24 June 2009

EU: Wants Tighter Privacy on Social Networks

24 06 2009 - Are social networks such as Facebook and MySpace doing enough to protect their users’ privacy? In the European Union, they might need to do more. A panel of European regulators has laid out operating guidelines for social networks, which will ensure their compliance with strict – albeit sometimes vague – online privacy laws in the European Union.

image These laws mostly stem from the European Union Directive on Data Protection of 1995, which, among other regulations, prohibits collection of personal information without consumers’ permission, forbids employers to read workers’ private e-mail, and doesn’t allow companies to share personal information on users without their permission.

However, according to data-privacy lawyer Jan Dhont at Lorenz in Brussels, these regulations aren’t always very clear. For example, the companies that collect personal information must use it for “legitimate purposes,” which can be interpreted in many different ways.

Nevertheless, the guidelines that were laid out will require quite a bit of effort from sites such as Facebook and MySpace, who cannot neglect their European user base and will therefore surely at least try to comply to avoid clashing with the EU regulators.

According to the guidelines, social networks must set security settings to high by default; they must allow users to limit data disclosed to third parties, and they must limit the use of sensitive information (race, religion, political views) in behavioral advertising.

Furthermore, social networks must delete accounts that have been inactive for long periods, as well as discard users’ personal information after they delete their accounts; an interesting regulation in view of the recent Facebook scandal, in which Facebook claimed ownership of all the content you’ve ever uploaded even if you quit the service. Facebook later apologized and restored their previous Terms of Service, even letting users be part of the decision process in creating the new ToS. However, it must be noted that even if this sounds like democracy, it’s a frail one, as Facebook still sets up the stage and has the last word on every decision.

It is therefore good that there’s an overseer, looking over our online privacy and security. These latest guidelines from the European Union will definitely make life harder for social networks such as Facebook and MySpace, but will most likely have a positive impact on user privacy in the long run.

You can read the entire set of guidelines created by the Article 29 Data Protection Working Party in PDF format here.


No comments: