Skip to content

Digital Impact was created by the Digital Civil Society Lab at Stanford PACS and was managed until 2024. It is no longer being updated.

Facebook, GDPR, and Winning Back the Public Trust

News, Uncategorized

It's unclear whether Facebook plans to make good on its pledge for more transparency and accountability following its Cambridge Analytica scandal.

Facebook has pledged its commitment to transparency, control, and accountability throughout its General Data Protection Regulation (GDPR) preparation process.

According to Facebook’s GDPR guide, “Data protection is central to the Facebook Companies. We comply with current EU data protection law, and will comply with the GDPR.” Facebook’s preparations are supported by what it describes as “the largest cross-functional team in Facebook’s history.”

But it’s clear the social media giant has a ways to go before it can win back the public trust. Criticism of the social network has grown considerably in recent months, culminating with the Cambridge Analytica scandal in early 2018, which Zuckerberg has described as “a major breach of trust.”

Facebook co-founder Chris Hughes believes the public scrutiny of Facebook is “very much overdue,” and German Justice Minister Katarina Barley says Facebook still falls short on privacy. Meanwhile, as a result of the breach, big tech leaders have called for more oversight on how data is used.

Is Facebook in over its head? Jason Kint, CEO of Digital Content Next, a digital publishers’ trade association, argues that Facebook can’t rebuild the public trust while continuing its widespread surveillance practices, which he says are designed to maximize profit rather than honor consumer expectations.

TechCrunch recently published a flaw-by-flaw guide to Facebook’s new GDPR privacy changes, based on Facebook’s private preview to a group of reporters whose “questions centered around how Facebook makes accepting the updates much easier than reviewing or changing them.”

It’s unclear as to whether Facebook plans to make good on its promise. In April, The Guardian reported that Facebook had “moved more than 1.5 billion users out of reach of European privacy law, despite a promise from Mark Zuckerberg to apply the ‘spirit’ of the legislation globally,” a shift that “highlights the cautious phrasing Facebook has applied to its promises around GDPR.”

Despite Facebook’s pledge to comply with the new data regulation, Lukasz Olejnik, a World Wide Web Consortium’s (W3C) Invited Expert who is also involved in technology policy, disagrees. She says, “Moving around one and a half billion users into other jurisdictions…is a major and unprecedented change in the data privacy landscape.”

“The change will amount to the reduction of privacy guarantees and the rights of users, with a number of ramifications, notably for for consent requirements, says Olejnik. Users will clearly lose some existing rights, as US standards are lower than those in Europe.”