Businesses that interact with customers in real time by using data collected via online channels should pay attention to the issues tech giants such as Facebook are currently encountering.
The UK data regulator has begun investigating whether Facebook had broken data protection and privacy laws when it conducted a psychological emotion study on unwitting users.
The experiment consisted in manipulating the content of users’ news feeds, the result being that users which had viewed more negative posts in their news feeds tended to post more negative statuses, and vice versa.
Facebook’s size and public profile draw considerable attention to its every move regarding the treatment of people’s information. That does not mean it is the only organisation that will attract the attention of regulators over data protection and privacy issues though.
All businesses acting as data controllers should keep abreast of their obligations and any new legal developments that occur.
How are Facebook’s Activities being Investigated?
The Information Commissioner’s Office, which enforces data protection law in the UK, announced its intention to probe both Facebook and the experiment it carried out.
The regulator made clear that it was too early to state exactly which legal lines Facebook may have crossed. Nevertheless, the remit of the ICO involves assessing the uses to which personal data is put, and whether users have in turn given their consent for those uses.
The regulator has the power to levy fines of up to £500,000, as well as an ability to force organisations to change their policies.
Facebook’s Other Privacy Troubles
As the world’s largest social network company, Facebook has been forced to face a number of data protection and privacy issues. Recently, Max Schrems, an Austrian data privacy campaigner, has managed to sign over 25,000 people up to what effectively amounts to a class-action lawsuit against Facebook.
Max Schrems alleges that Facebook broke EU privacy laws in three different ways: first, via Graph Search, a facility allowing users to discover information about other user’s activities; second, through the regular tracking of external website user activity, in the form of monitoring Like buttons embedded in third-party websites; and third in the form of the big data analysis which Facebook conducts to better understand the many interactions users have with the website.
A Climate of Increasing Privacy Concerns and Data Protection
Facebook is facing data privacy claims in a climate of increasingly rigorous enforcement of data protection law in the EU. Following the recent European Court of Justice ruling over the ‘right to be forgotten’ another tech giant – Google – has had no choice but to takedown certain search results when validly requested by individuals.
Increasing political attention being given to data protection and privacy law in Brussels, means that these issues may affect Facebook’s entire European operations, despite the psychological experiment only taking place on English-speaking users. As Facebook maintains its European headquarters in Dublin, the notion of EU-wide or multi-state action against Facebook is now possible.
Data controllers should stay tuned for further developments. For specialist advice in relation to data protection or privacy issues that affect you or your business contact Peter Gourri today by email PGourri@rollingsons.co.uk or telephone 0207 611 4848.