Facebook On Collision Course With New EU Privacy Laws

An anonymous reader writes "Facebook and other U.S. internet companies are faced with a new EU data protection regime, the Christian Science Monitor reports. U.S. concepts of free expression and commerce will battle European support for privacy and state legislation. 'Companies must understand that if they want access to 500 million consumers in the EU, then they have to comply. This is not an option,' said a spokesman for the EU Justice Commissioner."

U.S. concepts of free expression

[Anonymous Coward]

"U.S. concepts of free expression" wow!

Re:U.S. concepts of free expression

[Anonymous Coward]

Not to mention the strange use of the words "regime" and "battle" and the Orwellian language of the article. But what did we expect from the Christian Science Monitor? While on the one hand winning multiple Pulitzers, and being fairly left-right neutral, it is well known for its corporate bias. The EU data protection laws won't harm freedom of expression as defined in the First Amendment, but will prevent companies from making a profit of selling private user data. Hence, the CSM wants to agitate against that, but because of its readership it cannot do so by simply stating this. The result is this article.

Re:U.S. concepts of free expression

[Malc]

Freedom of expression as defined in the First Amendment is irrelevant in Europe. It wouldn't matter if EU data protection laws violated that amendment. At the end of the day, US companies have to decide if they want access to the market in the EU area or not.

In a conflict between privacy and commerce

[midtowng]

privacy almost always loses.

Re:

[TheGratefulNet]

alternate version: when it comes to money and something, money always wins.

privacy, freedom, even product quality. money money money. long term thinking? no! that does not help me *now* (their thinking).

anything that brings in money is what our system is setup to optimize for.

I declare it to be broken by its very design.

but go and try to redesign it. they'll call you names and even attempt to silence you.

It's about time

[Barbara, not Barbie]

Facebook (and other operators, such as google) need to understand that they don't have a "right" to sell any and all information they can gather. If they can't meet the rules, someone else will be happy to do so and take their users away from them. That's what competition is about.

Re:

[Anonymous Coward]

and consumers have to understand that not everything is for free and maybe free sites should start charging for usage

Re:It's about time

[Anonymous Coward]

that may be but users should not have to dig through mountains of legaleze to understand that the service is offered to them ONLY because they agree to let complete strangers comprehensively know every last interaction they make with the service, potentially exposing to those people more about their lives than even the user knows about themselves.

It's not just counting clicks, it's building an entire psychology about each person, beyond reasonable survey-like data gathering. *THAT* little detail is what the users should be very weary of.

Re:It's about time

[slashdyke]

It is not quite that simple. If Joe uploads a photo, and tags a face as belonging to you, and then Mary uploads a photo with a face that matches and also says it belongs to you, it does not take facebook very long to know what you look like, and who you might know even though you do not have a facebook account.

Re:It's about time

[Plunky]

That's easily addressed, if the persons name you are tagging on a photo doesn't have a facebook account, you can't add that name. Simples.

Facebook have pretty effective facial recognition software, which, although the results are not enabled for general use, they presumably run photos through it anyway? If your face appears in one or more pictures or your name is mentioned, no matter if you are tagged or have an account, they can start to build a profile about you. Every time you are mentioned, or tagged, they can tie more disparate facts together..

If all this is distasteful for EU citizens, well Facebook is a US company and they can just export the data to the US and do whatever they like, right? Except now they are told that they cannot export data. Seems fair to me

Re:

[Anonymous Coward]

You forget about what were called 'shadow personalities', some FB members start babbling about a third person who himself would never join this spy base and voilá, the third person is now part of the database and at the first opportunity he's going to be exploited.

From up close I've seen this happen, my family is strongly against feeding information hoarding sites like FB and Twitter but some far off cousin decided to go on line to relieve her heart about the death of our grandmother and the illness o

Re:

[Barbara, not Barbie]

and consumers have to understand that not everything is for free and maybe free sites should start charging for usage

What does that have to do with respecting privacy laws? Oh, right ... nothing.

If Facebook can't compete while respecting local privacy laws, that's their problem. Someone else will fill the gap - not that it matters much in the long run - all the so-called "social media" will be dead within a decade or so, when technology gets to the point that everyones' devices become their own "perso

Re:It's about time

[rtb61]

Corporations will still want to build privacy invasive data bases and mine that information. Privacy laws means that not matter what type of business you, when you hold other peoples data you will have to adhere to those laws and when you are caught out you will be subject to prosecution.

Facebook has become a glaring example of privacy invasion. Facebook will also have to start thinking about it's users invading the privacy of other users and posting information that contravenes privacy laws.

