Data Protection Commissioner faces legal action over Facebook
Group unhappy at how State has dealt with social site's use of data
THE Data Protection Commissioner (DPC) is facing legal action from an Austrian lobby group over how it manages Facebook's use of data.
'Europe versus Facebook' (EvF), a Vienna-based pressure group made up of mostly students, said it planned to go to court here to challenge how the DPC has dealt with privacy issues surrounding Facebook.
The group made a series of complaints to the DPC two years ago, and the commission, which has jurisdiction over Facebook because its European headquarters is based in Dublin, responded by conducting an audit of how the social network handles user data.
The commission, led by Billy Hawkes, made a number of recommendations to the company to change their procedures but they are not legally binding.
Now, however, EvF says it is unhappy with some of the decisions made by the DPC and will go to court to have them overturned.
While the case does not involve Facebook directly, if the pressure group does win its challenge then it will have a knock-on effect on how Facebook handles data.
EvF head Max Schrems said that while Mr Hawkes' efforts had led to "many achievements" and "steps in the right direction", the audit had been "not precise".
"A non-binding audit might not need such accuracy, but we expect that the authority goes into every detail when deciding about our complaints.
"In some cases we also had to wonder if the authority has blindly trusted Facebook," he added.
A spokesman for the commission said it had "no recent contact" from EvF over the matter.
Mr Hawkes said his agency had prioritised its investigation.
"We did a very detailed examination, we made a number of recommendations and then later on we reviewed what Facebook had done and if they had taken action."
The commission can take legal enforcement action against companies it feels have broken the law, but in general they try to get things done through non-binding agreements.
Mr Hawkes said that Facebook was in broad compliance and there was no need for enforcement action.
A spokesman for Facebook was quick to distance the firm from the potential court action, highlighting the fact that it was not involved in the legal manoeuvres.
"The two detailed reports that the DPC has produced demonstrate that Facebook Ireland complies with European data protection principles and Irish law.
"Nonetheless, we have some vocal critics who will never be happy whatever we do and whatever the DPC concludes," he claimed.