Facebook Under Fire for Privacy Violations in Spain

Image for post
Image for post

Spain is the latest European country to challenge Facebook on its compliance with national privacy laws. The Spanish data protection agency (AEDP in Spanish) issued a €1.2 million fine in early September citing three separate incidents, one ‘serious’ and two ‘moderate’. Among the alleged violations Facebook failed to disclose how it would use data collected on millions of Spanish users, as well as gathering data on non-users who visited Facebook’s pages and storing information on deleted accounts for more than 17 months.

Consent is the central issue for the AEDP in relation to both Facebook users and non-users. The agency calls Facebook’s privacy policy generic and unclear and suggests that the majority of Facebook account holders have no idea what the agreement entails. The AEDP believes Facebook should do more to educate users on how sensitive personal information, like religion or sexual orientation, can be exploited by advertisers. Facebook’s practice of using cookies to track visitors who don’t have an account is also an issue.

Other Problems in Europe

The social media giant is facing numerous investigations and fines throughout Europe. The EU issued a €110 million penalty in May of this year citing privacy violations that took place during Facebook’s takeover of WhatsApp, especially false assertions that the texting app would not be joined to the company’s vast social media network. France also fined Facebook €150 million this year, while Belgium threatened a €250 million daily penalty last year if the company didn’t stop tracking users. Germany and the Netherlands have also cited Facebook’s privacy protection policies.

Facebook Continues to Challenge National Authority

Facebook continues to challenge regulations imposed by national data protection agencies, claiming that, with its European headquarters located in Ireland, all European activity falls under the jurisdiction of the Irish Data Protection Commissioner. This defence proved successful with the Brussels Appeals Court in 2016, allowing Facebook to dodge the Belgium Privacy Commission’s fine mentioned earlier.

Facebook is also contesting the Spanish fine, claiming that personal profile information is added voluntarily and not used for advertising. In a public statement, Facebook asserted that it has ‘long complied with EU data protection law’ and highlighted that the Irish Data Protection Commissioner was its ‘lead regulator’. The company also claims to be preparing for the new GDPR which will become applicable throughout Europe in May 2018.

If anything, Facebook’s conflict with the EU’s various data protection authorities highlights the importance of the new, universal protections contained in the GDPR. Without a central policy, it’s difficult for individual agencies to enforce data protection and privacy standards and in Facebook’s defence, it’s much more challenging for a large international company to comply with laws that vary from country to country. With the new regulations in place, hopefully data regulation agencies will be able to successfully challenge privacy violations and keep their citizens’ information more secure.

If you are concerned about your privacy, or are unsure what information Facebook and other social media networks may be collecting, contact Reputation Defender. Our personal and professional privacy services will help identify vulnerabilities and keep your personal information secure.

Written by

Your search results affect how people perceive you. Learn how ReputationDefender can help protect your online reputation.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store