Re:

[Attila Dimedici]

Facebook cannot exist without publishing private data. Facebook is about publishing private information. It is what people create Facebook accounts to do.

Re:

[Barbara, not Barbie]

Irrelevant. They collect your interactions with 3rd parties (other web sites) without your explicit consent - in fact, they collect it before you've even seen the page, so you can't even deny consent. And they do it for people who aren't even logged in - or who never registered, by a combo of browser fingerprinting and ip tracking.

This will get resolved when someone sues facebook and wins big time for invading their privacy.

Re:

[nnull]

Some reason, I don't see anyone filling the gap, and Facebook will probably just close their offices in said country, while continuing to offer services from across their borders. They'll have to block access to their site completely if they want people to stop using it. Then good luck trying to enforce these new laws.

Re:

[Barbara, not Barbie]

It's not that hard to block facebook at the country level. China's doing it. Canada threatened to do it a few years ago [readwriteweb.com] (before even the Europeans, which is what dragged Facebook, kicking and screaming, to the bargaining table in the first place).

And no, they didn't come out and say "fix this or you're going to be blocked", but rather strongly hinted "either we sit down and talk about this or it's a 15,000 fine per user per incident". Since every page access is one incident, that works out to more than

Re:

[cdrguru]

Someone else will fill the gap

And get paid for their efforts how? The key is that FaceBook gets money from selling information and virtually no other source of revenue exists for them. Advertising simply isn't lucrative enough to support more than a couple of hobbists.

No, the services will simply not be available to EU citizens, or anywhere else that blocks the sale of information.

Re:

[Barbara, not Barbie]

Go read Facebooks' S1 filing - they generate 85% of their revunue from advertising $3.2 billion in advertising revenue last year alone [fastcompany.com] - and the S1 mentions that government privacy legislation can put a significant dent into that.

Re:

[Barbara, not Barbie]

local is USA

When you foreigners visit the USA (physically or virtually) you seem to want your own law. No. This is the USA. Facebook is in the USA. Why in Hell is this so hard to accept? Make your own facebook if you don't like the law over here.

Okay - in that case, let Canadian pharmacies sell drugs over the Internet to Americans. And weed.

Let Mexican drug lords sell crack. After all, it's not like either their laws or yours can prevent it.

Facebook has 2 choices - either operate within the law of

Re:

[Mitreya]

Facebook (and other operators, such as google) need to understand that they don't have a "right" to sell any and all information they can gather. If they can't meet the rules, someone else will be happy to do so and take their users away from them. That's what competition is about.

I sense some optimism in your post. My understanding is, in US they are pretty much free to do what they want. The only thing that delays them a little are occasional outrage bursts (beacon program that got scrapped, timeline

Re:

[Barbara, not Barbie]

The entry costs are very low. And the more that the likes of facebook, twitter, and google get invasive, the more people will stop using them. I stopped using both facebook and twitter and google+ last year, specifically because of their (lack of) a decent privacy policy.

Can't say I miss any of them either.

Re:

[TheGratefulNet]

'rights' are what people, collectively, define and assign. (lets assume there is no higher power and that all our doing is our own making and design).

companies have taken what we allow them to. we are at least half to blame.

case in point: I was on a coupon/deals forum, reading some of the comments of the younger crowd on one of the freebies. some vendor was giving away 'free frenchfries' if you text them (sigh). they are collecting your info and you'll do that for, what, half a dollar's worth of fried p

Re:

[Barbara, not Barbie]

But there is hope. It's not that hard to quit using them. I stopped using twitter shortly after I signed up for it (didn't really see the point - you cannot have a real conversation in 140 characters). I stopped using facebook after not really using it very much because the UI sucked, and it was mostly people just trying to build their "networks" to either build up their self-esteem, or market some sh*te. I stopped using google+ because of the whoe privacy thing.

We *can* fight back. We have the old s

Re:

[cdrguru]

Google and FaceBook exist solely because it is legal in the US to collect this information and sell it. If it wasn't legal to begin with, the services would not exist. There is no comparable source of revenue for a "free" service - ten years ago it was clear advertising wasn't the way to make lots of money.

Now the EU wants to change the rules. It will be interesting to see what happens. My guess it that these services will simply be unavailable to anyone that lives in a country that denies the company t

Re:

[Barbara, not Barbie]

ten years ago it was clear advertising wasn't the way to make lots of money

... that ignores the fact that it's the #1 method for both google and facebook to generate revenue.

The reason that advertising has become so invasive is because it was allowed to (regulators and gov't asleep at the wheel, like usual), so the bar of invasiveness was continually raised to "stay competitive."

