The UK’s Information Commissioner’s Office (ICO) wants Facebook and its WhatsApp subsidiary to provide users with more information and greater protection over how their data is collected and used.
“We have now asked Facebook and WhatsApp to sign an undertaking committing to better explaining to customers how their data will be used, and to giving users ongoing control over that information,” said the Information Commissioner Elizabeth Denham.
However, neither Facebook or WhatsApp have acquiesced to this commitment, despite agreeing to pause using data from WhatsApp users in the UK for advertising and product improvement purposes.
“We think consumers deserve a greater level of information and protection, but so far Facebook and WhatsApp haven’t agreed. If Facebook starts using the data without valid consent, it may face enforcement action from my office.”
There is more than a whiff of threat behind this public declaration from the Commissioner, and if Facebook decides to rest on its laurels when it comes to such commitments, it will likely come under fire from Denham and the ICO. And Denham does not appear to be someone willing to issue such a statement with not commitment to follow it up.
“We’ll keep pushing on this, both from our office and alongside other data protection authorities across Europe, notably the Irish Data Protection Commissioner, where Facebook’s EU headquarters are based,” she said.
Concerns over how Facebook and WhatsApp informs its users over the use of their data appears to have been on the Information Commissioner’s agenda for a good two months it would seem.
“Eight weeks ago I said my office would look into the approach WhatsApp had decided to take in sharing customer information with Facebook,” Denham said.
“I had concerns that consumers weren’t being properly protected, and it’s fair to say the enquiries my team have made haven’t changed that view.
“I don’t think users have been given enough information about what Facebook plans to do with their information, and I don’t think WhatsApp has got valid consent from users to share the information. I also believe users should be given ongoing control over how their information is used, not just a 30 day window.”
Denham’s concerns centre around the ability for companies harvesting users’ data to in return for services, which she sees as a means to wrest control over personal data from the users and potentially exploit it in ways unknown to them.
TechWeekEurope contacted Facebook for comment on the issue but has yet to receive a response.
Data protection and uses will become a hotter topic as the Britain looks to take action on leaving the European Union. The Brexit could mean the UK abandons the General Data Protection Regulation (GDPR) being brought in to cover EU member states. However, the Information Commissioner’s Office believes that Britain will end up adopting GDPR regardless.
How much do you know about the European Commission? Take our quiz!