A report commissioned by Belgium’s data protection authority has found Facebook’s revised privacy policy, last updated in January 2015, violates European consumer protection law in a number of ways.
Among the practices being criticized are Facebook’s failure to secure valid consent from users to its processing of their data, its opt-outs for behavioral marketing, the unfair contract terms in its Statement of Rights and Responsibilities, no “legally valid consent” for detailed user profiling obtained by Facebook combining and sharing data between its own services (such as Whatsapp and Instagram) and third party data brokers, a lack of “adequate control mechanisms” and transparency where Facebook uses user-generated content in commercial purposes.
Also, Facebook gives does not give opt-out for location-tracking of users by the Facebook mobile app, and lacks ‘free and informed prior consent’ for the collection and use of device information, while also failing to properly acknowledge the data subject rights of its users.
The European Union is in the process of reforming and harmonizing its data protection directive, which dates back to 1995.
New rules, with more stringent penalties for non-compliance, are expected to be agreed later in 2015 by the European Parliament.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now