- Journal Archives
- Volume 17
- Volume 16
- Volume 15
- Volume 14
- Volume 13
- Volume 12
- Volume 11
- Volume 10
- Volume 9
- Volume 8
- Volume 7
- Volume 6
- Volume 5
- Volume 4
- Volume 3
- Volume 2
- Volume 1
Privacy concerns over how Facebook, Inc. uses “cookies” have led both Germany and Ireland to wage new battles against the social networking giant. “Cookies” are “small pieces of data in a person’s Web browser that record browsing behavior.” Privacy officials in Germany and Ireland allege that the cookies Facebook places on users’ internet browsers continue to track users for two years after they delete their accounts, far longer than the few months allowed under European privacy laws.
In Germany, Hamburg’s Data Protection Authority (DPA) investigated Facebook’s “cookie” practice, and concluded that without users’ consent, European privacy regulations require Facebook to delete information it has stored. In Ireland, a ”guerilla” organization of Austrian students–calling themselves “Europe v. Facebook”–has filed twenty-two formal complaints against Facebook, through Ireland’s Data Protection Commissioner (DPC). Europe v. Facebook, the brainchild of 24-year-old Austrian law student Max Schrems, is an online campaign designed to force Facebook to follow European data privacy laws. Members of Europe v. Facebook, including Schrems, have requested records of their own personal information collected by Facebook, pursuant to a right of access guaranteed under Article 12(a) of Directive 95/46/EC (“Member States shall guarantee every data subject the right to obtain from the controller . . . communication to him in an intelligible form of the data undergoing processing . . . .”). Facebook’s responses to these requests–contained in PDFs of more than 1,000 pages and more than 100 megabytes–revealed that Facebook collected and stored data on chats deleted by the user, “pokes,” invitations users had not responded to, friends the user removed, name changes, last locations, past privacy settings, and hundreds of other details. According to Europe v. Facebook, European law provides that a company must have a reason for maintaining data beyond several months.
The U.S. has only recently taken notice of the issue. On October 28, 2011, Reps. Joe Barton and Edward Markey, Co-Chairmen of the Bi-Partisan Privacy Caucus in the U.S. House of Representatives, sent a letter to Facebook CEO Mark Zuckerberg requesting information about Facebook’s data retention policies. The letter, written in response to an October 24th blog post on the Wall Street Journal’s website, raised the Caucus’s concern “that although the user was under the impression that [his] information was deleted at the user’s request, Facebook continued to retain the information.”
The lack of an international privacy framework may pose the greatest obstacle to ensuring that companies adopt practices protecting users’ privacy. Faced with multiple attacks by local authorities in various countries–each of which may impose “trivial” penalties–may not incentivize companies to take privacy seriously. Rather, a company like Facebook defending itself against enforcement actions brought under different, and potentially inconsistent, regulatory regimes, may find it easier to pay fines as they are incurred rather than adopt ex ante a policy of implementing practices that respect user privacy.
– Ilana Kattan
Recent Blog Posts
- Commercial Drones in the Oil and Gas Industry: A Regulatory Incubator
- What is Your Fitness Tracker Tracking??
- Search for Pooping Culprit Ends With Company Forced to Pay $2.2 MillionY
- FIFA Indictments Reveal Widespread Corruption
- Tesla Battery Brings EPA’s Clean Power Plan Closer to Reality
- Feeling Secur3D: Reintroduced Legislature Seeks to Improve Air Safety
Tagsadvertising antitrust Apple books career celebrities contracts copyright copyright infringement courts creative content criminal law entertainment Facebook FCC film/television financial First Amendment games Google government intellectual property internet JETLaw journalism lawsuits legislation media medicine Monday Morning JETLawg music NFL patents privacy progress publicity rights radio social networking sports Supreme Court of the United States (SCOTUS) technology telecommunications trademarks Twitter U.S. Constitution