Facebook has begun rolling out changes to ensure GDPR compliance. The social media giant said the changes would initially affect European users but would eventually be adopted globally.
European users will see different details in the data policies, in line with GDPR requirements, but Facebook insists the “substance” of its data policy is the same for everyone.
“We want to be clear that there is nothing different about the controls and protections we offer around the world,” wrote Erin Egan, VP and Chief Privacy Officer, Policy and Ashlie Beringer, VP and Deputy General Counsel in a company blog post.
Facebook also said it wants to exceed GDPR compliance requirements. “As soon as GDPR was finalised, we realised it was an opportunity to invest even more heavily in privacy. We not only want to comply with the law, but also go beyond our obligations to build new and improved privacy experiences for everyone on Facebook,” the post said.
The GDPR enforcement date is May 25th and the European regulation also affects any organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of EU data subjects.
Speculation mounted about Facebook’s GDPR readiness after a photographer snapped a photo of Facebook CEO, Mark Zuckerberg’s congress testimony notes which reportedly read, “don’t say we already do what GDPR requires”.
What Facebook is doing
Facebook is asking users to agree to its updated terms of service and data policy, and, in line with the clear consent requirements of GDPR, users will be asked to make choices on the following:
- Ads – Users will be asked to confirm if they are happy with Facebook using data from third parties to influence the advertising they see.
- Profile information – Users will be asked if they are comfortable with Facebook using data based on any political, religious, and relationship information they have shared on Facebook.
- Facial recognition – Facebook has used facial recognition technology for more than six years, but as part of the recent update the feature will be extended to users in the EU and Canada. The feature can be disabled by all users.
- Introducing new settings and privacy tools – The new tools were released last month, but were designed with GDPR in mind, according to Facebook. New features include the ability for users to more easily see, delete, and download their data.
- Protecting young people – Advertising categories for teens will now be more limited and the default sharing option changed from public. Special provisions will be included for teens in certain European countries with even stricter regulations.