users approves a 4,000 word contract upon signing up for the network, which licenses Facebook to use data as it sees fit. However, Facebook makes no clear distinction between what information is obtained for the sake of commercial purposes.
Facebook originally made its money through banner advertising partnership with Microsoft. Once widespread advertising began in late 2009, however, Facebook began rolling out targeted ads in an attempt to become more self-sufficient. The introduction of targeted ads in Great Britain alone has earned the company almost $39 million over the last two years.
Facebook should ensure that any data it collects should be used in the manner that its users expect, said a spokesman for the UK Information Commissioner. If personal data is being passed on to a third party or used for targeted advertising then this should be made clear to the user when they sign up to the site and reinforced when users are invited to use an application.
Facebook defends itself by saying its advertisers target wide demographics like age and location, rather than specific individuals.
We understand that people share a lot of information on Facebook and we take this very seriously, a Facebook spokesperson said. We believe ads that are relevant, social and personalized based on your real interests are better. We can show relevant ads in a way that respects individual privacy because our system only providers advertisers with anonymous and aggregate information for the purpose of targeted ads.
The company said political views are shared with advertisers if users have filled in those fields on their profiles, but also mentioned that its advertising system is age-gated, so no users under the age of 21 in the U.S. and 18 in the UK receive ads for alcohol.
Yet, Facebook denies outright that it misuses or mishandles user information.
We do not share people's names with an advertiser without a person's explicit consent and we never sell personal information to third parties, Facebook's spokesperson said. There is no connection between the privacy settings people choose and our advertising. Whether you use your privacy settings to keep your profile very private, or very public, everyone sees the same amount of advertising down the right hand side of the page.
There are bound to be more Facebook privacy concerns raised in the near future, when Facebook finally rolls out its Timeline profiles to users. Luckily, there is an easy way to control these settings.
For those who don't know, the Timeline profiles reorganize Facebook data to make profiles appear as fully-detailed scrapbooks of your entire life. In addition, the company's new Open Graph is Facebook's organized way of sharing user data with a variety of companies, from The Washington Post to Spotify, so users can know what others are reading or listening to.
Users have bashed the new profiles: A telephone survey of 2,000 people conducted by Gallup and USA TODAY discovered that 56 percent of Facebook users who know about the upcoming changes dislike them, and 26 percent of daily users are very concerned about privacy.
Facebook still plans to roll out Timeline profiles and Open Graph functionality to its 800 million users soon.