Money Can Facebook really apply the EU's data privacy rules worldwide?

23:56  15 april  2018
23:56  15 april  2018 Source:   Engadget UK

WhatsApp says users must be 16 or older to access the app in Europe

  WhatsApp says users must be 16 or older to access the app in Europe WhatsApp is banning anyone under 16 years old from using its app in Europe. It’s raising the age limit by three years just as the European data privacy rules start kicking in on May 25th, as spotted by Reuters.When users in Europe log onto the app in the next few weeks, they’ll be asked to confirm their age when accepting the new terms of service and an updated privacy policy. WhatsApp, which is owned by Facebook, has a separate data policy of its own.

In response, legislators worldwide are scrambling to update their domestic legislation to bend to Europe ’ s privacy rules . But for emerging countries, the cost and administrative burden of applying the EU privacy standards can be Politicians follow in Facebook ’ s footsteps on mass data collection.

Privacy advocacy groups have been urging Facebook and its Silicon Valley competitors such as Alphabet Inc’ s Google to apply EU data laws worldwide , largely without success.

Mark Zuckerberg wearing a suit and tie © Provided by Engadget UK During his testimony in front of the House Energy & Commerce Committee on Wednesday, Facebook CEO Mark Zuckerberg stated that Facebook would adopt the European Union's General Data Protection Rules (GDPR) as its privacy standard moving forward. This marks an evolution in Zuckerberg's position on the issue, having told Reuters earlier this month that he only agreed "in spirit" with the laws. If Zuckerberg follows through with this promise, it could have a significant impact on Facebook users around the world.

The GDPR was first proposed by the European Commission in 2012 as an update to an existing EU data privacy law, Data Protection Directive 95/46/EC, which had been on the books since 1995. The European Parliament passed its own version of the GDPR in 2014 with the Council of the European Union following suit in 2015, at which time the three bodies got together to hash out the final wording of the law. That process lasted until 2016. Now, after a 2-year post-adoption grace period, the GDPR will go into effect in May.

Facebook Faces Indonesian Police Investigation Over Data Breach

  Facebook Faces Indonesian Police Investigation Over Data Breach Facebook Inc is facing possible criminal sanctions in Indonesia as police begin to investigate whether the social-media company breached privacy laws and allowed the data of Indonesian users to be improperly shared. Indonesia’s Communications Minister Rudiantara has asked the chief of the National Police, Tito Karnavian, to investigate the matter after Facebook revealed Thursday that the personal information of more than million Indonesian Facebook users could have been obtained by political consultant Cambridge Analytica. The minister has previously threatened to shut down Facebook over the matter.

Zuckerberg told Reuters in a phone interview that Facebook was working on a version of the law that could apply globally, bringing some European privacy guarantees worldwide . × Recommended For You Powered by Sailthru. Mark Zuckerberg: Facebook will apply EU privacy rules globally 'in spirit'.

It also marks a change from Facebook ’ s previous plans, in which only part of Europe ’ s data protection overhaul was expected to apply outside the EU . The world ’ s most powerful tech regulator: Martin Selmayr. Commission top civil servant’ s zeal for digital privacy is shaping worldwide data protection

UNITED STATES - APRIL 11: Facebook CEO Mark Zuckerberg prepares to testify before a House Energy and Commerce Committee in Rayburn Building on the protection of user data on April 11, 2018. (Photo By Tom Williams/CQ Roll Call) © Getty UNITED STATES - APRIL 11: Facebook CEO Mark Zuckerberg prepares to testify before a House Energy and Commerce Committee in Rayburn Building on the protection of user data on April 11, 2018. (Photo By Tom Williams/CQ Roll Call) Once it does, it will provide an unprecedented level of privacy protection for EU citizens living both in an EU member nation or abroad. It will effectively regulate the privacy practices of any company that processes the personal data of people residing within the EU, regardless of where the company itself is located -- including the cloud. That is, companies will be held responsible for the handling of the personal data they have collected from users. What's more, it grants people the "right to be forgotten" as well as the right to request both copies of their personal data and information pertaining to how and why their data is being processed.

