Under EU data protection law the Data Controller and Data Processor must, among other duties, ensure the lawfulness to collect or re-use personal data, and the fairness and transparency of the processing. In other words, the individual should have the necessary information to assess and freely decides when his/her personal data is to be processed, how it is used and with whom it is shared.
Useful? Embed this infographic on your website.
Having said that, when activities that users engaged in other websites were automatically added to Facebook’s user profiles without their consent, as part of its platform service called Beacon -details of purchases made went to the news feed of the user, making it visible to all user’s contacts, promoting fb’s partner sites- can we conclude that Facebook ensure lawfulness? Or fairness and transparency of the processing?
Did the “Shadow Profiles”, by which Facebook stored information – by using user’s address book, stored email addresses and phone numbers of all the user’s contacts- that has obtained about other people, even if they weren’t Facebook’s users, ensure lawfulness? or fairness and transparency of the processing?
When Facebook allows the data of millions of its users to be collected by Cambridge Analytica -and possibly to Aggregate IQ- which harvested the data, put it on a database and using artificial intelligence create a profile about each of them to target them outside Facebook, with pro-Trump material in order to influence their vote; can we conclude that Facebook ensure lawfulness? Or fairness and transparency of the processing?
Last month, when Facebook disclosed to have maintained data-sharing partnerships with mobile devices, by which it gave access to gather information about users and their friends, even if those friends had configured their privacy settings to deny information sharing with third parties; can we conclude that Facebook ensures lawfulness? Or fairness and transparency of the processing?
I don’t think so, but going beyond Facebook’s conduct, lets pay attention to the information that we made available about us, our families and friends across the internet networks, this facilitates the collection of our data to advertisers or manufactures, whom can use it, either for basic advertising or for the creation of our profile which later will be used for the execution of their own agenda.
It may be wise to limit it as much as possible our exposure and to keep in mind how these type of platforms work (not only Facebook) so we don’t let ourselves, either our teenagers at home, to be easily manipulated.
To conclude, in my opinion, advertising and marketing are not illegal activities per se, they become unlawful when they are executed without complying with the law, they become dangerous when they use artificial intelligence to predict our inner thoughts, to know our convictions so that messages are delivered to us to shape our opinion and decisions.
The same goes for social networks, they are not illegal infrastructures per se, they become illegal when they work outside the parameters of the law, they become dangerous when it uses its position as the middleman for a vast proportion of all human communication to find out everything about its users to create unregulated and unsecured “intelligence platforms” that can enormously affect what we learn, how we feel, what we want and how we vote.
The lawinfographic of this article aims to show the most important facts to be considered when examining how Facebook processes our personal data. The goal is to raise awareness, so we can assess and take consistent and practical actions on how to deal with the risks.
Each lawinfographic has a visual presentation and keywords that will allow comprehending at a glance the main topic. The articles contain several examples and/or references that have been taken from the EU law, regulations, guidelines and opinions on the matter. If you require more information, do not hesitate to consult the lawinfographic sources below or reach me on Linkedin.