Re:

[geminidomino]

Considering that facebook as an entity exists only with the whim of laws, they have NO natural rights. And these laws make it clear that they don't possess those legal rights, either, at least in the EU.

regime ?

[Anonymous Coward]

... U.S. internet companies are faced with a new EU data protection "regime" ...

newspeak ? the word "regime" should be used at EU Govts. ?

mmaaaa... EU are axis of evil "regimes", they do not let our companies do douchebaggery which is our way of life !!! they want accountability... !!! how dare they !!!

Re:regime ?

[Mitreya]

newspeak ?

Nothing but newspeak!
"U.S. concepts of free expression and commerce will battle European support for privacy and state legislation."
I think what the summary is trying to say that company coming from corporation-controlled US will suddenly encounter an actual user-privacy law. There is nothing about free expression (though something about commerce) in selling user's data to everyone who is willing to buy it. Even if corporations are (apparently) people, selling their user's data is not free expression of speech.

Re:regime ?

[Muros]

I liked the bit of the article where it equated this legislation with censorship. "There is potential for radical disruption of the way users experience the Internet in the EU. This would transform Facebook and Google into censors-in-chief." The big lie here, of course, is saying that it is making censors of Google and Facebook. It is merely telling companies to allow people to censor themselves.

Re:

[Mitreya]

The big lie here, of course, is saying that it is making censors of Google and Facebook. It is merely telling companies to allow people to censor themselves.

I was going to comment the same thing, but then I realized something. They are are talking about removing other people's posts about you. I.e. someone posts a compromising picture about you and you want it removed. That, arguably, fits the definition of censorship.

Re:regime ?

[dna_(c)(tm)(r)]

European parliament is elected, the commission (government) isn't elected directly, it is appointed by the parliament. Still, we have a choice of more than two parties.

And yes, everybody is "forced" to use Facebook. Most people get tagged on photos sooner or later, even if they don't have an account. FB finds out information you might not be willing to release: birthday, phone numbers, where you live, who your friends are, what your password for your mail account is... if a friend releases that information about you, it doesn't even require an intervention, decision on your part.

Re:regime ?

[dna_(c)(tm)(r)]

Then you have shitheads for friends if they're giving out your information without your permission...

See? Now you're releasing information about my friends

Re:regime ?

[lordholm]

The main point is that the EU is planning on introducing the "right to be forgotten", that is if you terminate your Facebook account, they have to delete the data you uploaded.

The parliament is directly elected, they in turn together with the local governments elect the Commission. The Commission does intact have the same legitimacy as most parliamentary governments.

You thought wrong about what you believe the EU to be about, since the founding the purpose has been to lay a foundation for peace in Europe by slowly federating the member states.

Re:

[AmiMoJo]

The main point is that the EU is planning on introducing the "right to be forgotten", that is if you terminate your Facebook account, they have to delete the data you uploaded.

It's more than that. They won't be able to build shadow profiles on people, and presumably if you delete your account will also have to delete all the tags in photos people made with your name on and so forth. At the moment if you do some stupid survey and the results go on your friends wall, then you delete your account, the results are still there on their page. Those will have to go.

You thought wrong about what you believe the EU to be about, since the founding the purpose has been to lay a foundation for peace in Europe by slowly federating the member states.

People forget that there were serious discussions about merging the UK and France into one country in the 60s. It was only

Re:

[negRo_slim]

People forget that there were serious discussions about merging the UK and France into one country in the 60s.

That sounded interesting and I empathize with being lazy [guardian.co.uk].

Re:

[SnowZero]

The word regime has multiple meanings.
http://www.merriam-webster.com/dictionary/regime [merriam-webster.com]
http://en.wikipedia.org/wiki/Regime [wikipedia.org]
The article title clearly means "set of conditions" or "regimen" in this context.

CSM is one of very few English newspapers left with a high-school level of language. I'd prefer to keep it that way, though seeing your post get modded to +5 makes it clear why other newspapers are now written at middle school or even grade school reading levels.

It should be noted that...

[Tastecicles]

...Facebook's first priority is no longer its users' privacy (if it ever had been). Its first priority now is making money from its shareholders. From advertising space to per-click charges for using its authentication protocols and other bits of code, Facebook has other avenues of revenue than selling user data. Having close on a billion accounts live right now is a bonus for Facebook, as it shows a more or less loyal customer base for any other company that seeks a captive target.

Hence, deeply personal data you might find on FB that might find its way into some other company's database or metric for them to use to tailor their product to a target consumer, is unlikely to be uniquely identifiable - it's infinitely more likely to be statistical in nature. The single most likely candidates for individual monitoring would be those already on watch lists or those who trip warning triggers (yes, there is tech out there to monitor even "closed" or spiderproofed websites: that the police in the UK can access locked down Facebook accounts (seen it) as though the pages were Wayback mirrored is evidence enough of that).

Re:

[Tastecicles]

from its shareholders? I meant *for* its shareholders! It's 8am, that's my excuse and I'm sticking to it!

Re:It should be noted that...

[TFAFalcon]

No no, you got it right. The current owners of Facebook are trying to get as much money out of future shareholders as they can. After the IPO is over they might start thinking about making money for them, but at the moment it's all about inflating the percieved value of the company.

Re:It should be noted that...

[Barbara, not Barbie]

It's not just statistical data - all those "Like" buttons - when any page with a "Like" button is displayed, it makes a call to facebooks' servers, sending your unique id to facebook to let them know you've seen that page. So over time, facebook develops a rather complete profile of your browsing habits. And no, you don't have to be logged in for this to work.

It's stuff like this that advertisers - and anyone else with "preferential access" (police, etc.) get. Think of it - others have a more complete history of your browsing habits than you do. Facebook is the new cyber-stalker.

Re:

[Ihmhi]

Okay. I know about those (and so do many geeks).

I view Facebook as a necessary evil to my social life. I get a lot of good out of it. There's also, of course, the whole tracking schtick, and on certain sites I visit that doesn't sit entirely well with me.

What's the geek's solution to neutralizing the Like button but being able to re-enable it when desired? Adblock? Noscript? hosts/etc.?

Re:

[Barbara, not Barbie]

They still track by IP. They even do this with people who have never signed up, so that if you do, they already have a lot of info on you. And before anyone chimes in that IPs change - (1) they don't change all that often if you're on a cable modem, and (2) they can still distinguish, by broad-based user patterns and browser fingerprinting, individual users for any given IP.

The proper way to implement this is on each website - they would have to replace facebook's code with their own image of the like b

Re:

[Mitreya]

Facebook's first priority is no longer its users' privacy (if it ever had been).

[sarcasm]Yeah, Facebook started out as a shining beacon of user's privacy and gradually became corrupted by the allure of ad selling.[/sarcasm>]. The only thing that prevented them from selling data on the first day is that they probably didn't have enough of it until the user-base grew. Any why aren't there any laws in US providing some protection to the users and their data? If Europe seems to have some

Re:

[KiloByte]

Its first priority now is making money for its shareholders.

Not even that. The first priority is always top executives' pay. Stock price is merely a tool to get that. And long-term profit is not even on the radar.

Government and Corporations are not The People

[Jane Q. Public]

The "U.S. concepts of free expression and commerce" mentioned are of the current Corporatist Government, and are not representative of "U.S." views. I would thank anyone writing about this to make that distinction.

As I have been saying for years now, if you really want to look at the demographics of the United States, you really have to consider the citizens and the Federal government separately, because the Federal government has been so completely out of touch with the wants and needs of the average citizen.

"U.S. concepts of free expression and commerce", if by that you mean the vast majority of people who live here, very much do include personal privacy. Anyone who thinks otherwise has a distorted view of what's really going on. And anyone who represents the Federal government's "views" as those of the average American citizen is likewise out of touch.

Re:Government and Corporations are not The People

[Jane Q. Public]

Don'tya just love it when somebody mods you "redundant" because you are later in the sequence he read, but actually made the first such comment (as clearly shown by the timestamp)?

Sometimes, I get a real charge out of the quality of "conversation" on Slashdot. Other times, like now, I am reminded that while it might be better than average, there are still some real bozos here. (squeak, squeak)

Re:

[Ihmhi]

Which is why I and many other browse at -1 and do our best to correct stuff like this when we can.

Re:

[Jane Q. Public]

Thank you, and I do as well, when it is my turn to moderate. Seems to me, "moderate" is the operative word: not to force conformity, but to eliminate the obvious outliers.

-1 Flamebait

[peppepz]

"U.S. concepts of free expression and commerce will battle European support for privacy and state legislation."? Really?

Was this summary explicitly written in trollspeak to ignite yet another US vs Europe flamewar on /. ?

Re:

[Tastecicles]

Funny, I thought the free market economy was a Minoan concept...

Targeted advertising.

