Dutch regulator asks Facebook to hold off on privacy update, is rebuffed

16.12.2014
Saying that Facebook's new privacy policy could violate Dutch data protection laws, the privacy regulator in the Netherlands has asked it to postpone its introduction pending an investigation. But the social network won't hold back the rollout of new terms and policies on Jan. 1, and was "surprised and disappointed" by the data protection authority's move, a spokeswoman said.

"We recently updated our terms and policies to make them more clear and concise, to reflect new product features and to highlight how we're expanding people's control over advertising," she said, adding that Facebook is confident the updates comply with relevant laws.

As a company with its international headquarters in Dublin, Facebook routinely reviews product and policy updates -- including this one -- with the Irish Data Protection Commissioner, which oversees Facebook's compliance with the EU Data Protection Directive as implemented under Irish law, she added.

But the Dutch data protection authority isn't so sure the new policy complies with the law. Unveiled in November, the policy gives Facebook the right to use information and photos from user profiles for commercial purposes, the Dutch DPA said in a news release. It plans to investigate consequences of the new policy for Dutch users, including how it obtains permission for the use of their personal data, it said.

In the updated policy Facebook states that users give Facebook permission "to use your name, profile picture, content, and information in connection with commercial, sponsored, or related content (such as a brand you like) served or enhanced by us." Which means that, for example, "you permit a business or other entity to pay us to display your name and/or profile picture with your content or information, without any compensation to you."

If a user selects a specific audience for a post, such as "friends," Facebook will respect that choice, it said, adding that it will "not give user content or information to advertisers without consent."

However, all those clauses are also mentioned in the current terms that were last revised in November 2013, so it's unclear what new aspects the DPA objects to.

A spokeswoman for the Dutch DPA said the authority still has to assess the scope of the investigation.

Loek is Amsterdam Correspondent and covers online privacy, intellectual property, online payment issues as well as EU technology policy and regulation for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to loek_essers@idg.com

Loek Essers

Zur Startseite