In August, Ireland’s Data Protection (DPC) Commissioner Billy Hawks made headlines by airing a laundry list of potential Facebook privacy violations, including the creation of “shadow profiles” and the collection of information about non-Facebook users.
At the same time, the Irish Commissioner declared that his planned audit of Facebook’s privacy practices was, “likely to be the most detailed, challenging and intensive audit ever undertaken by his office.” The announcement was good for generating headlines, but as the results of his audit show, the alarming headlines were unjustified and, in some cases, wrong.
Fast-forward to today’s news about the audit findings where the Commissioner concluded that, “The audit has found a positive approach and commitment on the part of Facebook Ireland to respecting the privacy rights of its users.”
Well, that conclusion was unexpectedly un-alarming.
Just like last month’s FTC consent agreement, Facebook emerged from an engagement with government auditors without dramatic revelations of plots to build dossiers on every person on the planet.
The audit declared that, as a rapidly changing service used by millions of people around the world there is room for improvement, but no malice. It went on to suggest changes to how Facebook users tag people in photographs and how long browsing meta-data is retained.
Even more interesting than the suggested improvements are what the investigation revealed about the social network’s data usage practices.
The audit found that:
- Facebook does not seek information on non-Facebook members
- Facebook does not create “shadow” profiles
- Information collected from third party sites is not used for targeting advertising
- Facebook engages in data deletion
Importantly, the Irish audit found Facebook’s use of cookies, which we addressed a couple of weeks ago, “innovative” since they “identify unusual or suspicious activity on an account.”
The report basically confirmed what Facebook has been saying, and disproves much of the fear-mongering from privacy zealots.
The audit declared that, as a rapidly changing service used by millions of people around the world there is room for improvement, but no malice.
So perhaps Facebook is not the evil, dossier-devising, giant that some would have you believe. In fact, it seems as though with each government audit prompted by the privacy industry, we learn more about Facebook’s priority–to build a free service where users feel safe while they share information as easily and efficiently as possible.
It’s good to see Facebook engaging with regulators, but we should be wary if every engagement ends with a set of restrictions that could restrict future innovation. And the lesson learned here is, perhaps if regulators cry wolf, there ought to be an actual wolf, or at a minimum, a really large dog.
Related articles
- Facebook’s ‘Darwinian’ nature keeps users safe – Irish gov (go.theregister.com)
- Where is the Button to ‘Like’ Facebook’s Cookies? (netchoice.org)
- A Golf Clap for the FTC and Facebook (netchoice.org)
- The Facts Speak for Themselves on Privacy for Social Networking Sites (netchoice.org)
