*In December 2009, Facebook changed its website so certain information that users may have designated as private – such as their Friends List – was made public. They didn't warn users that this change was coming, or get their approval in advance.
*Facebook represented that third-party apps that users' installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users' personal data – data the apps didn't need.
*Facebook told users they could restrict sharing of data to limited audiences – for example with "Friends Only." In fact, selecting "Friends Only" did not prevent their information from being shared with third-party applications their friends used.
*Facebook had a "Verified Apps" program & claimed it certified the security of participating apps. It didn't.
*Facebook promised users that it would not share their personal information with advertisers. It did.
*Facebook claimed that when users deactivated or deleted their accounts, their photos and videos would be inaccessible. But Facebook allowed access to the content, even after users had deactivated or deleted their accounts.
*Facebook claimed that it complied with the U.S.- EU Safe Harbor Framework that governs data transfer between the U.S. and the European Union. It didn't.
Germany, Europe’s economic powerhouse, home to more than 20 million Facebook users, has no fewer than 17 official bodies responsible for enforcing data protection and privacy laws; one federal and one for each of the 16 states. They among some of several EU member countries see Facebook as the web’s chief privacy villain and some of its features as examples of an American company ignoring European laws.
Privacy laws in EU countries have to at least meet standards set by officials in Brussels. British regulators have demurred in response to privacy transgressions by the giants of the web, such as when Google's Steet View cars intercepted WiFi data. That, however, is not the case throughout the EU..
Privacy laws enforcement needs more scrutiny on a Government level. In particular data protection laws for all 27 European Member States, specially following suggestions that US officials now can apparently use the Patriot Act to access European citizens’ data without consent.
At present, under the US Patriot Act data from EU users of US-owned cloud-based services may be shared with US law enforcement agencies without the need to tell the user. At present, under the US Patriot Act data from EU users of US-owned cloud-based services may be shared with US law enforcement agencies without the need to tell the user.
Another infringement on privacy laws seems to be the requirement for EU residents of most member states who request or renew their passports, to provide fingerprints. Apparently when some of these applicants ask what happens to this data, where it is stored, or who can see it, they are given "nebulous" responses, or the answer that it is in the interest of the passport holder.
EU-Digest
No comments:
Post a Comment