The EU’s European Commission is planning to make a legal change next year which may force U.S. Web giants like Facebook and Google to change the way they store and process user data.
The commission says it plans to revise the EU’s main data privacy law so that it requires companies that are not part of the EU to abide by the Continent’s stricter data collection rules or face fines and possible prosecution.
Viviane Reding, the European justice commissioner, has criticized Facebook for storing and retaining users’ personal data even after a user tries to delete it. She intends to add the tighter sanctions to the EU’s revised version of the Data Protection Directive, to be presented in January.
According to the NY Times, in a speech given on Nov. 8, Reding said that she and Isle Aigner, the German minister for food, agriculture and consumer protection “both believe that companies who direct their services to European consumers should be subject to EU data protection laws. Otherwise, they should not be able to do business on our internal market.”
Facebook is currently being audited in Europe by Ireland’s Data Protection Commission, which has said that its audit should be concluded by this year. The Irish data protection officials are acting in part on complaints filed by a 24-year-old law student from Austria, Max Schrems, who filed the complaints in August against Facebook for retaining data even after he had deleted it.
After Schrems asked Facebook’s European headquarters, located in Ireland, to supply him with a list of personal data that the company had collected on him, the social networking company sent him a PDF file 1,224 pages in length. Schrems said he had never entered most of the information found in the document, and that Facebook had generated the information based on his inputs.
Additionally, data protection officials have made similar requests to Facebook affiliates in Sweden, Germany, Norway, Finland and Denmark.