By Patrick Van Eecke and Julie De Bruyn
Today a delegation of Facebook is meeting with the Belgian ‘Secretary of State’ responsible for Privacy , Bart Tommelein. The subject of conversation are Facebook’s new terms of service and data policy, which are claimed to be in breach of the Belgian Data Protection Act. This afternoon, the Facebook delegation is also expected to meet with the President of the Belgian Privacy Commission, Willem Debeuckelaere, to discuss the new terms. The meetings have been requested by Facebook itself following statements made in the press by the Belgian authorities saying that the new terms were in breach of applicable laws.
Some key changes introduced by the new data policy and terms of service foresee that Facebook will:
- own information that relates to users but is not posted by users (e.g. pictures in which one is ‘tagged’ by another person),
- track user’s browsing behavior to understand what users like on websites,
- know what devices users use to access the website (type of device, telephone number, telecom provider, etc.), and
- use user’s GPS, Bluetooth and wifi to determine user’s location at all times and without asking for consent, and use this location data for commercial purposes.
The outcome of the discussions remains to be seen, however, ahead of today’s meeting, the Belgian DPA has already warned that if no solution can be reached which is more considerate of the users’ privacy, it will not refrain from initiating legal proceedings against the tech giant. The Belgian Privacy Commission is supported by other European Data Protection Authorities, (for instance the CBP in the Netherlands) who have voiced their concerns regarding the new terms, and have in some cases launched further investigations into the terms.
UPDATE
Following the meeting between Belgian Secretary of State for Privacy Bart Tommelein, and the Facebook delegation yesterday, a spokesperson for Mr. Tommelein confirmed that Facebook has demonstrated its willingness to conform to the Belgian laws. Facebook has agreed to take into account the concerns called upon by Mr. Tommelein, however explained that there are a lot of misunderstandings with respect to the new terms too. The spokesperson continued by stating that Facebook emphasized that it did not implement many changes to its terms end of January, and denied that user data will be shared with third party advertisers. Facebook has since January reformulated the terms in a more intelligible language, in line with the transparency requirement of the European Data Protection Directive. Mr. Tommelein suggested that Facebook should take on a more educational role, especially since weaker parties in today’s information society (such as children) have trouble understanding the terms. In a news interview yesterday evening, Mr. Tommelein confirmed that in his view it is preferred to carry out the battle for the preservation of privacy with Facebook, rather than against it.
The meeting between Facebook and the Belgian data protection authority is yet to take place – no date has been made public yet for this meeting. The meeting is in any case expected in the near future as the President of the data protection authority has previously announced that he expects a signal from Facebook with respect to a letter of the data protection authority that was addressed, following the publication of the new terms, to Facebook, enlisting 13 issues with respect to the new terms, and requesting clarification by Facebook on the new terms.
For further information, please contact Patrick Van Eecke (patrick.vaneecke@dlapiper.com) or Julie De Bruyn (julie.debruyn@dlapiper.com).