ICO in Temporary Facebook Privacy Win

ICO in Temporary Facebook Privacy Win

Facebook has temporarily suspended plans to use UK WhatsApp user data for ads and ‘product improvements’ after new information commissioner Elizabeth Denham stepped in.

In an update on Monday, she claimed that Facebook failed to allay fears the ICO had that consumers weren’t being properly protected after new plans were announced to share more data between the messaging service and its social network parent company.

She claimed:

“I don’t think users have been given enough information about what Facebook plans to do with their information, and I don’t think WhatsApp has got valid consent from users to share the information. I also believe users should be given ongoing control over how their information is used, not just a 30 day window.”

Although Facebook has paused using UK WhatsApp user data for “advertisements or product improvement purposes” it has not yet signed an undertaking from the ICO “committing to better explaining to customers [on] how their data will be used, and to giving users ongoing control over that information,” she added.

Denham warned that if Facebook begins using data without valid consent it could face enforcement action.

In the meantime, she pledged to keep pushing the issue, in concert with other data protection authorities in Europe – especially in Ireland where Facebook’s EU head office is.

“It’s a particular concern when company mergers mean that vast amounts of customers’ personal data become an asset to be bought and sold,” concluded Denham. “We’re seeing situations where companies are being bought primarily for this data, and when it is combined with information the purchasing company already holds, there’s a danger that consumers will have little control as datasets are matched and intrusive details revealed.”

Denham has only been in the role for a few months but is already beginning to make her mark.

One of her first pieces of business was to slap a £400,000 fine on TalkTalk for security failings that led to a data breach at the ISP last year.

Source: Information Security Magazine