[mosb1000]

I never understood the objection to targeted advertising. I don't particularly enjoy sitting through adds for tampons, dating services, or political candidates. But I quite like ads for electronics, camping gear, movies, cars and things like that. So why wouldn't I want a website to know what kinds of ads interest me? Targeted ads are greatly preferable to general ads.

I'll be in favor of a "right to be forgotten" if it applies to the government and banks. Otherwise, it's not really worth it.

Re:Targeted advertising.

[peppepz]

Is it OK to you for any entity (government, facebook, google) to have a file about you containing:
- your name
- your phone number, and the names and phone numbers of all your contacts
- your web history
- your web search history
- your past and current email
- your gps position, its history, and the places you "starred"
- the pictures you take with your phone
- your wifi passwords
- the music you bought online
- the books you read online
- your investments portfolio
- the office documents you're working on
- everything you "liked" on the web, be it apps, music, cuisine or politics
under just the promise that they'll never be doing anything bad with that data, except "targeted advertising"?

Even their ability to sell some of that data, purged of personal identifications, is "bad" enough for me. If advertisers get to know where you work and what you like, that's enough to understand who you are in many cases.

Re:Targeted advertising.

[mosb1000]

If advertisers get to know where you work and what you like, that's enough to understand who you are in many cases.

Which is bad because then they'd be able to try to sell you stuff you might actually want, rather than a bunch of stupid crap you don't care about? I just don't see it.

As far as your list goes, I have no illusions that government legislation can protect any information I would voluntarily choose to share. Best case scenario: corporations store and trade the information secretly. So, if you have something and you want to keep it private, the only way to do that is to keep it to yourself. Anyone who tells you differently is trying to sell you something.

Re:

[peppepz]

Which is bad because then they'd be able to try to sell you stuff you might actually want, rather than a bunch of stupid crap you don't care about?

No, it's bad because an "advertiser" can be just anyone, including somebody who is interested in obtaining my personal information instead of selling me stuff, or some company who won't protect at all my personal data against misuse, for example by one of their own employees who has something against me.

So, if you have something and you want to keep it private,

Re:

[mosb1000]

If someone has a personal vendetta against you, and they use information to blackmail you or whatever, there are already laws in place you can use to sue them. Pushing for regulations to prevent private corporations from having personal infomation is misguided, as the principle collectors of this kind of information (governments and banks) will be largely immune from it and are still employing thousands of regular people. If your regulations are missing most of the potential offenders, all they really do is

Re:

[mosb1000]

It's true that you can only sue after your reputation's been destroyed. But these proposed regulations wouldn't change that.

Are they immune?

Not only are they immune, they are required to hold the information for a period of time.

Re:

[Jane Q. Public]

No. Which is bad because (as courts have found already), it allows others to infer (a) who your mistress might be, (b) your political affiliations, (c) your use (or not) of illegal but morally justifiable controlled substances, (d) when you are away from home (oooh... look! an unoccupied house just waiting to be burglarized)... and many more things. It has been CLEARLY shown, beyond reasonable doubt, that even "de-personalized" data can give people personalized information.
Also, your version of "best cas

Re:

[mosb1000]

How, in the name of Grid, could that be considered "best case scenario"?

That's be best result your silly regulations will be able to achieve. In reality, they won't achieve even that because they will include loopholes and exemptions.

Re:

[Jane Q. Public]

They aren't MY regulations. They are regulations from government that has lost touch with those whom they presume to govern.

But aside from that, your statements have become increasingly close to incoherent. Try again when you sober up.

Re:

[Splab]

I think it comes down to if people are old (and educated?) enough to remember Stasi.

I grew up in the 80s with East/West Germany next door and history lessons teaching us horrible things about what government can do with too much information.

Re:

[dna_(c)(tm)(r)]

(allcaps)

But SOMEONE ELSE can give it away in your place!

Glad I got that of my chest, hehe.

Re:

[Mitreya]

I never understood the objection to targeted advertising.

There isn't any. No one is complaining about google ads in gmail. Hulu has "ad tailor" that asks you about ad relevance. Absolutely no outrage about that (even nice to have sometimes)
I think the problem comes when my information is handed out to someone else. Beacon program posted blockbuster rental information on users accounts for others to see. And I guess the information is being made available without users consent?

Google got it sorted out

[pacc]

"It's your data" so if you want us to delete your GPS locations
crossreferenced with your search habits you will have to give
up your gmail.

All in the new simplified agreement that covers everything.

Re:Google got it sorted out

[cardpuncher]

In the old world of business, the service provider received something of direct value in exchange for the service and the customer could reasonably expect to end the contract and stop paying. In the new model, the customer has something of indirect value irreversibly taken away (privacy) there's no reasonable prospect of getting it back even if they do agree to give up the service at a later date. Privacy is like virginity - when it's gone, it's gone.

