An anonymous reader quotes a report from TechCrunch: Facebook has been left red-faced after being forced to call off the launch date of its dating service in Europe because it failed to give its lead EU data regulator enough advanced warning -- including failing to demonstrate it had performed a legally required assessment of privacy risks. Yesterday, Ireland's Independent.ie newspaper reported that the Irish Data Protection Commission (DPC) -- using inspection and document seizure powers set out in Section 130 of the country's Data Protection Act -- had sent agents to Facebook's Dublin office seeking documentation that Facebook had failed to provide.
In a statement on its website, the DPC said Facebook first contacted it about the rollout of the dating feature in the EU on February 3. "We were very concerned that this was the first that we'd heard from Facebook Ireland about this new feature, considering that it was their intention to roll it out tomorrow, February 13," the regulator writes. "Our concerns were further compounded by the fact that no information/documentation was provided to us on February 3 in relation to the Data Protection Impact Assessment [DPIA] or the decision-making processes that were undertaken by Facebook Ireland." At the time of its U.S. launch, Facebook said dating would arrive in Europe by early 2020. It just didn't think to keep its lead EU privacy regulator in the loop, despite the DPC having multiple (ongoing) investigations into other Facebook-owned products at this stage. A Facebook spokesperson said in a statement: "It's really important that we get the launch of Facebook Dating right so we are taking a bit more time to make sure the product is ready for the European market. We worked carefully to create strong privacy safeguards, and complete the data processing impact assessment ahead of the proposed launch in Europe, which we shared with the IDPC when it was requested."
In a second statement, the Facebook spokesperson added: "We're under no legal obligation to notify the IDPC of product launches. However, as a courtesy to the Office of the Data Protection Commission, who is our lead regulator for data protection in Europe, we proactively informed them of this proposed launch two weeks in advance. We had completed the data processing impact assessment well in advance of the European launch, which we shared with the IDPC when they asked for it."
from Slashdot: News for nerds, stuff that matters https://ift.tt/2OQaB0G
via IFTTT
In a statement on its website, the DPC said Facebook first contacted it about the rollout of the dating feature in the EU on February 3. "We were very concerned that this was the first that we'd heard from Facebook Ireland about this new feature, considering that it was their intention to roll it out tomorrow, February 13," the regulator writes. "Our concerns were further compounded by the fact that no information/documentation was provided to us on February 3 in relation to the Data Protection Impact Assessment [DPIA] or the decision-making processes that were undertaken by Facebook Ireland." At the time of its U.S. launch, Facebook said dating would arrive in Europe by early 2020. It just didn't think to keep its lead EU privacy regulator in the loop, despite the DPC having multiple (ongoing) investigations into other Facebook-owned products at this stage. A Facebook spokesperson said in a statement: "It's really important that we get the launch of Facebook Dating right so we are taking a bit more time to make sure the product is ready for the European market. We worked carefully to create strong privacy safeguards, and complete the data processing impact assessment ahead of the proposed launch in Europe, which we shared with the IDPC when it was requested."
In a second statement, the Facebook spokesperson added: "We're under no legal obligation to notify the IDPC of product launches. However, as a courtesy to the Office of the Data Protection Commission, who is our lead regulator for data protection in Europe, we proactively informed them of this proposed launch two weeks in advance. We had completed the data processing impact assessment well in advance of the European launch, which we shared with the IDPC when they asked for it."
from Slashdot: News for nerds, stuff that matters https://ift.tt/2OQaB0G
via IFTTT
Comments
Post a Comment