Facebook is facing some tough music in Europe. After being infamous for not respecting privacy of its users, the European Data Protection is forcing Facebook to become more transparent about the user data it holds. Turns out Facebook isn’t really immune from the European laws! Facebook’s Section 18 of the Terms state, “If you are a resident of or have your principal place of business in the US or Canada, this Statement is an agreement between you and Facebook, Inc. Otherwise, this Statement is an agreement between you and Facebook Ireland Limited. References to “us,” “we,” and “our” mean either Facebook, Inc. or Facebook Ireland Limited, as appropriate.”
According to this, take ‘Facebook’ as meaning ‘Facebook Ireland Limited’. If you’re outside of the US and Canada, you’re signed up with the company in Ireland instead of the US. By setting up shop in Ireland, Facebook is an entity within the EU and, contrary to popular belief, it doesn’t have the option of picking and choosing which laws to abide by, European or US, or what rights it should grant the consumer.
Being based in Dublin means that Facebook is just as accountable as any other company there would be when it comes handling your information, even if your data is handed over to and used in the US. Section 4 of the Data Protection Act is a notable point to emerge from its move across the pond. It states that you have a right to access all of the data a company is holding on you. Irish regulations allow the company to charge a maximum fee of €6.35 and the request must be filled by them within 40 days in order to comply with the act.
A website ‘Europe vs Facebook’ expects to have to send a few requests, maybe a couple of emails and perhaps even throw a little complaint towards the data commissioner before it gets around to complying. The information will be sent to you on a CD as a PDF. Normally over 1,000 pages long and containing information you probably believed you had long since deleted, and perhaps even forgot about completely, the data you are requesting by filling out the form really is everything, or at least should be everything. All information attached to photographs, all phone numbers including from where you’ve synced your phone and tags.
Even private messages, allegedly including those which have been deleted and potentially contain some very private information, likes, status updates, notifications, all of it. Turns out that if you request it, they have to send it.
[Techeye]