The Guardian, 19 April 2018:
Facebook has moved
more than 1.5 billion users out of reach of European privacy law, despite a
promise from Mark Zuckerberg to apply the “spirit” of the legislation globally.
In a tweak to its terms
and conditions, Facebook is shifting the responsibility for all users outside
the US, Canada and the EU from its international HQ in Ireland to its main
offices in California. It means that those users will now be on a site governed
by US law rather than Irish law.
The move is due to come
into effect shortly before General Data Protection Regulation (GDPR) comes into
force in Europe on 25 May. Facebook is liable under GDPR for fines of up to 4%
of its global turnover – around $1.6bn – if it breaks the new data protection
rules.
The shift highlights the
cautious phrasing Facebook has applied to its promises around GDPR. Earlier
this month, when asked whether his company would promise GDPR protections
to its users worldwide, Zuckerberg demurred. “We’re still nailing down details
on this, but it should directionally be, in spirit, the whole thing,” he said.
A week later, during his
hearings in front of the US Congress, Zuckerberg was again
asked if he would promise that GDPR’s protections would apply to all
Facebook users. His answer was affirmative – but only referred to GDPR
“controls”, rather than “protections”. Worldwide, Facebook has rolled
out a suite of tools to let users exercise their rights under GDPR,
such as downloading and deleting data, and the company’s new
consent-gathering controls are similarly universal.
Facebook told Reuters
“we apply the same privacy protections everywhere, regardless of whether your
agreement is with Facebook Inc or Facebook Ireland”. It said the change was
only carried out “because EU law requires specific language” in mandated
privacy notices, which US law does not.
In a statement to the
Guardian, it added: “We have been clear that we are offering everyone who uses
Facebook the same privacy protections, controls and settings, no matter where
they live. These updates do not change that.”
Privacy researcher
Lukasz Olejnik disagreed, noting that the change carried large ramifications
for the affected users. “Moving around one and a half billion users into other
jurisdictions is not a simple copy-and-paste exercise,” he said.
“This is a major and
unprecedented change in the data privacy landscape. The change will amount to
the reduction of privacy guarantees and the rights of users, with a number of
ramifications, notably for consent requirements. Users will clearly lose
some existing rights, as US standards are lower than those in Europe.
“Data protection
authorities from the countries of the affected users, such as New Zealand and
Australia, may want to reassess this situation and analyse the situation.
Even
if their data privacy regulators are less rapid than those in Europe, this
event is giving them a chance to act. Although it is unclear how active they
will choose to be, the global privacy regulation landscape is changing, with
countries in the world refining their approach. Europe is clearly on the
forefront of this competition, but we should expect other countries to
eventually catch up.” [my yellow highlighting]
NOTE:
The Australian Dept. of Human Services still continues to invite those who use its welfare services to visit its five Facebook pages on which it will:
* post about payments and services
* answer questions
* give useful tips
* share news, and
* give updates on relevant issue
All associated data (including questions and answers) will of course be captured by Facebook, then collated, transferred, stored overseas, monetised and possibly 'weaponised' during the next election campaign cycle which occurs in the area visitors to these pages live.
No comments:
Post a Comment