Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Ordered To Explain Deleted Profile (bbc.com)

Posted by BeauHD on from the friend-request dept.

An anonymous reader quotes a report from BBC: Facebook has been ordered by a UK high court judge to reveal who told it to delete the profile of a jazz musician and his band, six months after he died. The Times reports that the firm said it had acted on a request but had declined to reveal to the family who had instructed it. Mirza Krupalija's partner Azra Sabados says she is certain that it was not a family member or friend. She said losing his posts and messages felt like losing him "a second time." Mr Krupalija, who lived in Sarajevo, suffered a fatal heart attack just after his 57th birthday in 2016. Ms Sabados said she spent a year talking to Facebook before pursuing legal action.

Ms Sabados' lawyer Greg Callus from the law firm 5BR confirmed to the BBC that Facebook is now required to provide the details under what is legally known as a Norwich Pharmacal Order -- where Facebook is innocent but may have information about a third party who could be involved in wrongdoing. The firm will have 21 days to respond.

14 of 70 comments (clear)

  1. Damned if you do, damned if you don't by Entrope · · Score: 2, Interesting

    Between GDPR and this case, how is a company like Facebook supposed to know whether it should preserve or delete data?

    1. Re:Damned if you do, damned if you don't by Anonymous Coward · · Score: 4, Informative

      Can it, shill.

      Most organisation require a copy of the death certificate before taking any action.

      So, either facebook could require a copy of the death certificate, or facebook could simply do absolutely nothing, and tell the next-of-kin to simply reset the password suing the associated email account. Oh, you don't have access to the associated email account? Show the death certificate to the email provider - not facebook's problem.

    2. Re:Damned if you do, damned if you don't by DarkOx · · Score: 2

      Not in the EU and GDPR asside I think as a general mater yes you should loose are your rights at time of death. You body should be considered the property of either your next of kin or whoever you will it to.

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
    3. Re:Damned if you do, damned if you don't by Narcocide · · Score: 2

      Facebook doesn't have any idea who requested the deletion. It could have been any member of the public or their own staff. They just don't have that tight of a lock down on server access, period. That's why they're keeping silent; this would look very bad for them if people started to realize they had no control over their own staff, let alone the monster they've created.

    4. Re: Damned if you do, damned if you don't by jaa101 · · Score: 4, Informative

      Yeah but Facebook is like an emergency service for so many people. It needs to be regulated like 911 and hospitals!

      No, People need to be trained that Facebook has no obligation to host their content. And doubly none once they're dead. It's a free service; you get what you pay for. Want to publish content? Pay for hosting somewhere.

    5. Re:Damned if you do, damned if you don't by AmiMoJo · · Score: 2

      Privacy rights extend beyond death in the EU, because if people knew that they didn't it would affect them while they were alive. Also, the privacy of their families and anyone else involved has to be considered too.

      I like the EU's default privacy stance. All violations of privacy should require consent or strong justification.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. Re:zip it? by The+MAZZTer · · Score: 3, Insightful

    But... but it's THE CLOUD.

    Nothing can possibly happen to your data as long as it's in the cloud. /s

  3. Deleted... suuuure. by GrBear · · Score: 4, Insightful

    Does anyone actually believe Facebook deletes profiles? The account is likely only flagged to not show. I bet the information is still all there, ripe for matching against other profiles.

  4. Re:Who needs nuance by amiga3D · · Score: 3, Informative

    Actually, they just want to know what happened. Who requested the deletion and why. Facebook should be able to answer that. For some reason they don't want to.

  5. huh? by cascadingstylesheet · · Score: 2

    Does Facebook have some contractual obligation here? They can delete anyone's account anytime they want, can't they?

    If they are magically a public utility now, we'll have to have words with them about many, many more things than just this,

    1. Re:huh? by locofungus · · Score: 2

      Indeed they (probably) can.

