Facebook on collision course with new EU privacy laws
Proposed EU laws on Internet privacy will target a critical money-maker for Internet companies such as Facebook: their wealth of personal data on users.
With its initial public offering this week, Facebook is roaring ahead. However, new European Union privacy regulations are taking aim at Internet companies' ability to profit through control of personal information – the key to their tremendous online advertising profits.Skip to next paragraph
Subscribe Today to the Monitor
Now in its eighth year, social networking website Facebook is set to become the hottest ticker on Wall Street – and it's not hard to see why. With 800 million users worldwide and $3.71 billion in sales in 2011, the company's IPO is expected to raise between $50 billion and $100 billion on the open market.
But with a business model built on leveraging user data to sell targeted advertising, Facebook, Google, and other Internet companies are on a collision course with EU demands that its citizens' right to privacy be respected. The EU regulations pit two Internet philosophies against each other: 1) that more regulation is needed in order to protect unwitting users, 2) that more regulation will encourage overactive censorship.
Giving users more control
On Jan. 25, EU Justice Commissioner Viviane Reding unveiled a wide-ranging data protection program that aims to regulate all companies doing business online in the EU, not just those based there. The data protection laws, which will take about a year to be enacted, will be uniform across all 27 member states.
"Companies must understand that if they want access to 500 million consumers in the EU, then they have to comply. This is not an option," says Matthew Newman, spokesperson for the justice commissioner.
The proposal prescribes fines of up to €1 million ($1.3 million) or 2 percent of annual revenue, includes a "right to be forgotten" that allows users to permanently delete their data, and allows users easier access to their data and easier migration of it to other services. Additionally, companies wishing to do business in the EU will need a representative based there.
"The principle behind [the right to be forgotten] is quite simple: it's your data, you're in control of it and you get to decided what is done with it," says Mr. Newman.
Mr. Rosen says the regulations will create a dramatic clash between the right to freedom of expression and the right to privacy, arguing that under the proposal, websites like Facebook will be obliged to not only to delete on request material that users upload, such as photos, but any shared copies of photos – and potentially even material uploaded by third parties that another user objects to.