Facebook’s default privacy settings and use of personal data are against German consumer law, according to a Berlin regional court.
The court ruled that Facebook collects and uses personal data without providing enough information to its members for them to give meaningful consent.
“Facebook hides default settings that are not privacy-friendly in its privacy centre and does not provide sufficient information about it when users register,” said Heiko Duenkel, litigation policy officer at the Federation of German Consumer Organisations (vzvb).
The vzvb said in a statement: “In the Facebook app for smartphones, for example, a location service was pre-activated that reveals a user’s location to people they are chatting to.
“In the privacy settings, ticks were already placed in boxes that allowed search engines to link to the user’s timeline. This meant that anyone could quickly and easily find personal Facebook profiles.
“The judges ruled that all five of the default settings on Facebook that vzvb complained about are invalid.” The German language judgement was handed down in January, but only publicly revealed on Monday.
Facebook said it would appeal, adding: “We are working hard to ensure that our guidelines are clear and easy to understand, and that the services offered by Facebook are in full accordance with the law.”
Facebook’s chief operating officer, Sheryl Sandberg, announced some changes, saying they would “put the core privacy settings for Facebook in one place and make it much easier for people to manage their data”.
Are you prepared for GDPR?
With the enforcement date for the GDPR rapidly approaching, organisations not yet compliant will have to work fiercely across all areas to be ready in time. Some of these steps can be tackled simultaneously, but organisations need to be disciplined and make sure enough attention is paid to each part of the process.
You can avoid the pitfalls of non-compliance with the General Data Protection Regulation (GDPR) by reading EU GDPR – A Pocket Guide. Written by Alan Calder, IT Governance’s founder and executive chairman, this book will help you gain a clear understanding of the GDPR, explaining:
- The terms and definitions used in the Regulation;
- The most important compliance requirements; and
- How organisations can comply with the GDPR.