Facebook received its report card in the form of a detailed three-month audit by the Office of the Irish Data Protection Commissioner, and the social network’s grades were good enough to bring home.
Richard Allan, director of public policy for Facebook Europe, Middle East, and Asia, detailed the DPC findings in a note on the Facebook public policy Europe page.
Among the key findings by the DPC, as outlined by Allan:
- Facebook’s real-name policy was seen as having “substantial benefits in protecting the people who use Facebook,” and the DPC said the social network had “valid and justified” reasons for prohibiting pseudonyms.
- After analyzing Facebook’s use of social plug-ins, the DPC found that information collected was not being associated with users or non-users, nor were profiles of users or non-users built, and the agency added that the social network was taking steps to delete this information quickly.
- Facebook and the DPC agreed on a process for more comprehensive access through the download your info tool, timeline, and activity log. The agency also found that the social network’s controls for users to delete their personal data were effective, proposing a few tweaks.
- The DPC felt that Facebook’s tag suggest tool, which allows for quick tagging of several images, “could have been done in a more transparent fashion,” but did not run afoul of Irish data-protection law, adding that the ability for users to delete their facial profiles by disabling tag suggestions was a factor.
- On advertising, the DPC said, “The targeting of advertisements based on interests disclosed by users in the profile information they provide on Facebook is legitimate.”
- The agency was satisfied with the social network’s controls for protecting user information from third-party developers offering Facebook applications, verifying that it was not possible for apps to repeatedly access those data.
- The DPC also approved of changes Facebook implemented to its friend finder feature, with Allan saying, “We provide clear notice about how the email address will be used and notify all non-users who get the email how they can opt-out or unsubscribe.”
We work on a daily basis with regulators around the world, and we appreciate the investment of time and effort by the DPC and its leadership to improve the experience of Facebook users. In particular, we would like to thank Commissioner Billy Hawkes and Deputy Commissioner Gary Davis and their team. As a result of their work, we are better able to give people the ability to connect and share and make the world more open. We have benefited from the open, honest, and cooperative relationship and look forward to continue working together.