Directive in conflict with Patriot Act?

[Frans Faase]

I think a bigger problem is that this new privacy directed is also in conflict with the Patriot Act. If I understand it correctly, the Patriot Act allows the USA government to seize any data (no matter where it is being hosted in the world) from any company that has a legal entity in the USA. The new privacy directive does not allow any government to size this data. To me it seems that any company that has a legal entity in the USA can no longer store any private (customer) data of people falling under the laws of to the EU.

Corrected that for you

[msobkow]

U.S. concepts of free expression and commerce...

Should read

U.S. concepts of freedom to be monitored, tracked, analyzed, and advertised to...

The EU legislation has NOTHING to do with freedom of speech. The summary is busy trying to paint a red herring argument where there is none, just to stir up good old "Proud American" sentiment.

Re:

[the eric conspiracy]

Of course it has free speech implications. What it the EU going to do, censor web sites that don't live up to their privacy laws? How is that any different from SOPA that would censor web sites that don't adhere to certain US copyright laws?

Time to invade Europe

[dutchwhizzman]

This evil anti American regime must be stopped at all cost!

Re:

[Skapare]

Easier to just break away from Europe.

Interesting POV

[Registered Coward v2]

'Companies must understand that if they want access to 500 million consumers in the EU, then they have to comply. This is not an option,' said a spokesman for the EU Justice Commissioner."

The EU is essentially claiming that accessibility of a site to EU users subjects the site to EU laws. That's the same argument that the US uses to go after overseas sites that violate US law. While privacy is certainly a valid concern, the overall concept is a dangerous one. If a company doesn't have a physical prince in a location should it be subject to local laws? Should the government where it is located enforce foreign judgements?

Re:

[Hentes]

The difference is that Facebook has a presence in Europe. If Europe would just block Facebook instead of making them liable, that would be an invasion of free speech and the free net.

Re:

[Registered Coward v2]

The difference is that Facebook has a presence in Europe. If Europe would just block Facebook instead of making them liable, that would be an invasion of free speech and the free net.

True, but the EU apparently wants to exercise jurisdiction even if a company has no physical presence in the EU:

On Jan. 25, EU Justice Commissioner Viviane Reding unveiled a wide-ranging data protection program that aims to regulate all companies doing business online in the EU, not just those based there. The data protection laws, which will take about a year to be enacted, will be uniform across all 27 member states.

"Companies must understand that if they want access to 500 million consumers in the EU, then they have to comply. This is not an option," says Matthew Newman, spokesperson for the justice commissioner.

The EU essentially wants to exercise the same type of extra-territorial reach as the US. While people amy like the privacy implications, that stance has a far broader implication that is worrisome.

Re:

[Hentes]

The EU is not led by Viviane Reding alone. The opinion of one Justice Commissioner is not the official opinion of the Union. In fact, the "leadership" of the EU is so complex and changes so frequently that talking about what the EU wants is meaningless until something actually happens. The EU is a constant political battlefield of different groups with different interests.

Re:

[Registered Coward v2]

The EU is not led by Viviane Reding alone. The opinion of one Justice Commissioner is not the official opinion of the Union. In fact, the "leadership" of the EU is so complex and changes so frequently that talking about what the EU wants is meaningless until something actually happens. The EU is a constant political battlefield of different groups with different interests.

I realize that - it is much like the US was before we went to a strong federal system. None the less, the argument put forth is not necessarily good even if the privacy angle is.

And?

[pclminion]

And if they don't comply? Then what? You'll create the Great Firewall of EU to keep Facebook out of your countries?

the Iranization of Europe

[swschrad]

the other option is that, the EU standing pat, the rest of the civilized world passes them by. and the EU becomes like Iran, isolated by their own paranoias.

Why all the negative comments?

[Brannoncyll]

I would have thought Slashdot would be supportive of attempts to allow people to control over their private personal data? In my opinion, people who give personal data to any organisation in order for them to provide a service should have the right to ensure that the data is not kept or sold when the person no longer requires the service. Also a person should be protected against organisations collecting data without them being aware for commercial gain. I can finally cancel my Facebook account and actually

Profit more holy than privacy?

[metacell]

From TFA:

Mr. Rosen says the regulations will create a dramatic clash between the right to freedom of expression and the right to privacy, arguing that under the proposal, websites like Facebook will be obliged to not only to delete on request material that users upload, such as photos, but any shared copies of photos – and potentially even material uploaded by third parties that another user objects to.

