A global group of regulators led by Australia and the UK are asking Facebook to explain how it will protect personal information in its new cryptocurrency venture.
The regulators have “concerns” about the initiative which would see Facebook potentially adding the financial data of millions of users to its existing trove of user data, which it often fails to protect.
In June, Facebook announced Libra, a blockchain based payments system that integrates with Facebook apps or can work as a standalone payment service. The social media giant says it is creating a regulated subsidiary, called Calibra, to manage the new financial services across the Libra network.
Facebook insists it will take new measures to protect user privacy and will not share data from Libra with its social media platform outside of limited cases but details have been light. Regulators are not convinced and are asking for more information from the company before it launches Libra next year.
“To date, while Facebook and Calibra have made broad public statements about privacy, they have failed to specifically address the information handling practices that will be in place to secure and protect personal information,” said a statement cosigned by seven jurisdictions, including Australia, Canada, the UK, US, and EU.
“Additionally, given the current plans for a rapid implementation of Libra and Calibra, we are surprised and concerned that this further detail is not yet available.”
The cohort of regulators say Facebook’s presence — the company claims to have around 2.7 billion active users — has the potential to drive rapid uptake, including in countries without data protection laws.
“Once the Libra Network goes live, it may instantly become the custodian of millions of people’s personal information,” the statement said.
“This combination of vast reserves of personal information with financial information and cryptocurrency amplifies our privacy concerns about the Libra Network’s design and data sharing arrangements.”
Australian Information Commissioner and Privacy Commissioner Angelene Falk said, “This is an important step in a global regulatory movement that is holding online companies to account for how they handle personal information.
“Given the many initiatives taking place in our finance and technology sector, privacy must be a key component of any significant digital initiative such as Libra.”
The joint statement includes a full list of assurances the regulators are seeking.