Like every rose has a thorn, every social networking site has a privacy issue. Facebook, being a social networking giant leads from the front in this case too. It has been bullied by almost every country’s privacy department, wherever Facebook exists. For the same, privacy audit was even a part of the proceedings.
The Ireland’s Data Protection Commissioner has completed his three-month privacy audit of Facebook’s activities. But it seems there is still the slightest of scope available for improvement for the social networking giant. The same would even affect a number of users as Facebook’s international headquarters is in Dublin.
An announcement came from Facebook that the office of Billy Hawkes, the Irish Data Protection Commissioner (DPC), is done with Facebook’s privacy audit, related to the company’s practices and policies. The report noted a conclusion that the said social networking site adheres to European data protection principles and complies with Irish law. However, Facebook knows that a few changes can still be made and for the same reason, the company has promised that as per the privacy audit, they would take the recommendations into consideration and would make the possible changes. If not, it would still consider the recommendations. Add to it, the areas, wherein the social networking giant’s practices already comply with legal requirements.
That is an interesting statement to note. Facebook has even agreed on moving ahead to have a more formal follow-up review in July 2012. This is because Facebook is showing off its most considerable side and is already the favorite of everyone. May it be for the supporters or critics.
Talking about the July 2012 review, Facebook is aiming for three key commitments:
-
Offer additional notifications to European users about Facebook’s photo Tag Suggest feature so that they can decide whether or not to use this feature to help people tag them in photos.
-
Change a number of its policies related to retention and deletion of data including how data is logged when people access websites with social plugins to minimize the amount of information collected about people who are not logged in to Facebook.
-
Work with the DPC to improve the information that people using Facebook are given about how to control their information both on Facebook and when using Facebook apps.
Facebook spokesperson said in a statement, “We believe this is the best way for users 
and policymakers around the world to understand how thoroughly the DPC performed its examination and how closely we will be working together in the future.” He added, “The DPC recognized that Facebook’s success rests in part from our constant evolution and innovation. We appreciate that the DPC acknowledges that the pace at which we offer new products and features requires continual dialogue with regulators to ensure that adequate protections are in place.”
Facebook might have got the benefit of doubt even because of its strengths and best practices, which the company lists from the report as below:
-
Security Protection: The DPC commended Facebook on its ongoing focus on the protection and security of user data. It acknowledged that Facebook makes “innovative use of cookies to identify unusual or suspicious activity” on an account.
-
Importance of Real Name Authenticity: The DPC recognized that Facebook’s real name policy is a valid and justified reason for refusing to allow pseudonyms on its service. It recognized that this policy has substantial benefits in protecting the people who use Facebook.
-
No Profiling based on “Tracking”: The DPC conducted a thorough analysis of Facebook’s use of social plug-ins and determined that no information collected is associated with users or non-users or is used in any way to build a profile of the user or non-user. The DPC confirmed: “…while certain data which could be used to build what we have seen termed as a ’shadow profile’ of a non-user was received by Facebook, no actual use of this nature was made of such data” and “neither is there any profile formed of non-users which could be attributed to a person on becoming a user.” The DPC also stated that Facebook is now taking active steps to delete any such information very quickly after it is received.
-
User control: The DPC recognized the effectiveness of Facebook’s existing efforts to respond to subject access requests made by people using its service. Facebook agreed with the DPC on a process for offering more comprehensive access through the Download Your Info tool, Timeline. and Activity Log. The report also found that Facebook already offers people effective controls to delete their personal data and proposes several enhancements.