Funny, when private persons want to prevent others from sharing their media, they call it "preventing free expression". I never heard the mainstream media call it that when corporations want to prevent others from sharing their media.

Is the right to keep your own media to yourself less important if you do it for privacy, than if you you do it for profit?

What Facebook can offer the EU?

[ardle]

Universal ID.

Let's wait a while and see how this turns out...

Re:

[ebbe11]

The problem here boils down to "we make more money with this scheme than your piddly little fines can ever hope to 'punish' us",

Piddly as in what Microsoft faced in 2006 [bbc.co.uk]? Admittedly, that situation was different but that kind of fines are not what I think of as "piddly".

and "we're not even based in your country, so your laws mean precisely as much as we allow them to"

How come Google are bending over backwards to follow chinese censoring laws? Google is based in US too and by your argument the should not have to care about those laws at all - yet they do.

... besides, it's not like these sites are providing a public service, or coercing people's "private" information. If you want to play the game, you gotta give your name. Wanna play some more? Give us your cell phone number. Don't like giving away your "private" info to just any website that asks? Be more selective about the stuff you do online, and only transact with sites you trust and/or don't actually care about the information they want. Or do what many are already doing, and simply lie.

Agreed - and that is indeed why I do not have a Facebook login.

Re:

[Jane Q. Public]

"Piddly as in what Microsoft faced in 2006? ..."

Ahem... Yes, "piddly". When Bill Gates personally, much less Microsoft, is worth over $60 BILLION, a fine of $357 Million is "piddly". The purpose of such fines it to be "punitive" and "preventative", which means that they are supposed to demonstrate that it is unproductive for companies to engage in such practices. But when the results are not high enough to be "preventative" -- as they have generally not been for many years -- they do not discourage such practices at all! Instead, they simply share the we

Re:

[dna_(c)(tm)(r)]

[...]

Agreed - and that is indeed why I do not have a Facebook login.

And still, if you have enough friends with a FB login, lots of your private information is already in FB. They're very good at this.

It is simply you which don't understand

[Anonymous Coward]

The product facebook sale (facebook user/consumer data) will NOT be sellable in europe. See even if they go around the law, and simply say they are an US company and don't need to comply, it is still a dead end for them, ebcause the company mostly interrested in the data are not US one but EU one. Do you think will a german user data will interrest, say, target/new york ? And for local german firm, buying the data from the US will not help as they would have a high risk to be to accused of having data on their own customer and get the ire of data protection law, the law can't stop people giving it away to US where it is "lost" but as soon as it comes back to EU territory game over EU law again take hold. That data would be worst than radioactive waste to handle.

Effectively, if facebook ignore those law / pretend they are an US company They will simply LOSE that EU market completely , as they will serve people but won't be able to do much with the data. This is why your "routing around the damage" won't work : that data in the very end is for local consumption. If the local (the firm buying the data) knows they can't use the data, then facebook is SOL and no matter how much routing or where they put their server.

So yes, for facebook it would be a pretty bad deal.

Re:

[Corbets]

The new regulations recently proposed by the European Commision can result in fines of up to 2% of revenues. Not profits, revenues. That's not puddly by anyone's definition.

Additionally, the EU is perfectly willing to prevent EU companies from dealing with non-EU companies who don't comply. If FaceBook doesn't have EU advertisers on their system, all EU users suddenly become a drain on FaceBook resources for no gain. Yet if they leave the market, previously 2nd-rate competitors (such as Google+) get a huge

Re:

[wosmo]

"we're not even based in your country, so your laws mean precisely as much as we allow them to"

They do have a footprint in Europe, which is why they had the Irish Data Commissioner crawling around for 3 months last year. Multinational means multi-juristictional too, something to do with having your cake and eating it.

Re:

[Jane Q. Public]

"Multinational means multi-jurisdictional too, something to do with having your cake and eating it." [spelling corrected]

Actually, that is not the case at all. In a very real sense (and completely aside from the whole "cloud computing" hype), the Internet can be considered to be an information resource that is simply "out there", for anybody who wants to to visit.

It is not "intrusive" in any way. If countries want to block it, they have both the facilities and ability to block it.

Instead, what they have done is to try to force EVERYTHING on the internet to be the "lowest common denominator", and show only content that i

Re:

[chrb]

"Multinational means multi-jurisdictional too, something to do with having your cake and eating it." [spelling corrected]

Actually, that is not the case at all.

A multinational corporation - by definition - operates in multiple nations, and hence under multiple legal jurisdictions.

