Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
A European Commissioner’s warning to Facebook Inc. about its data collection practices is a tip-off to other social media companies to be clearer about what they do with users’ personal information, privacy attorneys said.
The EU’s new high-stakes data privacy regime, the General Data Protection Regulation, has been a sleeping giant since it took effect in May. Although European Justice Commissioner Vera Jourova wasn’t referencing the GDPR in her comments about Facebook, data collection transparency is a major underpinning of the EU’s new privacy regime.
Expect social media companies to test the waters because data enforcement is a real “threat to their business models,” Robert Cattanach, privacy partner at Dorsey & Whitney LLP in Minneapolis, told Bloomberg Law.
Companies that violate GDPR privacy standards can be subject to fines of up to four percent of annual revenue, or $1.63 billion in Facebook’s case.
Facebook tells users their data is used to improve their overall experience, but doesn’t tell them that it is also used for commercial purposes, Jourova said. She warned Facebook to change some of its terms and conditions by December to avoid sanctions.
Jourova’s warning is a reminder to social media and other companies that collect consumer data in the EU that they must be clear and transparent in their privacy policies or terms and conditions, privacy attorneys said.
“There is clearly a feeling that some of the most pioneering Silicon Valley companies, whilst having offerings that are hugely popular, are increasingly using personal data in ways that the average consumer may not understand,” Rafi Azim-Khan, leader of Pillsbury Winthrop Shaw Pittman LLP’s data privacy and cybersecurity practice in London, told Bloomberg Law.
Facebook updated its terms of service in May “and included the vast majority of changes the Consumer Protection Cooperation Network and the European Commission had proposed at that point,” a company spokesperson told Bloomberg Law Sept. 21. “Our terms are now much clearer on what is and what isn’t allowed on Facebook and on the options people have.”
Facebook’s spokesperson said the social media giant “will continue our close cooperation to understand any further concerns and make appropriate updates.”
EU privacy officials have been concerned that social media companies’ data collection schemes may harm consumer’s online privacy, the EU’s top data protection supervisor told Bloomberg Law.
The EU has “said consistently that the dominant business model for web based services represents a systemic threat to people’s freedom and privacy online,” European Data Protection Supervisor Giovanni Buttarelli told Bloomberg Law in a Sept. 21 email. The consumer data is “monetised by means of profiling and targeting,” he said.
EU regulators “will try to move the needle” with enforcement against social media companies, but there is “enough incentive for them to not open the door” during investigations to expose the data they use, Cattanach said.
Jourova’s Sept. 20 comments highlight how EU regulators and officials can use the GDPR to pressure Silicon Valley giants and other global technology companies, privacy attorneys said.
Transparency with customers about how their information is used has always been a requirement for companies in Europe, but the GDPR implements more granular obligations, Rohan Massey, who leads Ropes & Gray LLP’s privacy and cybersecurity practice in Europe, told Bloomberg Law Sept. 21 without commenting on any specific company.
All social media companies need to focus on transparency as they collect and gain monetary value from the massive amounts of EU citizen data they collect, privacy attorneys said. If they don’t follow GDPR transparency rules, the social media companies risk enforcement, they said.
“It is clear that the overall risk profile for tech companies in this area increased,” Jorg Hladjk, who leads Jones Day’s cybersecurity and privacy practice in Brussels, told Bloomberg Law Sept. 21.
Ireland’s data protection authority is already probing Facebook. EU consumers say the company forced them to agree to new privacy policies without clear notice.
The EU consumer complaint, filed by Austrian privacy advocate Max Schrems’ group, NOYB, is being investigated by the Irish authority, which has the power to probe the company on an EU-wide basis under the GDPR.
The investigation is focused on Facebook’s transparency in the terms and conditions of use they convey to users and their data collection practices, Graham X. Doyle, spokesman for Irish Data Protection Commissioner Helen Dixon, told Bloomberg Law Sept. 21.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to firstname.lastname@example.org.
Put me on standing order
Notify me when new releases are available (no standing order will be created)