Facebook Privacy Issues: Irish DPC to Investigate

Postings that have been deleted showed up in the set of data that was received from Facebook, said one complaint. The privacy settings only regulate who can see the link to a picture. The picture itself is 'public' on the Internet. This makes it easy to circumvent the settings.

In June, a 24-year-old Austrian law student named Max Schrems asked Palo Alto, Calif.-based Facebook for a copy of all of his personal data. Facebook complied and sent him a CD filled with 1,200 pages of data, including his history of likes, chats, friends and defriends. Problem was, Schrems had deleted a good amount of the data from his profile that Facebook returned to him.

In response, Schrems launched an initiative called Europe vs. Facebook, which seeks to compile user complaints and weaponize them against Facebook. Schrems filed 22 individual complaints about the social network's practice and hopes to bring attention to Facebook's lack of transparency.

The complaints, which were all filed with the Irish Data Protection Commissioner (DPC), range from pokes to pictures to privacy settings. The DPC is the responsible Irish agency for all data use of Facebook Ireland Ltd., which is the company responsible for responding to users outside of the U.S. or Canada.

Schrems' complaints have yielded results: Ireland's DPC will spend four or five days auditing Facebook's offices sometime before Christmas. A spokesperson for the commissioner said its officers would investigate alleged breaches raised by Schrems as a part of the audit.

If the commissioner finds Facebook has broken Irish data protection law, it can ask the social network to change the way it handles personal data. Should Facebook then fail to comply with the request, the company could face a fine of up to $138,000.

Unfortunately, a fine of this magnitude is mere pocket change to Facebook. Many peg Facebook's current valuation at $100 billion, should it decide to go public.

Facebook changed its Terms of Service in 2009, giving itself the ability to use or modify user data in any way it wants, even if a user quits Facebook. The change caused an enormous public backlash, which prompted a rare response from Facebook CEO Mark Zuckerberg.

When a person shares something like a message with a friend, two copies of that information are created: one in the person's sent messages box and the other in their friend's inbox. Even if the person deactivates his account, their friend still has a copy of that message, Zuckerberg wrote in a blog post. We think this is the right way for Facebook to work, and it is consistent with how other services like email work.

Some of Zuckerberg's points are valid, specifically the fact that messages are difficult to delete when more than one user has a copy. However, this incident with Schrems may reignite the public fire against Facebook's liberal use of user data.

There are bound to be more Facebook privacy concerns in the near future, when Facebook finally rolls out its Timeline profiles to users. Luckily, there is an easy way to control these settings.

For those who don't know, the Timeline profiles reorganize Facebook data to make profiles appear as fully-detailed scrapbooks of your entire life. Users have bashed the new profiles: A telephone survey of 2,000 people conducted by Gallup and USA TODAY discovered that 56 percent of Facebook users who know about the upcoming changes dislike them, and 26 percent of daily users are very concerned about privacy.

Facebook still plans to roll out Timeline profiles and Open Graph functionality to its 800 million world users over the next few weeks.