Facebook: EU’s ‘Right To Be Forgotten’ Will Enforce More User Tracking

Facebook tells TechWeekEurope the right to be forgotten would actually damage privacy

Facebook believes that the ‘right to be forgotten’, one of the key parts of the European Commission’s proposed data protection laws, will actually require more tracking of individuals on the Internet, rather than be a massive boon for privacy.

The social networking behemoth has been fighting data privacy rules proposed in Brussels in January, and has taken particular interest in the ‘right to be forgotten’. It recently said the rule, which would force companies to delete customers’ data when they ask for it to be erased,  “raises many concerns with regard to the right of others to remember and to freedom of expression”.

But Facebook also believes that if customers want to have all of their data deleted from a particular site, it will require service providers, like Facebook, Google, Twitter and any other company involved in publishing data on the Web, to track customers’ activity across other websites than their own.

Facebook - Shutterstock - © Pan Xunbin / Shutterstock.comRight to be forgotten

“As drafted, the proposals have privacy implications,” Linda Griffin, Facebook’s policy communications manager in Europe, told TechWeekEurope.

“The obligation to delete data that has been copied to other services is something we cannot control. In order to meet such obligations it would mean that service providers would be obliged to monitor people’s activities across the Internet.

“It is practically impossible for Facebook to delete information that has been copied to other sites and also has implications on the right to freedom of expression on the Internet.”

Griffin said that Facebook had worked hard to let users delete information from the site and essentially be forgotten on facebook.com.

“Facebook does more than most to help its users control their privacy and delete their data,” she added, pointing to various Facebook services such as the  Download Your Information Tool and the “straightforward process of either deleting or deactivating your account”.

“There are a lot of myths floating around about FB which keep getting rehashed and where we haven’t done things well enough in the past we have tried to improve,” she added.

Some believe Facebook is actually misinterpreting what the Commission is proposing. Jim Killock, executive director of the Open Rights Group, said “the right to be forgotten is not about what individual users do, but how Facebook or other companies share user data, and how a user revokes permission”.

“There is a conflation in companies’ minds of the generic reuse of  published information and the commercial sharing of user data. Separate these out and you can see the root idea is common sense,” Killock told TechWeekEurope.

“That said the drafting could be improved. This is often true with legislation, and we should support Reding’s effort to improve user control of their data.”

Sharing data

One of the biggest problems privacy professionals have with social networks like Facebook and active Web 2.0 companies is that they share information with other businesses where they see fit.

Privacy and security company Steganos today released a report lambasting such businesses for their privacy policies. Steganos said numerous Internet service providers are sharing personal information without users’ permission or court orders.

It noted that Facebook’s privacy policy states it may “supply law enforcement information to help prevent or respond to fraud and other illegal activity, as well as violations of Facebook terms.” It noted similar statements, as seen in the infographic below.

Steganos infographic - data privacy

Privacy nightmare?

TechWeekEurope asked Facebook whether it thought it was bringing privacy problems on itself by handing over data to third parties, but it had not responded at the time of publication.

Privacy professional Phil Booth recommended letting users tag pieces of data posted on sites like Facebook. That would mean information could be tracked down easily and retrieved without necessarily having to know where Web users have been. However, he said modifying the culture or behaviour of web companies would be better then “techno-legal fixes”.

Yesterday, TechWeekEurope exclusively revealed the extent to which the US government was lobbying European Commission officials on the issue. Sources within the commission said they were surprised at the level of interest from the US, revealing it had tried to delay the introduction of the proposed laws, which were outlined in January.

The EC sources said the Commission was standing firm and not being swayed by US lobbyists. It will keep the ‘right to be forgotten’, and is determined to stick with other controversial plans, including increasing regulators’ fining powers across member states.

Meanwhile, an Austrian privacy group is preparing a lawsuit against Facebook in Ireland – the social network’s EU base – over privacy issues. The legal charge is being led by Max Schrems, who was outraged, in 2011, when he discovered the site stored 1,200 items of personal data on him.

Are you a security expert? Find out with our quiz!