Privacy at Facebook - is your data safe?

Does Facebook actually know what it's doing with your personal data? According to a document from a case against Facebook that surfaced in late 2022, the company - apparently - doesn't know. The case has been ongoing since 2018 and has revealed a lot about Facebook's inner workings and how it handles user:inside data.

Reproach to Facebook

In a letter to the European Commission, the Irish NGO ICCL (Irish Council for Civil Liberties) has expressed doubts about Facebook's ability to comply with the EU Data Protection Regulation (GDPR) and the ePrivacy Directive (ePD). The letter cites documents from a U.S. court case, which point to internal data handling at Facebook that is far from legally compliant. This raises serious concerns about the social media giant's commitment to protecting the privacy of its users.

The lawsuit revealed that there has been a "data sprawl" within the company, making it difficult for Facebook to comply with the ePrivacy Directive and the General Data Protection Regulation (GDPR). Facebook has been unable to provide basic information about its internal data systems, including what personal data is stored and why it is processed. Facebook engineers even admitted that they (may) not know exactly what happens to user:s data and that Facebook is not able to account for the personal data it processes.

On the other hand, Facebook has already started limiting the data that is shared with other companies. This is to prevent data from multiple applications from being collected and merged into a single data set.

Despite this, the case points to a lack of control and accountability at Facebook when it comes to handling users' personal data.

Data protection scandals in recent years

In recent years, Facebook has repeatedly made headlines when it comes to handling the data of its users. The fact that Facebook collects a lot of data about its users has been known since 2018 at the latest:

One of the most well-known cases is the Cambridge Analytica scandal. In 2018, it became known that the British data analytics company Cambridge Analytica collected data from up to 87 million Facebook profiles without the knowledge and consent of users in order to personalize political advertising for the 2016 US presidential campaign. This incident showed that Facebook data can not only be used for advertising purposes, but can also be exploited politically.

While Facebook has since emphasized that it has improved its privacy policy and taken stricter measures to protect its users' data, the question remains whether this is enough for long-term improvement. The allegations by the Irish Council for Civil Liberties now showed that the issue still exists four years later.

What does this mean for Facebook?

The revelations could have significant consequences for Facebook, including possible legal action by regulators and a loss of trust among users. Facebook may also face penalties or fines.

The case raises serious concerns about the security of personal data stored by Facebook and highlights the need for stricter regulation and oversight of how technology companies handle their users' data - and that includes Facebook.

The consequences for the protection of your data

So what does this mean for you and your data? Your personal data on Facebook may not be as secure as you think. Facebook may not have any internal control over what happens to your data - you should be aware of this as soon as you use the company's services.

The allegations against Facebook's data use make it clear that companies need to be more transparent and accountable when dealing with users' personal data. Facebook is currently unable to account for what personal data it processes, who uses the data, and why. All of this calls into question the security of user data. Internal attempts to disaggregate Facebook's data usage have also not yielded meaningful results to date - so it remains questionable whether or not Facebook will gain adequate control over user data.

The lawsuit shows that it is imperative that you, as a user:in, be vigilant and proactive in protecting your personal data. You should be aware that Facebook is not the only platform that collects data - other social networks and apps also collect your personal data. In any case, it is important that you read the privacy policy and decide which of your personal data you want to share and which you do not.