Money Can Facebook really apply the EU's data privacy rules worldwide?

23:56  15 april  2018
23:56  15 april  2018 Source:   engadget.com

Facebook Faces Indonesian Police Investigation Over Data Breach

  Facebook Faces Indonesian Police Investigation Over Data Breach Facebook Inc is facing possible criminal sanctions in Indonesia as police begin to investigate whether the social-media company breached privacy laws and allowed the data of Indonesian users to be improperly shared. Indonesia’s Communications Minister Rudiantara has asked the chief of the National Police, Tito Karnavian, to investigate the matter after Facebook revealed Thursday that the personal information of more than million Indonesian Facebook users could have been obtained by political consultant Cambridge Analytica. The minister has previously threatened to shut down Facebook over the matter.

Mark Zuckerberg wearing a suit and tie © Provided by Engadget UK During his testimony in front of the House Energy & Commerce Committee on Wednesday, Facebook CEO Mark Zuckerberg stated that Facebook would adopt the European Union's General Data Protection Rules (GDPR) as its privacy standard moving forward. This marks an evolution in Zuckerberg's position on the issue, having told Reuters earlier this month that he only agreed "in spirit" with the laws. If Zuckerberg follows through with this promise, it could have a significant impact on Facebook users around the world.

The GDPR was first proposed by the European Commission in 2012 as an update to an existing EU data privacy law, Data Protection Directive 95/46/EC, which had been on the books since 1995. The European Parliament passed its own version of the GDPR in 2014 with the Council of the European Union following suit in 2015, at which time the three bodies got together to hash out the final wording of the law. That process lasted until 2016. Now, after a 2-year post-adoption grace period, the GDPR will go into effect in May.

Facebook scans the photos and links you send on Messenger

  Facebook scans the photos and links you send on Messenger Facebook Inc scans the links and images that people send each other on Facebook Messenger, and reads chats when they’re flagged to moderators, making sure the content abides by the company’s rules. If it doesn’t, it gets blocked or taken down. The company confirmed the practice after an interview published earlier this week with chief executive officer Mark Zuckerberg raised questions about Messenger’s practices and privacy. Zuckerberg told Vox’s Ezra Klein a story about receiving a phone call related to ethnic cleansing in Myanmar. Facebook had detected people trying to send sensational messages through the Messenger app, he said.

UNITED STATES - APRIL 11: Facebook CEO Mark Zuckerberg prepares to testify before a House Energy and Commerce Committee in Rayburn Building on the protection of user data on April 11, 2018. (Photo By Tom Williams/CQ Roll Call) © Getty UNITED STATES - APRIL 11: Facebook CEO Mark Zuckerberg prepares to testify before a House Energy and Commerce Committee in Rayburn Building on the protection of user data on April 11, 2018. (Photo By Tom Williams/CQ Roll Call) Once it does, it will provide an unprecedented level of privacy protection for EU citizens living both in an EU member nation or abroad. It will effectively regulate the privacy practices of any company that processes the personal data of people residing within the EU, regardless of where the company itself is located -- including the cloud. That is, companies will be held responsible for the handling of the personal data they have collected from users. What's more, it grants people the "right to be forgotten" as well as the right to request both copies of their personal data and information pertaining to how and why their data is being processed.

Instagram to allow users to download their data

  Instagram to allow users to download their data Facebook Inc's Instagram will soon allow its users to download a copy of all the content they have uploaded on the photo-sharing platform, a spokesman said on Wednesday. The disclosure comes amid global concerns about the privacy of users' information on social media platforms and the amount of user data that companies keep.While Facebook has allowed its users to download their photos, messages, clicked advertisements and a log of all their activity on the social networking platform since at least 2010, Instagram has lacked any such feature.

Users will also enjoy data portability, the ability to move their personal data from one company to another. This rule offers an interesting secondary effect that Facebook might not like. With the ability to move one's data freely between services, it could help prevent the lock-in effect that helps companies like Facebook and Google establish insurmountable market dominance by lowering the barriers of entry for new, competing services.

The GDPR also significantly strengthens consent protections for EU residents/citizens as well. Companies will be prohibited from using "long illegible terms and conditions full of legalese, as the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent," according to the GDPR website. "It must be as easy to withdraw consent as it is to give it. "

Facebook's Bookmarks menu gets a facelift that makes its settings easier to find

  Facebook's Bookmarks menu gets a facelift that makes its settings easier to find Facebook is rolling out a redesigned bookmarks section in its app that will make it easier to navigate and access various Facebook settings.The updated menu, at first glance, appeared to be a continuation of the redesign to Facebook's Settings, announced last month.

When questioned by Congressman Gene Green about how Facebook would implement this practice in the US, Zuckerberg asserted that the FB app will include a step-by-step tool which walks users through their settings, allowing them to adjust their privacy controls as they wish. Whether users will utilize the tool in appreciable numbers remains to be seen.

