Facebook has to explain better what happens to users’ personal data and give them more control, the data commissioner in Ireland, home to the Web site’s international headquarters, has said.
Facebook must work towards “simpler explanations of its privacy policies (and) ... easier accessibility and prominence of these policies,” the Irish Data Protection Commissioner (DPC) said after a three-month audit.
It called on the US-based firm behind the social networking Web site, which has some 800 million users worldwide, to provide “an enhanced ability for users to make their own informed choices based on the available information.”
The DPC report also said that Facebook must provide within 40 days all information it holds on a particular user or non-user if requested to do so.
It also said that information to users on what happens to deleted or removed content, such as friend requests received, “pokes”, removed groups and tags, and deleted posts and messages “should be improved.”
“Users should be provided with an ability to delete friend requests, pokes, tags, posts and messages and be able to, in so far as is reasonably possible, delete on a per item basis,” it said.
The DPC conducted the enquiry, aimed at determining whether Facebook complied with Irish and by extension European Union law, because Facebook Ireland is the entity with which non-US and non-Canadian users have a contract, the DPC said.