Facebook CEO and professional hoody-wearer Mark Zuckerberg has told Reuters that it won’t stick to Europe’s new strict data privacy rules globally.
In other words, if you’re lucky enough to be a European citizen Facebook is going to have to abide by GDPR (Europe’s General Data Protection Regulation), due to come into force next month.
That means, amongst other things, that you’ll have the right to know what data Facebook is storing about you, and have it deleted. Companies like Facebook will have to be more specific about how they intend to use individuals’ data, and gain explicit consent for its use.
But if you live in, say, the United States, China, India, or anywhere else in the world, Zuckerberg is not prepared to promise you’ll have the same privacy guarantees.
Facebook’s CEO says that the company’s intention is to extend GDPR privacy protection worldwide “in spirit,” but from the sound of things he wants to make some undefined exceptions in some undisclosed countries.
That, of course, runs against the grain for privacy advocates who would like to see GDPR become a global standard.
After all, if your international firm is already doing business with European citizens and needs to abide by GDPR laws, wouldn’t it be simplest to adopt them globally?
That would surely be a positive boost for billions of consumers worldwide, especially in countries where privacy and data protection laws are weak.
Or might it be the case that the privacy of users is not really the primary concern of some online companies, and their focus remains on maximising their opportunities to exploit users’ data instead?
If you’re concerned that you might be getting a worse deal from Facebook than your European cousins, maybe you could find some way to make your Facebook profile look like you’re based in Europe? Failing that, there’s always the option to delete your account.
Overnight, in a Q&A session with journalists, Mark Zuckerberg has responded to the Reuters interview:
“I was somewhat surprised by yesterday’s Reuters story that ran on this because the reporter asked if we are planning on running the controls for GDPR across the world and my answer was yes. We intend to make all the same controls and settings available everywhere, not just in Europe. Is it going to be exactly the same format? Probably not. We need to figure out what makes sense in different markets with the different laws and different places. But – let me repeat this – we’ll make all controls and settings the same everywhere, not just in Europe.”
Quite what Zuckerberg means about it being “(not) exactly the same format” in different countries remains to be seen…
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.