To ensure companies will comply with these broad demands, the GDPR offers some serious penalties for those who would ignore the law. Infractions carry a maximum fine of 4 percent of annual global turnover (aka the company's annual revenue) or €20 Million, whichever is greater. The penalties are tiered, mind you, with minor infractions like not having your records in order or not properly notifying authorities in the even of a data breach carrying a 2 percent fine.

Photo Illustration for Facebook Story © Getty Photo Illustration for Facebook Story To its credit, Facebook has committed to applying the GDPR benchmarks, not just "controls and settings" to all of its global network. "Overall I think regulations like this are very positive" Zuckerberg told reporters on a conference call in April. "We intend to make all the same controls available everywhere, not just in Europe."

Facebook fuels broad privacy debate by tracking non-users

  Facebook fuels broad privacy debate by tracking non-users Concern about Facebook Inc's respect for data privacy is widening to include the information it collects about non-users, after Chief Executive Mark Zuckerberg said the world's largest social network tracks people whether they have accounts or not.Privacy concerns have swamped Facebook since it acknowledged last month that information about millions of users wrongly ended up in the hands of political consultancy Cambridge Analytica, a firm that has counted U.S. President Donald Trump's 2016 electoral campaign among its clients.

"Is it going to be exactly the same format? Probably not," he continued. "We'll need to figure out what makes sense in different markets with different laws in different places. But let me repeat this, we're going to make all the same controls and settings available everywhere, not just in Europe." That said, there's no word yet on when Facebook would actually implement such changes.

From a technical standpoint, there's not much preventing Facebook from implementing these protections worldwide. The problem, it turns out, is political. As a Facebook representative explained to Techcrunch, the GDPR protections run contrary to data collection laws in some countries which means that they can't legally be rolled out everywhere. Still, the company remains committed to expanding the protections to as many users as it can.

While it's all well and good that Facebook is doing the right thing for once rather than moving fast and breaking stuff, there's no reason for governments not to implement their own data protection legislation. In fact, some local governments are already planning their own privacy bills. San Francisco supervisor Aaron Peskin announced one such bill on Tuesday which would prohibit the city from doing business with any company that does not adhere to the "the highest standards for data protection." Details of the bill, which will go before voters in November, have not yet been released.

Facebook says users must accept targeted ads even under new EU law

  Facebook says users must accept targeted ads even under new EU law Facebook Inc said on Tuesday it would continue requiring people to accept targeted ads as a condition of using its service, a stance that may help keep its business model largely intact despite a new European Union privacy law.The EU law, which takes effect next month, promises the biggest shakeup in online privacy since the birth of the internet. Companies face fines if they collect or use personal information without permission.

But even without national legislation, the US government already has a de facto data protection enforcement mechanism. It's called the Federal Trade Commission. The FTC has aggressively pursued a number of companies including Google and Uber over the past few years using Section 5 of the FTC act which prohibits unfair or deceptive trade practices. The FTC has successfully argued that companies which have suffered data breaches violated Section 5 because said breaches were the result of the companies' failure to adopt "reasonable" data protection schemes.

A few companies have fought against this litigation, rather than settle and issue consent decrees, including Wyndham Hotels and LabMD. These companies argue first that there is no legal definition of what constitute a "reasonable" data protection scheme and, second, that no level of cybersecurity is high enough to defend against each and every hacking attempt.

In a 2017 lawsuit against D-Link, the FTC once again invoked Section 5, arguing that the company failed to take reasonable precautions to harden its products against known and reasonable threats. The FTC charges point out that D-Link left its private key, which hackers can use to cajole machines into running malware, on a public website for six months and the company's software suffers a known "command injection" vulnerability.

However, the case gets a bit sticky because the FTC goes on to argue that D-Link's actions -- just like LabMD's -- may cause harm to its customers. D-Link has countered, arguing that the mere potential for harm is insufficient to bring litigation. According to D-Link's filing, "the FTC speculates that consumers were placed "at risk" to be hacked, but fails to allege, as it must, that actual consumers suffered or are likely to suffer actual substantial injuries."

Both the D-Link and LabMD lawsuits are ongoing but illustrate the need for a legislative solution to the issue of data privacy in America, rather than having the courts craft it one case at a time. However, given the current partisan climate in Washington, passing a bill similar to the GDPR seems unlikely.

Related: Facebook privacy settings still too complicated ( USA TODAY)

WhatsApp says users must be 16 or older to access the app in Europe .
WhatsApp is banning anyone under 16 years old from using its app in Europe. It’s raising the age limit by three years just as the European data privacy rules start kicking in on May 25th, as spotted by Reuters.When users in Europe log onto the app in the next few weeks, they’ll be asked to confirm their age when accepting the new terms of service and an updated privacy policy. WhatsApp, which is owned by Facebook, has a separate data policy of its own.

—   Share news in the SOC. Networks

Topical videos:

This is interesting!