Instagram to allow users to download their data

  Instagram to allow users to download their data Facebook Inc's Instagram will soon allow its users to download a copy of all the content they have uploaded on the photo-sharing platform, a spokesman said on Wednesday. The disclosure comes amid global concerns about the privacy of users' information on social media platforms and the amount of user data that companies keep.While Facebook has allowed its users to download their photos, messages, clicked advertisements and a log of all their activity on the social networking platform since at least 2010, Instagram has lacked any such feature.

Tech Insider. Mark Zuckerberg: Facebook will apply EU privacy rules globally 'in spirit'. Zuckerberg told Reuters in a phone interview that Facebook was working on a version of the law that could apply globally, bringing some European privacy guarantees worldwide .

That means if Europe ’s policymakers are going to give their new online privacy rules real teeth, they will need to do a significantly better job of explaining Companies worldwide are bitterly complaining that the EU ’ s pending data protection overhaul will make it more difficult for them to do business.

Users will also enjoy data portability, the ability to move their personal data from one company to another. This rule offers an interesting secondary effect that Facebook might not like. With the ability to move one's data freely between services, it could help prevent the lock-in effect that helps companies like Facebook and Google establish insurmountable market dominance by lowering the barriers of entry for new, competing services.

The GDPR also significantly strengthens consent protections for EU residents/citizens as well. Companies will be prohibited from using "long illegible terms and conditions full of legalese, as the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent," according to the GDPR website. "It must be as easy to withdraw consent as it is to give it. "

Facebook says users must accept targeted ads even under new EU law

  Facebook says users must accept targeted ads even under new EU law <p>Facebook Inc said on Tuesday it would continue requiring people to accept targeted ads as a condition of using its service, a stance that may help keep its business model largely intact despite a new European Union privacy law.</p>The EU law, which takes effect next month, promises the biggest shakeup in online privacy since the birth of the internet. Companies face fines if they collect or use personal information without permission.

> In response, legislators worldwide are scrambling to update their domestic legislation. The EU law aims at giving citizens in the European Union more control over their own data . They want to make one rule and apply it across all platforms. Not only that, they don't really think through the

Max v. Zuck, round 2 —. Worldwide privacy class action against Facebook heads to EU ’ s highest court. Later, 25,000 Facebook users from around the world —except those in the US and Canada, where different rules apply —joined Schrems in a class action under Austrian law by assigning their

When questioned by Congressman Gene Green about how Facebook would implement this practice in the US, Zuckerberg asserted that the FB app will include a step-by-step tool which walks users through their settings, allowing them to adjust their privacy controls as they wish. Whether users will utilize the tool in appreciable numbers remains to be seen.

To ensure companies will comply with these broad demands, the GDPR offers some serious penalties for those who would ignore the law. Infractions carry a maximum fine of 4 percent of annual global turnover (aka the company's annual revenue) or €20 Million, whichever is greater. The penalties are tiered, mind you, with minor infractions like not having your records in order or not properly notifying authorities in the even of a data breach carrying a 2 percent fine.

Photo Illustration for Facebook Story © Getty Photo Illustration for Facebook Story To its credit, Facebook has committed to applying the GDPR benchmarks, not just "controls and settings" to all of its global network. "Overall I think regulations like this are very positive" Zuckerberg told reporters on a conference call in April. "We intend to make all the same controls available everywhere, not just in Europe."

Facebook says users must accept targeted ads even under new EU law

  Facebook says users must accept targeted ads even under new EU law <p>Facebook Inc said on Tuesday it would continue requiring people to accept targeted ads as a condition of using its service, a stance that may help keep its business model largely intact despite a new European Union privacy law.</p>The EU law, which takes effect next month, promises the biggest shakeup in online privacy since the birth of the internet. Companies face fines if they collect or use personal information without permission.

As the US frets over Facebook and Cambridge Analytica, the EU sets tough new rules . By Trevor Butterworth Mar 26, 2018, 11:20am EDT. Facebook has done Americans and the world a favor in showing how people’ s data is really used. Now Europe can show us what successful, ethical privacy

The EU seeks to end this disorder by having one blanket set of data protection laws that applies to all 28 states. "All companies operating on European soil have to apply the rules ," EU Justice Commissioner Viviane Reding said, according to Reuters.

