Slashdot Mirror
Facebook On Collision Course With New EU Privacy Laws
An anonymous reader writes "Facebook and other U.S. internet companies are faced with a new EU data protection regime, the Christian Science Monitor reports. U.S. concepts of free expression and commerce will battle European support for privacy and state legislation. 'Companies must understand that if they want access to 500 million consumers in the EU, then they have to comply. This is not an option,' said a spokesman for the EU Justice Commissioner."
"U.S. concepts of free expression" wow!
Facebook (and other operators, such as google) need to understand that they don't have a "right" to sell any and all information they can gather. If they can't meet the rules, someone else will be happy to do so and take their users away from them. That's what competition is about.
Let's call it what it is, Anti-Social Media.
... U.S. internet companies are faced with a new EU data protection "regime" ...
newspeak ? the word "regime" should be used at EU Govts. ?
mmaaaa... EU are axis of evil "regimes", they do not let our companies do douchebaggery which is our way of life !!! they want accountability... !!! how dare they !!!
...Facebook's first priority is no longer its users' privacy (if it ever had been). Its first priority now is making money from its shareholders. From advertising space to per-click charges for using its authentication protocols and other bits of code, Facebook has other avenues of revenue than selling user data. Having close on a billion accounts live right now is a bonus for Facebook, as it shows a more or less loyal customer base for any other company that seeks a captive target.
Hence, deeply personal data you might find on FB that might find its way into some other company's database or metric for them to use to tailor their product to a target consumer, is unlikely to be uniquely identifiable - it's infinitely more likely to be statistical in nature. The single most likely candidates for individual monitoring would be those already on watch lists or those who trip warning triggers (yes, there is tech out there to monitor even "closed" or spiderproofed websites: that the police in the UK can access locked down Facebook accounts (seen it) as though the pages were Wayback mirrored is evidence enough of that).
Operation Guillotine is in effect.
The "U.S. concepts of free expression and commerce" mentioned are of the current Corporatist Government, and are not representative of "U.S." views. I would thank anyone writing about this to make that distinction.
As I have been saying for years now, if you really want to look at the demographics of the United States, you really have to consider the citizens and the Federal government separately, because the Federal government has been so completely out of touch with the wants and needs of the average citizen.
"U.S. concepts of free expression and commerce", if by that you mean the vast majority of people who live here, very much do include personal privacy. Anyone who thinks otherwise has a distorted view of what's really going on. And anyone who represents the Federal government's "views" as those of the average American citizen is likewise out of touch.
'Companies must understand that if they want access to 500 million consumers in the EU, then they have to comply. This is not an option,'
The EU legislation needs to learn the same lesson that the US legislators haven't learned yet... The internet is a flexible, resilient system that will route around damage, and attempts to censor it only end up hurting the censor's pockets and/or public image. See the Google vs. China debacle last year, for one high-profile (and perhaps high-profit) example. Alternatively, type "SOPA" or "PIPA" into your favorite search engine, and see the raging fire of the responses.
Not only do I think the EU's new privacy laws will be (by and large) ignored, but I think FaceBook will only pay attention if their users band together in ridiculously large numbers to complain... by making a FaceBook page about it.
The problem here boils down to "we make more money with this scheme than your piddly little fines can ever hope to 'punish' us", and "we're not even based in your country, so your laws mean precisely as much as we allow them to" ... besides, it's not like these sites are providing a public service, or coercing people's "private" information. If you want to play the game, you gotta give your name. Wanna play some more? Give us your cell phone number. Don't like giving away your "private" info to just any website that asks? Be more selective about the stuff you do online, and only transact with sites you trust and/or don't actually care about the information they want. Or do what many are already doing, and simply lie.
At what point did everyone forget that old axiom "Knowledge is Power"? Or does no one make the connection between money, power, and knowledge? Does no one realize that it is just as easy to use the equation "Money = Power = Information"?
On to slightly unrelated, and yet completely relevant discussion:
We're at a strange place in a legal sense - there are thousands of unenforceable laws on the books, most of them about ridiculously convoluted methods of acquiring things/money/information in an illicit fashion, and yet there are literally billions of people who care so little about these "minor details" that they have "illegal" music on their portable audio devices. Even the copyright-enforcement people have been caught "stealing" music and video from the original artists. (Yeah, I know, the source would seem to be biased, but it was the second result for a google query "copyright agency caught stealing music", and the first actually relevant one... interestingly enough, this article about the Dutch having this issue wasn't even the one I was looking for - the first case I heard about was in Canada).