Re:

[Jane Q. Public]

"A multinational corporation - by definition - operates in multiple nations, and hence under multiple legal jurisdictions."

Yes, but my point was that there is nothing FORCING anybody to be multi-national or multi-jurisdictional. One of my own websites, for example, resides on a server in a particular country, and it's nobody else's f**ing business. It is available for anyone in any country to view, and if they don't want to look, they don't have to. They do not have any right to tell me what to say or do, or the companies that host my site, or my ISP, etc.

Censorship, if it exists at all, is PURELY jurisdictional, whereas the

Re:

[chrb]

"we make more money with this scheme than your piddly little fines can ever hope to 'punish' us", and "we're not even based in your country, so your laws mean precisely as much as we allow them to"

1. They have the power to fine by an unlimited amount, and the power to increase the original fine over time if the company in question does not become compliant. No corporation has carried out your proposed strategy of just paying the fines - even Microsoft - because it would be stupid.

2. Facebook International is based in Dublin, Ireland, which is part of the E.U..

Re:

[Hognoxious]

Hey Zuckerberg, you sure talk a good fight.

Re:

[Neil_Brown]

the fact that a specific website is accessible from country XYZ, does NOT mean this website must comply with the local laws of country XYZ.

This certainly is not a new discussion — there's plenty written and opined about the applicability of one country's laws (and the jurisdiction of courts) to services made available from other countries, generally under the title of "private international law" or "conflict of laws."

In terms of the law in the EU, at least as between Member States, the Court of

Re:

[Neil_Brown]

Just to confirm — the case is on applicable jurisdiction, not applicable law.

Re:The EU Justice Commissioner must understand...

[chrb]

Yes, but Facebook is a European company, and it does business in Europe. Either one of those would make it liable to E.U. jurisdiction.

Re:

[msobkow]

I don't CARE where a site is hosted. The only thing that affects is the process for issuing a copyright takedown order or legal action.

EVERY INTERNET COMPANY IS REQUIRED TO ABIDE BY THE LAWS OF IT'S CUSTOMER NATIONS.

Your option is to abide by the laws and regulations of the nations where your customers and users are, or to be blocked from those markets for non-compliance.

That applies to EVERYONE in the world, not just US companies.

Re:

[aix tom]

Perfectly OK then, since Facebooks customers are the Advertisers.

Since no European advertiser would be willing to be Facebooks customer, since it would be illegal for him to use the private data Facebook stores about their European products, Facebook would pretty much no longer be interested in acquiring and keeping new European products. Problem solved.

Facebook could either decide to keep buying infrastructure to keep their European products in storage with no chance of ever selling it, or to stop investin

Re:

[Registered Coward v2]

EVERY INTERNET COMPANY IS REQUIRED TO ABIDE BY THE LAWS OF IT'S CUSTOMER NATIONS.

Your option is to abide by the laws and regulations of the nations where your customers and users are, or to be blocked from those markets for non-compliance.

That applies to EVERYONE in the world, not just US companies.

That's easy to say but it has serious implications - should a site be subject to penalties because it hosts material that violates one country's laws even if the material is legal in the location the material is hosted? For example, lets suppose a company is in country A and has users in country B. What if a site publishes material, in servers located in country A, that country B viewed as damaging and was gotten through illegal means (based on country B's laws). Should the site be liable to prosecution in

Re:

[currently_awake]

Forcing Sports Illustrated to abide by the laws of Saudi Arabia just because someone there downloaded the swimsuit edition could be a problem. The biggest issue (for the internet) is WHERE your online transactions take place. You need to know that to know what laws apply.

Re:The site belongs to facebook.

[chrb]

The site belongs to facebook. It is hosted in the US.

Facebook International HQ is in Dublin, Ireland - which is part of the E.U. They are also currently building a massive data center in Sweden [guardian.co.uk] which will handle all traffic from Europe, the Middle East and Africa.

This idea of trying to regulate what people do with the devices they own is simply laughable.

Welcome to the real world, where there are regulations governing businesses, and regulations that cover many of the devices that businesses use. You may also want to educate yourself regarding some of the reasons that Europeans generally support pro-privacy and anti-data-collection laws. [wikipedia.org] You may be surprised to learn that it was a trade union [wikipedia.org] that rose up against the communists and fought for the first free democratic elections in eastern Europe.

Re:

[Skapare]

Personal responsibility. Corporate responsibility. It takes a lack of both for privacy to be violated. And it sure seems that between Facebook users and Facebook, there is a lack of both. But either users or the company can fix it. That's why you don't see me on Facebook (well, at least not under my own name).