Facebook’s efforts are not being paid off, at least in case of its privacy concerns. The social networking giant has been attacked by many organizations in the past, but the problems now seem to take a serious route once again. An Austrian group, Europe versus Facebook piled up 22 complaints against Facebook in regards to the practices of the social networking site. One can view the list of the said complaints from Europe versus Facebook, here.
Facebook recently noted that it is not required to give one a copy of some of their personal data if it deems doing so would adversely affect its trade secrets or intellectual property. The talk about requesting a copy was noted by the website, Europe versus Facebook, as it noted the procedure for one to request a copy of a user’s personal data on the social network. It further went ahead explaining that as per the provisions of the Britain’s 1988 Data Protection Act (DPA), the social networking giant has to send a user their personal data on a CD within 40 days of a request.
To add to Facebook’s troubles, the organization managed to get Reddit involved accidentally. This helped the organization’s efforts as Reddit users had recently overwhelmed Facebook with data requests by following a slightly altered version of the instructions. This compelled Facebook to e-mail data requested by the users. However, due to a number of requests placed for the same, Facebook had noted that it would not be be able to comply with the time frame of 40 days of the initial request.
Accordingly, Max Schrems of Europe versus Facebook (who was one of the users who had a request posted for the same) managed to receive a reply to his request. The reply, as expected was in the form of a CD-ROM storing over 800 pages. This was however, not enough to make Schrems happy, as while going through the long document, he noted that quite a few important data was missing from the same. He then contacted Facebook yet again, and the response he got from the social networking giant is as under:
Dear Mr. Schrems:
We refer to our previous correspondence and in particular your subject access request dated July 11, 2011 (the Request).
To date, we have disclosed all personal data to which you are entitled pursuant to Section 4 of the Irish Data Protection Acts 1988 and 2003 (the Acts).
Please note that certain categories of personal data are exempted from subject access requests.
Pursuant to Section 4(9) of the Acts, personal data which is impossible to furnish or which can only be furnished after disproportionate effort is exempt from the scope of a subject access request. We have not furnished personal data which cannot be extracted from our platform in the absence of is proportionate effort.
Section 4(12) of the Acts carves out an exception to subject access requests where the disclosures in response would adversely affect trade secrets or intellectual property. We have not provided any information to you which is a trade secret or intellectual property of Facebook Ireland Limited or its licensors.
Please be aware that we have complied with your subject access request, and that we are not required to comply with any future similar requests, unless, in our opinion, a reasonable period of time has elapsed.
Thanks for contacting Facebook,
Facebook User Operations Data Access Request Team
Last month, Ireland’s Data Protection Commissioner, Billy Hawkes, had an announcement to make, wherein he noted that he would conduct a privacy audit of Facebook’s activities. If his findings have a good stand, then all users outside the US and Canada could be affected, since Facebook’s international headquarters is in Dublin.