At some point, the laws aren't going to be worth the paper the warrants aren't even printed on anymore. It's fairly apparent that it's all about an outmoded system's power grab, just like the ??AA's money grab with the copyright legislation. The danger here is that the system is getting so absurd that no one will pay attention to any of the laws, because the only ones with any actual threat of punishment are ones that they can't enforce, due to the sheer number of people breaking them.
As an example, when this new American health-care reform thing goes through, and everyone is "required" to carry health insurance, I'm wondering what the response will be if someone refuses... will they arrest them for being sick and going to a hospital? If so, the American taxpayer will feed them, clothe them, house them, and pay for their healthcare - as "punishment" for not paying astronomical fees for what amounts to legalized gambling (and what else can you call insurance, really?)
The only upside to being a "good citizen" any more, obe
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
Was this summary explicitly written in trollspeak to ignite yet another US vs Europe flamewar on /. ?
I never understood the objection to targeted advertising. I don't particularly enjoy sitting through adds for tampons, dating services, or political candidates. But I quite like ads for electronics, camping gear, movies, cars and things like that. So why wouldn't I want a website to know what kinds of ads interest me? Targeted ads are greatly preferable to general ads.
I'll be in favor of a "right to be forgotten" if it applies to the government and banks. Otherwise, it's not really worth it.
"It's your data" so if you want us to delete your GPS locations
crossreferenced with your search habits you will have to give
up your gmail.
All in the new simplified agreement that covers everything.
The product facebook sale (facebook user/consumer data) will NOT be sellable in europe. See even if they go around the law, and simply say they are an US company and don't need to comply, it is still a dead end for them, ebcause the company mostly interrested in the data are not US one but EU one. Do you think will a german user data will interrest, say, target/new york ? And for local german firm, buying the data from the US will not help as they would have a high risk to be to accused of having data on their own customer and get the ire of data protection law, the law can't stop people giving it away to US where it is "lost" but as soon as it comes back to EU territory game over EU law again take hold. That data would be worst than radioactive waste to handle.
Effectively, if facebook ignore those law / pretend they are an US company They will simply LOSE that EU market completely , as they will serve people but won't be able to do much with the data. This is why your "routing around the damage" won't work : that data in the very end is for local consumption. If the local (the firm buying the data) knows they can't use the data, then facebook is SOL and no matter how much routing or where they put their server.
So yes, for facebook it would be a pretty bad deal.
This law is to protect the vulnerable. Why have laws against child porn its free speech..
When the person who's whole life is on facebook grows up they will probably regret it yet by then its too late.
At least having decent privacy laws and data protection will means that its just a service they used then moved on.
And who knows what companies like google and facebook will do when good times turn to bad.
(We are a failing company but we have heaps of data - lets just sell it to a company that sells drugs or does door to door visits - who knows)
Are you listening, David Drummond, you fucking asshole?
--
Tired of the Google assholes? Swtich to DuckDuckGo today!
I think a bigger problem is that this new privacy directed is also in conflict with the Patriot Act. If I understand it correctly, the Patriot Act allows the USA government to seize any data (no matter where it is being hosted in the world) from any company that has a legal entity in the USA. The new privacy directive does not allow any government to size this data. To me it seems that any company that has a legal entity in the USA can no longer store any private (customer) data of people falling under the laws of to the EU.
We are not American you have no Constitutional right to be able to make money off us, In our house if you play by our rules then you can make money. Otherwise feel free to fuck right off.
Arrogant Americans thinking their way is the only way.
the fact that a specific website is accessible from country XYZ, does NOT mean this website must comply with the local laws of country XYZ.
This certainly is not a new discussion — there's plenty written and opined about the applicability of one country's laws (and the jurisdiction of courts) to services made available from other countries, generally under the title of "private international law" or "conflict of laws."
In terms of the law in the EU, at least as between Member States, the Court of Justice of the European Union has ruled on the issue, with regard to websites operated from one country and available in another — whether, for the purposes of EU law on applicable jurisdiction (i.e. which Member State's courts should hear the case*), a hotel's website amounted to an activity "directed" to other Member States (if you are interested in the law, it's Article 15(1)(c) of Regulation 44/2001). The case is Hotel Alpenhof, and the court held that:
The classic forms of advertising expressly referred to in the previous paragraph involve the outlay of, sometimes significant, expenditure by the trader in order to make itself known in other Member States and they demonstrate, on that very basis, an intention of the trader to direct its activity towards those States.
