The 
Facebook facial recognition application “Tag Suggestions” violates European Union (EU) and German data protection law according to German regulators. The social network must stop the program for Germans and delete all data already collected on German users or face fines up to €300,000 ($430,560), says Johannes Caspar, head of the Hamburg Data Protection Authority, reports eBrandz.com.
Mr. Casper notified the Palo Alto, CA firm that the company’s facial recognition application which is active by default amounts to unauthorized data collection on individuals. Mr. Caspar gave Facebook two weeks to respond. “Should Facebook plans to continue the function, it must ensure that only data from persons who have granted their approval to the storage of their biometric facial profiles be stored in the database,” he said.
The software offered the potential for “considerable abuse” and was illegal. “If the users’ data lands into the wrong hands, it would be possible to compare and identify anybody captured in a photo taken with a mobile phone,” Mr. Caspar told the Hamburger Abenblatt newspaper.
The Facebook application tries to find faces on uploaded photos according to physical features and automatically saves them, creating “the world’s largest database of biometric features,” according to Bloomberg. The program attempts to compare data captured in a picture with the trove of data it has already collected from its hundreds of millions of users.
Users can opt-out of the automatic tagging, but Facebook can still gather and store (indefinitely) all photos added to the site. “This is what is most troublesome. The program feeds off a stock of data designed to physically identify millions of users,” Mr. Casper said.
“The legal situation is clear in my opinion,” Caspar told the newspaper that such a system could be exploited by undemocratic governments to spy on the opposition or by security services around the world. “The right to anonymity is in danger,” he said.
The German federal consumer protection ministry backs Mr. Casper. “We expect Facebook to comply with all European and German data protection standards and for it to respond to the request from the Hamburg regional data protection officer,” said a spokeswoman.
As expected Facebook denies any wrongdoing and responded, “We will consider the points the Hamburg Data Protection Authority have made about the ‘photo tag suggest’ feature, but “firmly rejected any accusations that we are not complying with our obligations to European Union data protection laws” reports eBrandz.
American web 2.0 companies have often had problems in Germany which takes online privacy much more seriously than the US. Bloomberg says German privacy laws restrict photographs of people and property except in public places without a person’s consent. These policies have also caught Microsoft’s (MSFT) Bing Maps Streetside service and Google’s (GOOG) Streetview ran afoul Germany’s privacy laws.
rb-
Facebook users should have noticed the automatic tagging application, which finds your friends when you upload photos. Like with many Facebook “features” it is, in my opinion intentionally hard for the average user to switch off – and is on by default.
In the US, privacy is a joke. I have covered firms like Rapleaf several times here and here. In Germany, their history drives them to take privacy seriously. They are rightfully suspicious of large collections of personal data that can be turned over to the State and used to categorize people. Facebook has over 750 million users, most of which don’t care about their privacy and help Facebook build the world’s largest biometric database. It makes you wonder how many three-letter agencies already own the Facebook biometric database.
What do you think?
Loading ...
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.