According to CNET, Facebook has denied claims that the company create extensive profiles of people who do not use the social media website so that they can learn about those people. The group making these accusations is called Europe v Facebook.
“We enable you to send e-mails to your friends, inviting them to join Facebook,” Andrew Noyes, Facebook’s manager of public policy, said. “We keep the invitees’ e-mail address and name to let you know when they join the service. This practice is common among almost all services that involve invitations – from document sharing to event planning – and the assertion that Facebook is doing some sort of nefarious profiling is simply wrong”
The complaint against Facebook outlined the following information:
“Facebook Ireland is mainly collecting e-mail addresses but it also collects names, telephone numbers, addresses or work information about its users and non-users. This is done by different functions that encourage users to hand personal data of other users and non-users to Facebook Ireland (e.g. ‘synchronizing’ mobile phones, importing personal data from e-mail providers, importing personal information from instant messaging services, sending invitations to friends or saving search queries when users search for other people on facebook.com). By gathering all this information, Facebook Ireland is creating extensive profiles of non-users and it is also enriching existing user profiles. This is done in the background without notice to the data subject (‘shadow profiles’). Facebook Ireland is gathering excessive amounts of information about data subjects without notice or consent by the data subject. In many cases these information might be embarrassing or intimidating for the data subject. This information might also constitute sensitive data such as political opinions, religious or philosophical beliefs, sexual orientation and so forth.”
A spokesperson for the ODPC (Office of the Data Protection Commissioner in Ireland) had the following to say about the audit:
“An audit of Facebook was already planned prior to the receipt of the complaints in question but clearly they have raised issues which will be examined in the course of the audit as the Office is required to investigate the complaints it has received. We are receiving full co-operation from Facebook. It is the intention of the Commissioner that the investigation will be completed by the end of the year.”
According to the ODPC, private companies that operate in Ireland must agree to data protection from the ODPC in order to operate. The Information Commissioner’s Office (ICO) has the power to conduct audits of government departments but is only legally allowed to investigate procedures of companies if consent is agreed upon.
Max Schrems, the co-founder of Europe v Facebook, had the following to say:
“It is the right of every user to access this data and get an overview of what Facebook holds. Facebook is in fact ignoring this right totally. We think it is especially interesting, that a company that asks all its customers to be as transparent as possible is not even trying to be a little transparent itself and is in fact even breaking the law if it comes to transparency.”