- From: =JeffH <Jeff.Hodges@KingsMountain.com>
- Date: Mon, 22 Aug 2011 09:58:25 -0700
- To: public-privacy@w3.org, ietf-privacy@ietf.org
[ hat tip: Bil Corry ] Source: https://www.datenschutzzentrum.de/presse/20110819-facebook-en.htm 2011-08-19 P R E S S R E L E A S E ULD to website owners: „Deactivate Facebook web analytics“ The Data Protection Commissioner’s Office (Independent Centre for Privacy Protection - ULD) calls on all institutions in the federal state of Schleswig-Holstein, Germany to shut down their fan pages on Facebook and remove social plug-ins such as the “like”-button from their websites. After a thorough legal and technical analysis ULD comes to the conclusion that such features are in violation of the German Telemedia Act (TMG) and of the Federal Data Protection Act (BDSG), respectively the Data Protection Act of Schleswig-Holstein (LDSG SH). By using the Facebook service traffic and content data are transferred into the USA and a qualified feedback is sent back to the website owner concerning the web page usage, the so called web analytics (Ger.: Reichweitenanalyse). Whoever visits facebook.com or uses a plug-in must expect that he or she will be tracked by the company for two years. Facebook builds a broad individual and for members even a personalised profile. Such a profiling infringes German and European data protection law. There is no sufficient information of users and there is no choice; the wording in the conditions of use and privacy statements of Facebook does not nearly meet the legal requirements relevant for compliance of legal notice, privacy consent and general terms of use. ULD expects from website owners in Schleswig-Holstein to immediately stop the passing on of user data to Facebook in the USA by deactivating the respective services. If this does not take place by the end of September 2011, ULD will take further steps. After performing the hearing and administrative procedure this can mean a formal complaint according to sect. 42 LDSG SH for public entities, a prohibition order pursuant to sect. 38 par. 5 BDSG as well as a penalty fine for private entities. The maximum fine for violations of the TMG is 50TS Euro. Commissioner Thilo Weichert, head of ULD: “ULD has pointed out informally for some time that many Facebook offerings are in conflict with the law. This unfortunately has not prevented website owners from using the respective services and the more so as they are easy to install and free of charge. Web analytics is among those services and especially informative for advertising purposes. It is paid with the data of the users. With the help of these data Facebook has gained an estimated market value of more than 50 bn. dollars. Institutions must be aware that they cannot shift their responsibility for data privacy upon the enterprise Facebook which does not have an establishment in Germany and also not upon the users. Our current call is only the beginning of a continuing privacy impact analysis of Facebook applications. ULD will continue in cooperation with other German data protection authorities. A comprehensive analysis is not to be performed at one go for a small privacy agency such as ULD; moreover is Facebook constantly changing its technical procedures and terms of use. Nobody should claim that there are no alternatives; there are European and other social media available that take the protection of privacy rights of Internet users far more serious. That they also may contain problematic applications must not be a reason to remain idle towards Facebook, but must prompt us as supervisory authorities to pursue these violations. Users can take their part in trying to avoid privacy adverse offerings.” To Internet users ULD offers the advice to keep their fingers from clicking on social plug-ins such as the “like”-button and not to set up a Facebook account if they wish to avoid a comprehensive profiling by this company. Profiles are personal information; Facebook is requiring its members to register their actual name. ULD has published its privacy evaluation of website analytics by Facebook in German language on the Internet at https://www.datenschutzzentrum.de/facebook/ This analysis will be continued, that is extended and specified. Suggestions to ULD are welcome by e-mail to facebook@datenschutzzentrum.de For inquiries or in case of general further questions please contact: Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein Holstenstr. 98, 24103 Kiel, Germany Phone: ++49 (0)431 988-1200, Fax: -1223
Received on Monday, 22 August 2011 17:04:53 UTC