"Is it going to be exactly the same format? Probably not," he continued. "We'll need to figure out what makes sense in different markets with different laws in different places. But let me repeat this, we're going to make all the same controls and settings available everywhere, not just in Europe." That said, there's no word yet on when Facebook would actually implement such changes.

From a technical standpoint, there's not much preventing Facebook from implementing these protections worldwide. The problem, it turns out, is political. As a Facebook representative explained to Techcrunch, the GDPR protections run contrary to data collection laws in some countries which means that they can't legally be rolled out everywhere. Still, the company remains committed to expanding the protections to as many users as it can.

While it's all well and good that Facebook is doing the right thing for once rather than moving fast and breaking stuff, there's no reason for governments not to implement their own data protection legislation. In fact, some local governments are already planning their own privacy bills. San Francisco supervisor Aaron Peskin announced one such bill on Tuesday which would prohibit the city from doing business with any company that does not adhere to the "the highest standards for data protection." Details of the bill, which will go before voters in November, have not yet been released.

Facebook's Bookmarks menu gets a facelift that makes its settings easier to find

  Facebook's Bookmarks menu gets a facelift that makes its settings easier to find Facebook is rolling out a redesigned bookmarks section in its app that will make it easier to navigate and access various Facebook settings.The updated menu, at first glance, appeared to be a continuation of the redesign to Facebook's Settings, announced last month.

Facebook , with .47 billion in revenue, could face fines of 8 million. “ The EU now has a lot of extra weaponry to punish companies who it believes aren’t complying with its privacy rules ,” said O’Brien. “Threats to online privacy are on the rise — cyber attacks, data breaches, identity theft

Facebook Chief Executive Mark Zuckerberg said on Tuesday that the social network had no immediate plans to apply a strict new European Union law on data privacy in Asked what parts of the EU law he would not extend worldwide , Zuckerberg said: "We're still nailing down details on this, but it should

But even without national legislation, the US government already has a de facto data protection enforcement mechanism. It's called the Federal Trade Commission. The FTC has aggressively pursued a number of companies including Google and Uber over the past few years using Section 5 of the FTC act which prohibits unfair or deceptive trade practices. The FTC has successfully argued that companies which have suffered data breaches violated Section 5 because said breaches were the result of the companies' failure to adopt "reasonable" data protection schemes.

A few companies have fought against this litigation, rather than settle and issue consent decrees, including Wyndham Hotels and LabMD. These companies argue first that there is no legal definition of what constitute a "reasonable" data protection scheme and, second, that no level of cybersecurity is high enough to defend against each and every hacking attempt.

In a 2017 lawsuit against D-Link, the FTC once again invoked Section 5, arguing that the company failed to take reasonable precautions to harden its products against known and reasonable threats. The FTC charges point out that D-Link left its private key, which hackers can use to cajole machines into running malware, on a public website for six months and the company's software suffers a known "command injection" vulnerability.

However, the case gets a bit sticky because the FTC goes on to argue that D-Link's actions -- just like LabMD's -- may cause harm to its customers. D-Link has countered, arguing that the mere potential for harm is insufficient to bring litigation. According to D-Link's filing, "the FTC speculates that consumers were placed "at risk" to be hacked, but fails to allege, as it must, that actual consumers suffered or are likely to suffer actual substantial injuries."

Both the D-Link and LabMD lawsuits are ongoing but illustrate the need for a legislative solution to the issue of data privacy in America, rather than having the courts craft it one case at a time. However, given the current partisan climate in Washington, passing a bill similar to the GDPR seems unlikely.

Related: Facebook privacy settings still too complicated ( USA TODAY)


Facebook to put 1.5 billion users out of reach of new EU privacy law .
<p>If a new European law restricting what companies can do with people's online data went into effect tomorrow, almost 1.9 billion Facebook Inc users around the world would be protected by it. The online social network is making changes that ensure the number will be much smaller.</p>Facebook members outside the United States and Canada, whether they know it or not, are currently governed by terms of service agreed with the company's international headquarters in Ireland.

—   Share news in the SOC. Networks

Topical videos:

This is interesting!