Facebook Australia's 'small company' status makes it a small target
Does Zuck know that smaller companies have lesser privacy obligations?
There's an old joke about failed CEOs, which runs “how do you create a small company? Give a big one to CEO X”. Facebook has found a new wrinkle: you build a small company merely by getting regulators to agree that it's a small company.
Apparently in order to manage its corporate reporting requirements in Australia, that's just what The Social NetworkTM has achieved, according to a report by Fairfax Media.
The publisher has turned up a decision by Australia's corporate regulator, ASIC, which allows Facebook to class itself as a small company in Australia.
As the report points out, this status is in spite of down-under revenues north of $AU60 million annually, Facebook achieved the “small company that is not part of a large group” status in 2009 and has managed to maintain this ever since – relieving it of, among other things, the obligation to file annual accounts with ASIC, which would give an accurate picture of its local revenue.
Curious about another possible implication of “small company status”, The Register asked the office of Australia's Privacy Commissioner Tim Pilgrim whether the ASIC status would affect Facebook's privacy obligations.
The response was less than responsive: the decision, we were told, "does not affect the operation of the Act".
Full compliance with Australia's Privacy Act is only required of some businesses whose turnover is beneath $AU3 million – those in healthcare, those trading personal information (which may catch Facebook), those related to a larger business, those who have to collect data under terrorism and money-laundering laws, and operators of residential tenancy databases.
Regarding being “related to a larger business”, Vulture South notes that Facebook's special corporate status describes it as “a Small Pty Company Controlled By a Foreign Coy Which is Not Part of Large Group”. ®
Sponsored: 2016 Cyberthreat defense report