That intention is not, on the other hand, always present in the case of advertising by means of the internet. Since this method of communication inherently has a worldwide reach, advertising on a website by a trader is in principle accessible in all States, and, therefore, throughout the European Union, without any need to incur additional expenditure and irrespective of the intention or otherwise of the trader to target consumers outside the territory of the State in which it is established.
It does not follow, however, that the words ‘directs such activities to’ must be interpreted as relating to a website’s merely being accessible in Member States other than that in which the trader concerned is established.
It must therefore be determined, in the case of a contract between a trader and a given consumer, whether, before any contract with that consumer was concluded, there was evidence demonstrating that the trader was envisaging doing business with consumers domiciled in other Member States, including the Member State of that consumer’s domicile, in the sense that it was minded to conclude a contract with those consumers.
Such evidence does not include mention on a website of the trader’s email address or geographical address, or of its telephone number without an international code. Mention of such information does not indicate that the trader is directing its activity to one or more other Member States, since that type of information is, in any event, necessary to enable a consumer domiciled in the Member State in which the trader is established to make contact with it.
So, no, mere accessibility of a website is not enough for an EU member state to be able to seize jurisdiction — are Facebook and Google and other sites with a main entity located in another country doing more than making their sites merely accessible?
* whilst the courts of Member State A might have the power to hear the case, this is different to saying that they must apply the law of Member State A. Depending on the arguments as to applicable law, a court in one Member State may have to interpret the contract in accordance with the laws of Member State B.
Just to confirm — the case is on applicable jurisdiction, not applicable law.
Should read
The EU legislation has NOTHING to do with freedom of speech. The summary is busy trying to paint a red herring argument where there is none, just to stir up good old "Proud American" sentiment.
I do not fail; I succeed at finding out what does not work.
I don't CARE where a site is hosted. The only thing that affects is the process for issuing a copyright takedown order or legal action.
EVERY INTERNET COMPANY IS REQUIRED TO ABIDE BY THE LAWS OF IT'S CUSTOMER NATIONS.
Your option is to abide by the laws and regulations of the nations where your customers and users are, or to be blocked from those markets for non-compliance.
That applies to EVERYONE in the world, not just US companies.
I do not fail; I succeed at finding out what does not work.
Facebook is the largest and most sophisticated data mining operation that has ever existed on Earth. It's very simple actually. If you want to keep any semblance of privacy, don't surrender your personal data to them. PERIOD. You don't need Facebook. It solves no problem. It creates a lot of them, though.
The site belongs to facebook. It is hosted in the US.
Facebook International HQ is in Dublin, Ireland - which is part of the E.U. They are also currently building a massive data center in Sweden which will handle all traffic from Europe, the Middle East and Africa.
This idea of trying to regulate what people do with the devices they own is simply laughable.
Welcome to the real world, where there are regulations governing businesses, and regulations that cover many of the devices that businesses use. You may also want to educate yourself regarding some of the reasons that Europeans generally support pro-privacy and anti-data-collection laws. You may be surprised to learn that it was a trade union that rose up against the communists and fought for the first free democratic elections in eastern Europe.
Yes, but Facebook is a European company, and it does business in Europe. Either one of those would make it liable to E.U. jurisdiction.
Facebook is on collision course with any privacy laws.
Perfectly OK then, since Facebooks customers are the Advertisers.
Since no European advertiser would be willing to be Facebooks customer, since it would be illegal for him to use the private data Facebook stores about their European products, Facebook would pretty much no longer be interested in acquiring and keeping new European products. Problem solved.
Facebook could either decide to keep buying infrastructure to keep their European products in storage with no chance of ever selling it, or to stop investing in European merchandise.
This evil anti American regime must be stopped at all cost!
I was promised a flying car. Where is my flying car?
'Companies must understand that if they want access to 500 million consumers in the EU, then they have to comply. This is not an option,' said a spokesman for the EU Justice Commissioner."
The EU is essentially claiming that accessibility of a site to EU users subjects the site to EU laws. That's the same argument that the US uses to go after overseas sites that violate US law. While privacy is certainly a valid concern, the overall concept is a dangerous one. If a company doesn't have a physical prince in a location should it be subject to local laws? Should the government where it is located enforce foreign judgements?
I'm a consultant - I convert gibberish into cash-flow.
EVERY INTERNET COMPANY IS REQUIRED TO ABIDE BY THE LAWS OF IT'S CUSTOMER NATIONS.
Your option is to abide by the laws and regulations of the nations where your customers and users are, or to be blocked from those markets for non-compliance.
That applies to EVERYONE in the world, not just US companies.
