Facebook reported in 7 countries for breaking European privacy law


Facebook recently paid for full-page newspaper adverts claiming that it had a "responsibility to protect your information," adding that if it couldn't, it didn't "deserve it." It is, therefore, slightly unfortunate that just weeks later, the site has been forced to admit that it bent its own rules for the benefit of its leaders.
TechCrunch saw evidence that the company had wiped messages from Mark Zuckerberg and other high-ranking executives from recipients' inboxes. That's not a power available to the rest of us, who can't delete messages we regret sending from other people's archives.
One user in particular contacted our sister site, showing evidence of a message they received from the CEO back in 2010. But when they downloaded their Facebook archive and went looking for the same message, it had gone missing.
When presented with the evidence, Facebook told TechCrunch that it had preemptively wiped messages from several executives in 2014. In a statement, the site said: "After Sony Pictures' emails were hacked in 2014 we made a number of changes to protect our executives' communications. These included limiting the retention period for Mark's messages in Messenger. We did so in full compliance with our legal obligations to preserve messages."
Unfortunately, Facebook never disclosed that it was doing this, and it's another ding on the company's currently well-dinged reputation. The chorus of questions about Facebook's role in society has only amplified in the wake of the Cambridge Analytica scandal. With the CEO due to testify in front of congress on April 11th, and more scandals popping up by the day, it's clear that something might have to give.
According to Norwegian tech site NRKbeta, Facebook has been reported to data protection authorities for breaking European privacy law in Norway, The Netherlands, Belgium, Spain, Portugal, Italy, and Greece.
After the revelation of the Facebook Cambridge Analytica scandal, the social media giant has admitted that as many as 87 million people’s data was affected, or about 27 million more than originally reported. The company says that mostly US citizens were affected, but it’s now clear that the data collecting affected users in Europe as well
The reports to European data protection authorities, which were filed simultaneously by multiple consumer organizations, cite news coverage that Facebook didn’t adequately protect its users’ data — firstly by being careless about providing third parties access to it and secondly for not rectifying the breach when the company became aware of it back in 2015 — as a reason to investigate possible infractions in Europe.
The concerns of European consumer organizations are justifiable as it’s already been confirmed by the Norwegian news agency NTB that the data of as many as 37,550 Norwegians might have been affected by Cambridge Analytica’s thisisyourdigitallife, even though only 17 Norwegians actually downloaded the app.
TNW spoke to Bits of Freedom privacy expert David Korteweg about what would happen if Facebook was found guilty by data protection authorities. According to Korteweg, Facebook could be fined but the amount is likely too low to have a real effect (at least before GDPR‘s new four percent fines kick in) and it also varies between countries.
Data protection authorities can also force Facebook to stop or change certain practices, which could prove to be a more powerful tool. This might also turn out better for users in the long run, as the most important thing is to prevent breaches like this from happening in the future.