[lg policy] Germany: Facebook's privacy policy hit a language barrier

Sat Jul 10 14:22:18 UTC 2010

[Here's a clearer version of the previous message (HS)]

Facebook's privacy policy hit a language barrier
by Caroline McCarthy

McDonald’s. Blockbuster. And now Facebook? The social network and its
controversial privacy policies are teeming with new complications as
regulators overseas increasingly start to regard them as a suspicious,
Americanizing import.

This week, data protection officials in Hamburg, Germany, sent a
menacing missive in Facebook’s direction, accusing the social network
of partaking in illegal activities by retaining data about people who
aren’t members of the site but whose contact information may have come
into its possession through members’ e-mail importer tools. Last year,
the privacy commissioner in Canada put significant pressure on
Facebook to simplify its privacy controls, citing concerns that were
pulled back into the spotlight when a Toronto law firm filed suit
against Facebook this month, for which it’s seeking class-action
status.

There will be more incidents like these. Facebook’s privacy policies,
however maligned by advocacy groups, have thus far held up decently
well in the U.S.; a coalition of senators who called attention to the
amount of data that Facebook shares with third parties quieted down
when the social network made some modifications. But more than three
quarters of Facebook’s users live outside the U.S., in countries where
laws are different, and where lawmakers are much less likely to agree
with the Facebook concept–or even the American concept–of online
privacy.

“It’s the essence of Facebook that you, as a U.S. resident, are able
to reconnect with that transfer student from Paraguay from when you
were in sixth grade,” said Paul Bond, an attorney with law firm Reed
Smith who specializes in data protection and privacy. “That global
operational reality is challenged to the breaking point by the
patchwork of privacy laws in different countries. The fact of the
matter is, while people on social-media networks want to be able to
seamlessly interact with one another, they are citizens of nations.
Those nations have their own rules with regard to data privacy
protection, and they expect them to follow those rules.”

Facebook representatives were not immediately available to answer a
question about how it currently deals with data protection regulations
in different countries.

It’s not that the Facebook juggernaut is unwelcome overseas.
Politicians, candidates, and regulators around the world
near-universally understand the power of the social network and its
connections, with fan pages a crucial part of election efforts geared
to young voters and interest groups now virtual home bases for
activism. And Facebook has even begun formal collaborations with
governments. On Friday, it announced a partnership with the office of
the British Prime Minister on “The Spending Challenge,” a project to
crowd-source solutions to the country’s budget deficit.

But that doesn’t mean they’re all willing to accept what Facebook’s
selling them with regard to how it handles user data, from how long it
retains information from deleted accounts to how much of a member’s
profile can be shared with third-party partners. The privacy
regulations of a company or a sovereignty are as much reflections of a
culture’s ethical values as they are fine-print rules. And the strict
data protection laws of many European countries, particularly Germany,
emerged out of the psychic scars of autocratic governments. This has
created complications for many a U.S. tech company: the E.U. sparred
with Microsoft, and it’s still not through with Google–particularly
its tight-lipped search algorithms and the alleged intrusions of
Google Street View . Now, with Facebook’s profile ever growing in
Europe, it’s a bigger priority for regulators.

“It is a space that is not very mature,” said Trevor Hughes, executive
director of the International Association of Privacy Professionals.
“Privacy, as an issue, all of us know it and know it to be ancient in
terms of a human interest. As a legal concept, consumer privacy is
very, very new so all of those things get thrown into a very unstable
policy environment. It makes it very challenging for companies.”

Those complications are already evident in the fact that many of the
contests, promotions, and advertising campaigns on Facebook that
leverage its web of social connections are restricted by country–as
they would be on any ad-supported Web property. The same applies to
media: The selections on Apple’s iTunes Store differ from one country
to the next based on licensing and availability. Drive across the
border from the U.S. to Canada, and you can no longer watch videos on
Hulu.

There is, however, a sensitivity inherent in regulating companies’
access to user privacy that simply isn’t there when it comes to
determining whether all the roadblocks have been removed when it comes
to legally streaming the final season of “Lost” online in Argentina.
Member-created data is the lifeblood of Facebook: It’s taken on the
role of a global tool of connection and communication, creating more
friction for both Facebook and its users if a member in Spain is using
a site governed by different policies than one in Canada. Consider
this: If a college student from Munich takes his laptop on a semester
abroad at Stanford, uploads photos to his Facebook account while
living in the U.S., and then goes back to Germany, to which country’s
privacy laws are those photos subject to?

“Facebook, and everybody else, uses all this data for marketing and
advertising purposes,” said Francoise Gilbert, an attorney with the
Bay Area-based IT Law Group, who advises multinational companies on
how to deal with how regulations differ from one country to the next.
“That’s where it complicates things. Because our information, the
public’s information, is being sold left and right and reused for
advertising purposes.”

None of this even begins to take into account the fact that Facebook
also now has to deal with countries where digital-media and privacy
regulation may involve censorship, snooping, and activities far more
nefarious than, say, requiring that third parties may only hold on to
Facebook member data for 24 hours. The Chinese government has blocked
access to Facebook on occasion. Telecommunications regulators in
Pakistan and Bangladesh temporarily cut off access to the site amid
the rise of fan pages and groups that the two predominantly Muslim
countries determined to be blasphemous. The ongoing drama between
Google and the Chinese government over whether to censor search
results would indicate that Facebook’s dealings with governments that
disapprove of content on its servers will only escalate.

This litany of current and forthcoming complications hits Facebook
where it hurts: The social network has said time and again that it
wants to keep things simple, and some of the most forceful accusations
from privacy advocates disapproving of its policies have been that
Facebook’s explanations of exactly what it’s sharing with whom are so
convoluted that the average member is left perplexed. Changing
policies in accordance with international borders could muddle things
further.

“What all of these people are asking is that it be more simple, more
understandable, so it should not be more complex,” attorney Francoise
Gilbert said. “If it’s more complex, then everybody has lost.”

 Caroline McCarthy, a CNET News staff writer, is a downtown
Manhattanite happily addicted to social-media tools and restaurant
blogs. Her pre-CNET resume includes interning at an IT security firm
and brewing cappuccinos.

http://tech-reviews.findtechnews.net/2010/07/09/facebooks-privacy-policies-hit-a-language-barrier/

**************************************
N.b.: Listing on the lgpolicy-list is merely intended as a service to
its members
and implies neither approval, confirmation nor agreement by the owner
or sponsor of the list as to the veracity of a message's contents.
Members who disagree with a message are encouraged to post a rebuttal,
and to write directly to the original sender of any offensive message.
 A copy of this may be forwarded to this list as well.  (H. Schiffman,
Moderator)

For more information about the lgpolicy-list, go to
https://groups.sas.upenn.edu/mailman/
listinfo/lgpolicy-list
*******************************************

_______________________________________________
This message came to you by way of the lgpolicy-list mailing list
lgpolicy-list at groups.sas.upenn.edu
To manage your subscription unsubscribe, or arrange digest format: https://groups.sas.upenn.edu/mailman/listinfo/lgpolicy-list