European regulators face-off with Facebook over privacy and data protection

Facebook is discovering, along with other companies, that Europe is serious about data protection and privacy rules. The massive social media corporation is being fined by France, and is under investigation in several other European countries, for how it handles individuals’ information.

At the heart of the issue is how it tracks both users and non-users, and how it uses data for advertising purposes. According to an article in the Guardian, “Facebook facing privacy actions across Europe as France fines firm €150k,” the company is being investigated in Belgium, the Netherlands, Germany and Spain. It stands to reason that additional probes could be on the way.

Facebook is arguing that the Irish data protection authority should be the superseding authority since the company’s European headquarters are located in Dublin. This defense is not likely to fly among regulators in various EU countries that are enacting stricter data and privacy protections on behalf of their citizens.

Data protection and information security is a huge issue right now in Europe and around the world. Major breaches have caused loss of trust and subsequent financial loss among large corporations. The failure to protect consumers’ data can cause serious reputational harm to any company, not to mention lead to legal liability and possible fines.

The Facebook case exemplifies another angle to the privacy issue: What happens when a company’s own policies run counter to what regulators have determined are fair and reasonable privacy protections? Essentially, investigators in France and elsewhere allege that Facebook’s practices exploit their own users’ information and violate their right to privacy.

As the Guardian article states:

From data privacy to heavy criticism over how the social network takes down objectionable and extremist content, Facebook has found itself in the centre of a EU-US storm that is likely to rage for the next few years.

The storm won’t settle down anytime soon. The fine in France is arguably just a pittance for a corporation like Facebook. But fines could increase dramatically if new legislation takes effect:

A new EU data protection law is set to enter into force in 2018 that could fine companies up to 4% of their global turnover. Countries including France also want to give domestic data regulators more teeth through increased maximum fines.

Companies of any size should pay attention, especially if they conduct business in Europe or across international borders in general. Data protection and privacy will continue to drive new debate and likely evolving rules on what is fair play, and what constitutes a violation.

There will also continue to be an intense focus on what companies are doing to protect their users’ information from security breaches. Experts at CRI Group can help any organization evaluate their current system and help implement robust protections that meet compliance standards and instill confidence among their consumers. Customers expect the highest level of protection, and companies must deliver on that promise.