Facebook To Change Data Retention Policies
As you may recall, late last month, Facebook and the Federal Trade Commission announced that they had reached a settlement with regards to Facebook privacy. I won’t get into all of the details about that again, but it required Facebook to, within 180 days, and every two years after that for the next 20 years, to obtain independent, third-party audits certifying that it has a privacy program in place that meets or exceeds the requirements of the FTC order.
Today, Facebook announced that the results are in from an audit by the Office of the Irish Data Protection Commissioner (DPC). Facebook went with this organization because the company’s international headquarters are in Ireland, and the DPC oversees its legal compliance to to users outside of the U.S. and Canada.
Facebook says that while audits aren’t normally made public, the company and the DPC felt it would be in the interests of transparency to publicize this one in particular, given the FTC order and the concern among users and the media. Probably a good call.
Facebook says it has agreed to the following “key commitments”:
– Offer additional notifications to European users about Facebook’s photo Tag Suggest feature so that they can decide whether or not to use this feature to help people tag them in photos
– Change a number of our policies related to retention and deletion of data including how data is logged when people access websites with social plugins to minimise the amount of information collected about people who are not logged in to Facebook
– Work with the DPC to improve the information that people using Facebook are given about how to control their information both on Facebook and when using applications
Facebook says it is pleased with the DPC’s highlighting of the company’s “strengths,” which it lists as security protection, importance of real name authenticity, no profiling based on “tracking,” user control, tag suggest, advertising, third-party applications, and friend finder feature.