European privacy battle looms for Facebook, Google

Mar 24, 2010 By FRANK JORDANS , Associated Press Writer
The Google logo is seen at the Google headquarters in Brussels, Tuesday March 23, 2010. European regulators are investigating whether the common practice on Facebook, Google and other sites to post photos and information on individuals without their consent is a breach of privacy laws. (AP Photo/Virginia Mayo)

(AP) -- You have been tagged in 12 photos. Even if you're not signed up to the Web site. European regulators are investigating whether the practice of posting photos, videos and other information about people on sites such as Facebook without their consent is a breach of privacy laws.

The Swiss and German probes go to the heart of a debate that has gained momentum in Europe amid high-profile cases: To what extent are platforms responsible for the content their members upload?

The actions set the stage for a fresh battle between American Web giants and European authorities a month after an Italian court held three Google executives criminally responsible for a user-posted video.

Any changes resulting from the investigation could drastically alter the way Facebook, Google's YouTube and others operate, shifting the responsibility for ensuring personal privacy from users to the company.

Swiss and German data protection commissioners are demanding that Facebook explain its practice of allowing users to upload e-mail addresses, photographs and other personal details about people who haven't signed up to the site.

"The way it's organized at the moment, they simply allow anyone who wants to use this service to say they have the consent of their friends or acquaintances," Swiss commissioner Hanspeter Thuer told The Associated Press.

To conform with Switzerland's strict privacy law, Facebook could be required to contact people whose information has been posted online and ask them whether they agree to its being stored there, he said.

Thilo Weichert, data protection commissioner in the northern German state of Schleswig Holstein, said in a telephone interview that Facebook's assertion that it gets necessary consent for the posting of personal information is "total nonsense."

"We've written to Facebook and told them they're not abiding by the law in Europe," he said.

The probes by the German and Swiss privacy watchdogs are still preliminary and would not have immediate consequences elsewhere. However, Weichert said the issue is being discussed with other data protection officials in the 27-nation European Union, which in 2000 declared privacy a fundamental right that companies and governments must respect.

The European stance differs strongly from the self-regulatory, free market approach favored in the United States, where Web companies have flourished by offering users free services if they provide personal information to help advertising target them better, according to Columbia University law professor Eben Moglen.

"If the European regulators get serious, it will create a significant conflict," said Moglen, who has been examining online privacy issues since the early days of the Web.

Richard Allan, director of policy for Facebook Europe, said some of the functions being scrutinized - such as those allowing users to upload their friends' e-mail addresses to find them online - were common across the industry. The company has recently added a tool for nonusers to have their data removed, he said.

"As a global company what we're trying to do is to make sure that our systems meet the requirements of all the jurisdictions in which we operate," Allan said.

According to Joe McNamee of the Brussels-based advocacy group European Digital Rights, one of the most common complaints about Facebook is its habit of getting users to 'invite' their e-mail contacts to become members too.

"The receiver didn't want the messages, and the sender didn't realize they were going out," said McNamee. "You would have to search long and hard for someone who would see consent in there."

European Union privacy watchdogs showed their appetite for going after Google last month, when the 27-nation bloc told the search giant to warn people before it sends cameras into cities to take pictures for its Street View maps.

Google's data privacy chief Peter Fleischer said he is also "still reeling" from the Italian court decision that sentenced him and two other senior officials to six-month suspended sentences for violating an autistic teenager's right to privacy by allowing a video of him being bullied to be posted on the Net.

Vetting all user-generated content would be costly because of the vast amount of data involved, said Fleischer. It could also come close to censorship, because companies would be forced to draw the line between legitimate free speech and invasion of privacy, he said. Blogger, and other Google products have long been used by activists from Iceland to Iran to document government and corporate abuses.

But Fleischer acknowledged that users themselves should be more thoughtful about what they post, especially if it involves private material about others.

"Both as a matter of common sense and as a matter of common courtesy, users should not upload photos or videos of other people unless those other people consented," he said.

Privacy concerns prompted the Mountain View, California-based company last year to hold off including face recognition when it launched Google Goggles, a tool to identify and provide information about objects inside pictures. Another company, Face.com, has gone ahead with its own face-recognition tool, though CEO Gil Hirsch says there are built-in restrictions to ensure privacy.

While Facebook and say they are committed to working with European regulators, privacy campaigners say the companies move only as fast as absolutely necessary. Earlier this year agreed to raise the minimum age for users in Spain from 13 to 14, to conform with the country's privacy laws. It has no such age requirement for information users posts about others.

Moglen, of Columbia University, said even if European regulators rallied together they would find it difficult to force their rules upon U.S. companies, given the close relationship between Silicon Valley and the administration of President Barack Obama.

"If the Europeans want that fight, then surely the American government wants the other side."

Explore further: Ebola.com domain sold for big payout

5 /5 (4 votes)
add to favorites email to friend print save as pdf

Related Stories

Watchdog: Facebook violates Canadian privacy law

Jul 16, 2009

(AP) -- Canada's privacy commissioner says the online social networking site Facebook breaches Canadian law by keeping users personal information indefinitely after members close their accounts.

Google warned by EU over Street View map photos

Feb 25, 2010

(AP) -- European Union data privacy regulators are telling Google Inc. to warn people before it sends cameras out into cities to take pictures for its Street View maps, adding to the company's legal worries ...

Recommended for you

Ebola.com domain sold for big payout

21 hours ago

The owners of the website Ebola.com have scored a big payday with the outbreak of the epidemic, selling the domain for more than $200,000 in cash and stock.

Facebook goes retro with 'Rooms' chat app

Oct 23, 2014

Facebook on Thursday released an application that lets people create virtual "rooms" to chat about whatever they wish using any name they would like.

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

CreepyD
5 / 5 (1) Mar 24, 2010
Shouldn't it be 'person x has tagged you in 12 photos, please click here to confirm this action'.
Then you click and review them, allowing or denying each one.
Common sense really.
frajo
5 / 5 (1) Mar 24, 2010
Shouldn't it be 'person x has tagged you in 12 photos, please click here to confirm this action'.
Then you click and review them, allowing or denying each one.
Common sense really.
As I'm not intending ever to use Facebook et al. how would I know if someone posts my photo there?
Hunnter
not rated yet Mar 24, 2010
Shouldn't it be 'person x has tagged you in 12 photos, please click here to confirm this action'.
Then you click and review them, allowing or denying each one.
Common sense really.
As I'm not intending ever to use Facebook et al. how would I know if someone posts my photo there?

This so many times.

If they want to play this stupid game, then how about CCTV, satellite cameras, plane-attached cameras, TV crews, and so on?
They damn well better be in the same grouping as Facebook and Google.
Both of them are still digital data, less than 5% of examples use analog these days, unless it is photography. (who also still count)

Biggest pile of bull&%$! i've seen in a long time.
I totally never realized that a persons image was private property.
If it is, then "i have some suing to do", i never gave countless people my written, or even verbal consent to take my picture.
I'd like to see them actually enforce this crap.