A German privacy regulator is astonished that Facebook has added facial recognition to a proposed new privacy policy it published on Thursday.
"It is astonishing to find the facial recognition again in the new proposed privacy policy that Facebook published yesterday. We therefore have directly tried to contact officials from Facebook to find out if there is really a change in their data protection policy or if it is just a mistake of translation," Hamburg Commissioner for Data Protection and Freedom of Information Johannes Caspar said in an email on Friday.
The Hamburg data protection commissioner, already at odds with Facebook over its use of face recognition technology, reopened its proceedings against the company in August last year, telling the company to either obtain explicit consent for face recognition from users, delete the data, or face a lawsuit, Caspar said at the time.
Facebook turned off facial recognition for all European users in September last year, and said it would delete all face recognition templates for existing users in Europe.
The German commissioner stopped its proceedings against Facebook in February, when it confirmed that the company had deleted the facial recognition data gathered on German users without their consent.
Facebook founder Mark Zuckerberg. Turning on facial recognition again in Germany might be illegal, Caspar said, adding that it depends on how Facebook implements it. The social network should ask for the explicit and informed consent of the user, Caspar said.
"That means that there has to be offered an opt in for users," he added.
Facebook initially deleted the face recognition data in response to recommendations from the Irish Data Protection Commissioner that it adjust its privacy policy. The company's Irish subsidiary is responsible for the data of users outside the U.S. and Canada, and therefore falls under the jurisdiction of the Irish DPC, which also confirmed independently that Facebook had deleted the face recognition data .
On Thursday, Facebook proposed changes to its privacy policy on Thursday, including one related to the tag suggest feature that uses facial recognition in order to let users easily tag friends in photos they upload.
Tag suggest is used in the U.S. in the same way it was used in Europe before it was turned off. Facial recognition software is used to calculate a unique template of a user's appearance based on facial features using variables such as the distance between the eyes, nose and ears.
"We are able to suggest that your friend tag you in a picture by scanning and comparing your friend's pictures to information we've put together from your profile pictures and the other photos in which you've been tagged. You can control whether we suggest that another user tag you in a photo using the 'Timeline and Tagging' settings," the proposed change reads.
Facebook proposed the change in its U.S. privacy policy, and also in translated versions of the policy for European countries, including Germany.
However, according to the Irish DPC, Facebook does not yet intend to offer the service in Europe.
Facebook Ireland consulted the Irish DPC in relation to its proposed privacy policy changes and confirmed that this feature is not yet available in Europe, said Ciara O'Sullivan of the Office of the Data Protection Commissioner in an email. "Any proposed changes to this position would be discussed with our Office," she said.
The Irish DPC suggested to Facebook Ireland that it clarify to its users that the tag suggest feature is not currently available in Europe, she added.
Facebook is still working with regulators to find a way to turn face recognition back on in Europe, a Facebook Germany spokeswoman said in an email.
Loek Essers focuses on online privacy, intellectual property, open-source and online payment issues.
More by Loek Essers, IDG News Service
No comments:
Post a Comment