Facebook flees with 1.5bn users
By taking subscribers out of range of strict EU privacy laws, the social networking firm is back in the spotlight
Just when it seemed Facebook couldn’t blunder into another privacy scandal, it emerged last week that the firm is moving responsibility for 1.5bn of its users from international headquarters in Ireland to California to potentially avoid new European privacy regulations.
That’s about three-quarters of Facebook’s 2.2bn monthly active users that will be out of reach of the EU’S new general data protection regulation. This is despite CEO Mark Zuckerberg telling the US congress this month that Facebook would comply with the “spirit” of the regulations.
“We’re still nailing down details on this, but it should directionally be, in spirit, the whole thing,” he said, without elaborating. When asked if users could opt out of having their data used for marketing purposes, he tactfully said: “Let me follow up with you on that.” Don’t hold your breath.
The EU regulation becomes active on May 25, and offending companies can be fined up to 4% of their global turnover, which in Facebook’s case could be about Us$1.6bn.
What does this tell us about Facebook? At worst, that the company doesn’t want to subject itself to the much harsher privacy laws Europe is enacting. Or, in the kindest analysis, that it simply isn’t ready for the tougher regulations. Either way, Facebook’s business model won’t survive such strict scrutiny.
Last year Zuckerberg changed Facebook’s mission from “Making the world more open and connected” to “Bring[ing] the world closer together”. He said this in June — after the fake news revelations around the 2016 US election, but before those around Cambridge Analytica became public knowledge.
But Facebook knew in 2015 that tens of millions of its users’ personal data had been compromised, which makes it remarkable that auditor PWC gave the social network the all clear last year in a report for the federal trade commission (FTC).
According to a 2011 agreement with the FTC, “Facebook is obligated to keep the promises about privacy that it makes to its hundreds of millions of users,” FTC chairman Jon Leibowitz said at the time. “Facebook’s innovation does not have to come at the expense of consumer privacy. The FTC action will ensure it will not.”
But PWC found in its audit: “In our opinion, Facebook’s privacy controls were operating with sufficient effectiveness to provide reasonable assurance to protect the privacy of covered information.”
The heavily redacted report doesn’t explain how PWC came to these conclusions, and US privacy groups have filed freedom of information cases to find out why.
The FTC said last month it is investigating whether Facebook breached the 2011 agreement, which reportedly carries a fine of $40,000 per violation per user per day.
The privacy scandal doesn’t seem likely to end soon, and with angry consumers baying for consequences, this is the cost Facebook might face.
The FTC is investigating whether Facebook breached a 2011 agreement on users’ privacy