AN AUSTRIAN law student plans to complain to the European Commission that the Irish Data Protection Commissioner has failed to bring Facebook in line with EU privacy and data protection legislation.
Max Schrems said yesterday he was also considering a case in the Irish courts regarding the data collection policies of the social network, which has its international headquarters in Dublin.
“It’s been a year since I asked to see the data Facebook held on me and I still haven’t seen it all,” said Mr Schrems. “I’d prefer not to take legal action but I will, otherwise the lesson of the story is that big companies can do what they want.” Last year Mr Schrems and two friends asked Facebook for all data it stored on them drawn from their user accounts.
Facebook replied with dossiers of up to 1,222 pages. Mr Schrems ascertained from this data that Facebook maintains a permanent database on all users.
Last year he complained to the Data Protection Commissioner that Facebook’s terms of use and privacy policies were “unclear, vague and contradictory” .
Each EU member state is responsible for policing the adherence of companies located in their national territory to European data protection and privacy legislation.
After a company audit, the commissioner’s office last December issued a report and to-do list to make Facebook compliant before a second audit in July.
Facebook undertook to “work towards simpler explanations of its privacy policies” by the end of the first quarter of 2012.
Gary Davis, deputy data commissioner, agreed yesterday that there had been “slippage” in the March 31st deadline but he expected further progress before the end of April.“They’re very engaged, I’m seeing a lot of effort and response,” he said.
Last night Facebook said in a statement that it was “investing a huge amount of effort” to meet the commissioner’s audit demands.