- In order to comply with the EU's looming General Data Protection Regulation (GDPR), Facebook will begin asking users to review information about how it uses their data and how they give the platform permission to target ads and use technology tools like facial recognition, according to a company blog post. While users in Europe will begin seeing the requests this week ahead of the GDPR, which goes into effect May 25, people in the rest of the world will soon be required to make the same decisions.
- Under the new requirements, Facebook users will be asked to make choices about whether or not they want the company to use data from partners to show them ads and if they want to continue sharing political, religious and relationship information in their profiles. Users can also choose to turn on facial recognition. Facebook also outlined how it will protect young people, including by keeping facial recognition off for users under 18 and limiting who can see or search information that teen users share.
- Critics are flustered with the new permissions screens, however, claiming that Facebook doesn't offer a simple button to decline the permission and instead forces users to navigate through several screens before they can opt out, according to Business Insider. Some are accusing Facebook of using tricks, referred to as "dark patterns," to get people to give it permission as well.
Extending GDPR permissions to users worldwide is another step Facebook is taking to improve privacy and transparency on the platform amid fallout from the Cambridge Analytica scandal, where 87 million users' profiles were abused by a data firm with ties to Donald Trump's presidential campaign. However, as the Business Insider report shows, some of these steps are potentially half measures, with Facebook implementing unnecessary hurdles in reaching what should be a fairly simple opt-out.
In this way, Facebook might be attempting to ensure that its ad business remains largely unshaken as it moves to comply with the GDPR, a set of regulatory rules that will punish internet companies for collecting personal information from users without their permission. While users may be able to limit the type of data that marketers use to target their ads on Facebook, they won't be able to opt out of receiving targeted ads completely, barring Facebook's introduction of some sort of paid service, which executives have raised the possibility of recently under increased scrutiny from regulators and the public.
CEO Mark Zuckerberg previously said that Facebook would not extend its GDPR privacy standards across the platform worldwide. Instead, it planned to work on a global version "in spirit" with GDPR. The executive also said that key aspects of GDPR are already features of Facebook, including users' rights to have their information deleted. Facebook also recently updated its terms of service and data policy to better explain what data the platform collects and how it's used