That's easy to say but it has serious implications - should a site be subject to penalties because it hosts material that violates one country's laws even if the material is legal in the location the material is hosted? For example, lets suppose a company is in country A and has users in country B. What if a site publishes material, in servers located in country A, that country B viewed as damaging and was gotten through illegal means (based on country B's laws). Should the site be liable to prosecution in country B? Even if what they did was legal in country A? Your position seems to be yes - they violated B's laws and have users there so they should have followed those laws.
I'm a consultant - I convert gibberish into cash-flow.
Colonialism is dead and Europe no longer controls the world.
privacy almost always loses.
FB has European offices in Amsterdam, Brussels, Dublin, Hamburg, London, Madrid, Milan, Paris and Stockholm. According to FB, 80% of it's active users are outside USA and Canada so it's likely that there are more EU users than American users. FB also creates contracts with numerous EU based companies (and probably relies on EU nations to enforce those contracts if necessary) that want to advertise to EU consumers.
Thus, I think you're painting a bit misleading picture when you say "EU is essentially claiming that accessibility of a site to EU users subjects the site to EU laws". Given that the situation is what it is, I don't see how its operations could not fall under EU jurisdiction.
And if they don't comply? Then what? You'll create the Great Firewall of EU to keep Facebook out of your countries?
the other option is that, the EU standing pat, the rest of the civilized world passes them by. and the EU becomes like Iran, isolated by their own paranoias.
if this is supposed to be a new economy, how come they still want my old fashioned money?
Forcing Sports Illustrated to abide by the laws of Saudi Arabia just because someone there downloaded the swimsuit edition could be a problem. The biggest issue (for the internet) is WHERE your online transactions take place. You need to know that to know what laws apply.
If the EU or any government group wants to be in charge of what information can be shared, all data should be hosted by them and requests for access should have to be approved by the individual. The data will continue to be hosted by them, and if you want to prevent a system from accessing it, you should be able to make a request like "Stop Facebook from having access" then Facebook would lose access to everything about you without them doing anything at all.
Now, who wants the government to have access to everything of yours? I trust Facebook more.
However, this is the internet. If I post something about someone else, who owns it? I think I do, but some laws say the other person does.
I would have thought Slashdot would be supportive of attempts to allow people to control over their private personal data? In my opinion, people who give personal data to any organisation in order for them to provide a service should have the right to ensure that the data is not kept or sold when the person no longer requires the service. Also a person should be protected against organisations collecting data without them being aware for commercial gain. I can finally cancel my Facebook account and actually be sure that my information has been deleted. This is a Good Thing!
From TFA:
Mr. Rosen says the regulations will create a dramatic clash between the right to freedom of expression and the right to privacy, arguing that under the proposal, websites like Facebook will be obliged to not only to delete on request material that users upload, such as photos, but any shared copies of photos – and potentially even material uploaded by third parties that another user objects to.
Funny, when private persons want to prevent others from sharing their media, they call it "preventing free expression". I never heard the mainstream media call it that when corporations want to prevent others from sharing their media.
Is the right to keep your own media to yourself less important if you do it for privacy, than if you you do it for profit?
Universal ID.
Let's wait a while and see how this turns out...
> the fact that a specific website is accessible from country XYZ, does
> NOT mean this website must comply with the local laws of country XYZ.
That's what Richard O'Dwyer thought http://www.talkleft.com/story/2012/1/29/12531/3634
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
I suppose the EU has the right to block Facebook. If they dare, some people will use proxies and some will not. Oh well.
If a European travels to some other country, do they expect EU laws to apply? This is virtual travel. Europeans who dislike US law should stay home or maybe visit China.
I don't expect to carry a bible in Saudi Arabia or pro-Nazi stuff in Germany. Local laws apply, even if they are fucked up. Facebook is in the USA, so EU law does not apply.
local is USA
When you foreigners visit the USA (physically or virtually) you seem to want your own law. No. This is the USA. Facebook is in the USA. Why in Hell is this so hard to accept? Make your own facebook if you don't like the law over here.
I find it pecularlly puzzling.that TFA speak of "new EU privacy laws". No such thing is involved. No new law. Nothing new about it. Privacy laws have been around, EU wise, for about twenty years. US companies are allowed to make business online in the EU/ provided they comply to the Safe Harbor Principles. The real point is that the enforcement( of the Safe Harbor Principles has been inexistant for too long. The only change, the only newsworthy thing, is that some people managed to formulate a case for the public ministry to have a look at it. Oh, and that there's such a thing as an EU public ministry.
There's nothing like $HOME