Facebook Ireland complying with Data Protection Commissioner on recommendations – report

21 May 2013

Facebook Ireland has been implementing recommendations from Ireland’s Office of the Data Protection Commissioner to its satisfaction, the agency’s follow-up review of an audit of the social network’s international headquarters in Dublin has found.

Details of the follow-up review have been published in the Office of the Data Protection Commissioner’s annual report for 2012.  

The agency began a major audit of Facebook Ireland in 2011 after lobby group Europe Versus Facebook lodged 22 complaints. After the audit, Facebook Ireland agreed to a range of “best practice” improvements with a formal review to take place in July 2012.

The review found Facebook Ireland had implemented most of the agency’s recommendations to its satisfaction, particularly in the following areas:

  • The provision of better transparency for the user in how their data is handled.
  • The provision of increased user control over settings.
  • The implementation of clear retention periods for the deletion of personal data or an enhanced ability for the user to delete items.
  • The enhancement of the user’s right to have ready access to their personal data and the capacity of Facebook Ireland to ensure rigorous assessment of compliance with Irish and EU data protection requirements.

The Office of the Data Protection Commissioner had set a deadline of four weeks for Facebook Ireland to adopt recommendations not yet put into place, the agency revealed in its annual report for 2012.

“A deadline of four weeks for those matters to be brought to a satisfactory conclusion was set and FB-I (Facebook Ireland) progressed those matters to our satisfaction within the four-week period,” the annual report stated.

“The office continues to maintain an ongoing dialogue with FB-I on the data protection implications of all new services as these are rolled out.”

Tina Costanza was a journalist and sub-editor at Silicon Republic