In recent weeks, Facebook has unveiled a raft of privacy changes before the new General Data Protection Regulation (GDPR) takes effect on 25 May 2018.
As most businesses and individuals will already be aware, the EU’s new flagship data protection legislation will apply all across Europe – including in the UK.
However, Facebook has gone one step further than this, by announcing that its systems and processes will apply the GDPR globally, “no matter where users live.”
On 19 April 2018, Facebook revised its terms and data policy to clarify its stance on the GDPR and what it intends to do in order to comply with the much higher standard of consent required for using certain types of data under the new rules.
It said that new options would enable users to choose:
- Whether or not Facebook can use data from partners to show them ads.
- Whether they wish to continue to share political, religious and relationship information about themselves with the social network.
- Whether users wish to ‘turn on’ face recognition technology.
The final point is a particularly interesting one, as the social network appears to have used the GDPR as an opportunity to roll-out this service in the UK for the first time.
Facebook users far and wide have been using the platform’s ‘face-scanning’ software – which can help to crack down on ‘impersonators’ by cross-referencing a user’s photos with those found elsewhere on the site – for as long as six years, but for European users, this service is entirely new.
In a recent blog post, the social media site reminded users that they would need to manually go into their settings in order to update their data-sharing preferences.
“As always, including this information on your profile is completely optional. We’re making it easier for people to delete it if they no longer want to share it,” Erin Egan, Facebook’s Chief Privacy Officer said.
Meanwhile, businesses who use Facebook for advertising purposes were advised that they can continue to do so largely in the same way they do today.
“Each company is responsible for ensuring their own compliance with the GDPR, just as they are responsible for compliance with the laws that apply to them today,” Facebook said.