April 09, 2018
GDPR goes into effect on May 25 in the EU block, enacting high levels of data protection for European citizens in the face of corporate tech giants like Facebook and Google. Most notably, the legislation gives user control over personal data, including the right to be forgotten.
In his mea culpa press tour, Mark Zuckerberg has been slow to promise GDPR protections globally (“in spirit”), but with the Cambridge Analytica data breach number now sitting at 87 million, Zuckerberg has come out to say that yes, Facebook will implement similar policies worldwide.
He even went as far as to publicly refute the Reuters story that originally reported Facebook wouldn’t bring GDPR safeguards to the social media platform.
“Overall, I think regulations like this are very positive,” said Zuckerberg. “We intend to make all the same controls available everywhere, not just in Europe.”
One thing Zuckerberg did say was that the format wouldn’t likely be the same as the format for GDPR.
“Is it going to be exactly the same format? Probably not,” he said in a conference call to reporters. “We’ll need to figure out what makes sense in different markets with different laws in different places. But let me repeat this, we’re going to make all the same controls and settings available everywhere, not just in Europe.”
But what would that look like for Facebook users? While that picture, per Zuckerberg, is a bit murky, but at the very minimum, implementing a quasi-GDPR would call for the minimization of user data. That is, GDPR (in chapter II and IV) mandates that companies collect and store a minimal amount of data for specific, and stated services. Break it down: Third-party apps like Tinder can ask for access to user photos but not access to contacts.
Another key tenant of GDPR that might make its way into the new Facebook policy is the right to consent. This means clear and plain language to address how they may or will use the personal user data in question, and who they may or will share that data with.
This commitment to GDPR worldwide comes on the heels of mountain FTC pressure on Facebook.
Rob Sherman, Facebook’s deputy chief privacy offer, said in a statement, “We remain strongly committed to protecting people’s information.”