      And a Norwich Pharmacal Order is an order that the court can make of an *innocent* third party to force them to disclose the identity of someone that appears to have wronged someone else so that the someone else can sue the someone.

      Usually the plaintiff has to pay the defendants costs and indemnify them (although the plaintiff can then recover those costs from the eventual target of their action)

      The original case was Norwich Pharmacal v HMCE. NP had evidence their patent was being infringed - the chemical in question was being imported - but they couldn't tell who was infringing their patent so they asked customs and excise for the information they had on the importer and manufacturer.

      Based on the news reports, it appears in this case that the person who asked for the facebook account to be deleted didn't have the right to do so. Obviously nobody can *know* that because we don't know who it is. It's also possible that facebook know that they did have the right - and this order will protect facebook who otherwise, quite properly, would refuse to release this information.

      Nobody is blaming facebook for anything at this point. It appears facebook is merely following the law of the land.

      --
      God said, "div D = rho, div B = 0, curl E = -@B/@t, curl H = J + @D/@t," and there was light.
  6. Re:Who needs nuance by Entrope · · Score: 3, Interesting

    Arbitrary disclosure of that kind of information would run afoul of the GDPR. They may need a court order to be legally allowed to release the info.

  7. Re: Who needs nuance by houghi · · Score: 3, Informative

    Even before the GDPR it would have been illegal to do so. I have told the police several times "no" when they requested info.

    --
    Don't fight for your country, if your country does not fight for you.
  8. Re:Neither of them were Facebook customers by houghi · · Score: 2

    Facebook provides a free service to people like Sabados and Krupalija while they sell advertising. She paid them nothing, I don't understand why anyone expects facebook to do anything other than what is in their own interest. Responding to this request is a huge pain for Facebook with no upside. I can see why they might not want to help. If someone dies and you have a deep connection with their facebook profile then download it and store it yourself!

    Just because yopu paid nothing does not mean you do not have any rights. So let's look at these rights (IANAL)
    The laws give or take away the rights.
    As there is no contract signed, that part of the law does not apply. A EULA can not take away any rights, just add to them. Further in Europe it is seen that the data belongs to the person, not the company holding it. The GDPR is an extention of already existing laws.

    So the data on Facebook and other websites, like YouTube belong to me. The content might also belong to me. Content is seen as an asset and thus will be owned by the content holder, me.

    When I die there are laws about who will own the assets after I die. e.g. in a bank it does not mean just because I have a shared account with my (imaginary) wife that she will get that money. This will depend on the law first and testament second.

    The same would need to go with the asset "Facebook account". To show you what should happen is comparing it with a bank account and what happens there.
    If I have a bank account and I die, the moment the bank is officially notified of my death (Normally with a death ceryificate, but other ways are possible) they will block the account. They do not close it, they just block it. This untill it is determined who the new owner of that money is. That could be my spouce, my kid(s) or my cat.

    The fact that this could result in a lot of fighting in the family is not the problem of the bank.
    It could well be that there is an undevisible amount that needs to be shared. e.g. when my last parent died, we had an uneven amount of shares that needed to be devided and we had to determine who got 1 share more than the other. Once that was clear, the issue was solved (Not really an issue, just an email) for the bank.

    If we would have started a lawsuit over that, not the banks problem.

    The same could be done here. The account goes to the person/s who is/are legally the people who have that right. It could be seen as undivisable and only one person can have access to the account.

    OTOH if there is a rule that says that only a living person can own the Facebook account, like with a bank account, then the data should be handed over and the account and all the rest needs to be deleted.

    Most of the time this could be handing over the data to a Notary who does the division of all the assets or to any other person who deals with the will.

    So yes, it might be a pain for Facebook, but just because people did not pay anything is not an issue. And downloading data does not mean you get it all, nor that you have the rights to delete it. It could be in the will of the person that it is to be deleted. Does not mean that that will happen, but that he wants that to happen.

    --
    Don't fight for your country, if your country does not fight for you.