Feeds

Facebook spurns privacy probe as 'routine audit'

More of a gentle poke than an outright dig

Seven Steps to Software Security

Facebook's international headquarters are in Dublin, Ireland, where the company just so happens to face a regulatory probe into the handling of personal data on the social network.

According to the RTE, the Irish data protection commissioner will carry out a privacy audit of the site in November.

That's potentially a big deal, because Facebook's presence in Dublin is much more dominant than anywhere else in Europe.

The company farms all the data it stores back to its spiritual homeland in the US, but a privacy audit in Ireland is significant as it's not only Facebook's major EMEA bolthole, but is also the nearest responsible data protection authority outside of the firm's US head office.

It's important to note, however, that Facebook isn't breaching European law when it makes stealth changes to its technology that cause upset among its 800 million-strong stalkerbase.

Last week the company fielded lots of complaints from users unhappy with the latest redesign to Facebook, that included Mark Zuckerberg's creepy concept of "frictionless sharing", which means displaying an individual's entire life history as chronicled on the network.

An Austria-based collective called Europe versus Facebook filed 22 complaints with the Irish data protection commissioner.

Among other things, the group griped about Facebook's "Like" button that – it was revealed by Oz blogger Nik Cubrilovic – carried cookies that included unique information after people had logged out of the dominant social network.

Facebook said it had "quickly" fixed the issue, but insisted there was no privacy or security breach.

"Like every site on the internet that personalises content and tries to provide a secure experience for users, we place cookies on the computer of the user," it told The Register earlier this week.

Irish deputy data protection commissioner Gary Davis told the FT that his office would investigate Facebook's operation outside of the US and Canada.

“This audit will examine the subject matter of the complaint but also will be more extensive and will seek to examine Facebook’s compliance more generally with Irish data protection law,” he added.

According to the RTE, a report on the outcome of that probe won't be published until the end of 2011.

Facebook's European policy director Richard Allan has previously called on self-regulation and the development of industry standards rather than for people to get stuck on "a debate on principles about data protection law each time”.

Despite the howls of protest against the immensely popular network, Brussels has limited power over how Facebook operates in Europe while siphoning the data it gathers to the US.

Regulators hope to close the loophole with the reform of the Data Protection Directive, proposals for which are expected in early 2012.

Facebook underplayed the latest regulatory action taken against the firm:

“Facebook’s European headquarters in Ireland manages the company’s compliance with EU data protection law," it said.

"We are in regular dialogue with the Irish data protection commissioner and we look forward to demonstrating our commitment to the appropriate handling of user data as part of this routine audit.” ®

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.