The Agencia Española de Protección de Datos (AEPD) announced on the 11th of September that it has fined Facebook 1.2 million euros for data privacy violations. The AEPD ruling stated that “that Facebook treats data, even specially protected, for advertising purposes without obtaining consent and does not completely cancel the information of users when it is no longer useful for the purpose for which it was collected or when they request it.”
The Agencia Española de Protección de Datos (English: Spanish Agency for Data Protection) is an agency of the Spanish government. It was established in 1993 for protecting the privacy of the Spanish citizens. The Protection of Personal Data means “the law shall restrict the use of informatics in order to protect the honour and the personal and family privacy of Spanish citizens, as well as the full exercise of their rights”
Facebook is the largest social media network in the word, based on the number of active users. The social media giant has more than 2 billion monthly active users as of June 2017.
The AEPD investigated and concluded that Facebook violated the Organic Law on Data Protection (LOPD). Specifically, the AEPD ruling stated that Facebook collects data on ideology, sex, religious beliefs, personal tastes or navigation without clearly informing users about the about the use and purpose. Also, according to the AEPD ruling, Facebook does not inform users in an acceptable exhaustive and clear way about the data that will collect and the “treatments” (usage) that it will perform with them.
Facebook collects information about its users during interaction on the social media site and while they are on third-party websites. The data use policy is not clear and easy for users to find. User behavior and the information is collected using cookies. Facebook also collects information about people who are not members of the social media channel. In addition, the AEPD ruling stated the Facebook does not completely eliminate a Facebook account and its data after users request account deletion. Facebook captures and retains information for over 17 months by using a deleted account cookie.
Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers