Facebook's Answer to E.U. Privacy Law: Accept Data Collection and Ads, or Don't Use Facebook
On May 25, the new General Data Protection Regulation (GDPR) will be enforced across the European Union. The aim of GDPR is to return control of personal data to the individual by ensuring companies follow a new set of data protection compliance rules. If they don't, then penalties of up to 4 percent of worldwide turnover, or $25 million will have to be paid.
Facebook is one of the companies that needs to adjust its data collection and use practices so as not to fall foul of this new regulation. Add to that the continuing fallout from the Cambridge Analytica debacle, and you can understand why the social network is keen to comply with GDPR as soon as possible.
Today, Facebook's chief privacy officer Erin Egan, and deputy general counsel Ashie Beringer, published an article explaining how the company intends to comply with GDPR. Unfortunately, it doesn't look to be a scaling back of the data collection or use thereof. Instead, Facebook is focusing on asking permission.
Facebook users will be asked to "make choices" about ads shown based on data from Facebook's partners and whether you want that data used when deciding which ads to show you. Information in your profile will also require a new choice of "special protection" for sharing political, religious and relationship details. Then there's facial recognition, which Facebook will offer as an optional feature, but only to those users located in Europe or Canada.
A new Settings and Privacy Shortcuts tool will make seeing, deleting, downloading and exporting data easier, and the Facebook Activity Log on mobile has been updated so it's clear what data you have shared. Young people are also gaining access to special protections, with 13- to 15-year-olds getting a "less personalized version of Facebook" as well as less relevant ads and permission from a guardian enforced to access different aspects of the social network.
For the typical Facebook user who falls under the protection of GDPR, this means one thing: you're going to have to agree to allow Facebook to continue collecting your data as it wants. Reuters spoke with Facebook Deputy Chief Privacy Officer Rob Sherman, who confirmed that targeted advertising is set to continue because, "Facebook is an advertising-supported service."
The permission screens Facebook users will see across Europe will not have an accept and decline option. Instead you can either "accept and continue" or "manage data settings." But regardless of how you manage those settings, you're going to have to accept Facebook's data collection policies to use the social network. If you don't accept them, Sherman explains what the solution is, "People can choose to not be on Facebook if they want."
Facebook ends its post with the sentence "We're committed to making sure people understand how we use their information and how they can control it." I think that sums up how GDPR, and whatever other privacy protection laws appear, are going to be dealt with. Facebook will comply with them by ensuring users give their permission for the data collection to continue. Unfortunately, most users will probably just tap accept.