Did Facebook’s apology tour win you over? Did Zuckerberg’s performance in front of Congress convince you the company is ready to make good, its half-assed changes to its privacy tools demonstrate that you, the user, have control over your data?
Welp, the company just made a big announcement to undermine all that.
Facebook is required to give European users more control over their data to comply with a new law that will go into effect in May. Since it has to make changes anyway, Facebook wouldn’t be going too far out of its way to give users worldwide the same privileges. It has opted not to do so. And to make sure data from users from outside of the U.S., Canada, and Europe is out of the hands of European lawmakers, Facebook has now decided to move the data of more than 1.5 billion users from Ireland to California.
A little background: the European Union’s General Data Protection Regulation (GDPR) act going into effect in May is perhaps the most comprehensive policy change to online privacy laws so far. Among many other points, the GDPR act ensures the online user’s rights to “be forgotten,” have their data fully destroyed (and not just deactivated), and be notified immediately of any data breaches, a point of contention between users and companies in recent years.
But not everyone is thrilled — the law has sent Silicon Valley scrambling to comply with the new rules, or face stiff fines of up to 4 percent of a company’s annual global income — about $1.6 billion for Facebook (just how often those fines would be collected isn’t clear).
Facebook’s doing everything it needs to not get fined. But it wants to maintain as much control over user data as it’s legally allowed — it wants its cake, and to eat it, too.
While Facebook’s EU users will enjoy the privacy protections their legislators have demanded, those outside the Western world will be stuck with far inferior, and more lenient, U.S. privacy laws.