- Watch out! Tonight’s episode of ‘Game of Thrones’ leaked online 11 Months Ago
- Videos of people working may be the best thing on TikTok right now Today 1:46 PM
- How to watch ‘Game of Thrones’ season 8, episode 2 for free Today 7:00 AM
- Gendry is making a new weapon for Arya Stark—but what is it? Today 6:30 AM
- The live-action Halo series could be Showtime’s most ambitious project yet Today 6:00 AM
- How to watch Turner Classic Movies for free Today 5:30 AM
- How to watch Real Madrid vs. Athletic Bilbao online for free Today 5:00 AM
- ‘Star Trek’s Jonathan Frakes calls out your lies with this new meme Saturday 3:46 PM
- #JusticeForLucca trends after video shows police slam Black teen’s head into pavement Saturday 3:11 PM
- The internet is shocked to learn that Goombas do, in fact, have arms Saturday 2:02 PM
- PayPal, GoFundMe cut off armed militia that detains migrants at border Saturday 1:16 PM
- Barnwood theft may be on the rise because of ‘Fixer Upper’—and fans aren’t having it Saturday 12:23 PM
- Literary Twitter calls out Dzanc Books for Islamophobic, racist novel Saturday 11:40 AM
- How to watch Crawford vs. Khan online Saturday 10:00 AM
- Beyoncé has 2 more projects coming to Netflix after ‘Homecoming’ Saturday 9:53 AM
Facebook is tricking users into signing its new terms of service, lawsuit alleges (updated)
Brian Solis/Flickr (CC-BY)
The social giant may be in violation of the GDPR.
A lawsuit, filed by NOYB, a non-profit digital rights organization led by privacy activist Max Schrems, explains how two red “pending” notification dots appear on the message and notification icons when users are shown the new terms of service. They have to agree to the documents, handing Facebook their personal data, in order to investigate those alerts. The complaint says the icons will appear even when there are no notifications.
The General Data Protection Regulation (GDPR) is a strict set of rules passed by the E.U. that gives users more control over their data.
Facebook, for its part, told the Daily Dot that the red notification icons are generic visuals meant to reassure users that the terms they’re agreeing to do, in fact, come from the social platform. The icons were supposedly added so people wouldn’t suspect they were agreeing to a phishing notification.
The company also provided a more detailed statement about its approach to the GDPR.
“We have prepared for the past 18 months to ensure we meet the requirements of the GDPR,” said Erin Egan, Facebook’s chief privacy officer. “We have made our policies clearer, our privacy settings easier to find and introduced better tools for people to access, download, and delete their information. Our work to improve people’s privacy doesn’t stop on May 25th. For example, we’re building Clear History: a way for everyone to see the websites and apps that send us information when you use them, clear this information from your account, and turn off our ability to store it associated with your account going forward.”
Users are not required to agree to its updated data policy, but they must agree to the terms of service in order to use Facebook.
NOYB believes Facebook is in violation of article 5 of the GDPR, which states personal data should be “processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’).” Gaining clear consent from users to collect their data is among the core tenants of the GDPR. Companies that violate the new privacy regulation face fines of up to 4 percent of their annual turnover. In Facebook’s case, that adds up to €1.4 billion, or about $1.63 billion.
The claims against Facebook for its peculiar method of allegedly getting users to click through the terms of service is one in a series of complaints filed against the social network on May 25, the day the GDPR went live. Google was also caught in the flurry of lawsuits aimed at the two largest advertising players on the internet. Schrems claims the company’s use of checkboxes to agree to data sharing is in violation of the GDPR’s itemized consent, which says users should be able to pick and choose what they agree to.
Schrems told the Financial Times that the company’s updated terms were far from GDPR-compliant: “They totally know that it’s going to be a violation. They don’t even try to hide it,” he said.
However, Facebook doesn’t believe it’s in violation of the privacy laws.
The GDPR forces companies that do business in the E.U. to adopt new privacy and security practices. Over the past months, tech firms have scrambled to release new terms of service that comply with the regulation, while others have abandoned the E.U. altogether to avoid steep penalties.
Among those not willing to take the risk are popular newspapers under Tronc and Lee Enterprises media publishing groups, including the Los Angeles Times, the New York Daily News, and Chicago Tribune.
The spotlight has been pointed squarely at Facebook after it was revealed to have failed to prevent a political data firm from manipulating the personal information of 87 million users. During CEO Mark Zuckerberg’s testimony before Congress, Facebook was frequently criticized for its lengthy, convoluted privacy agreements and terms that force users into an all-or-nothing decision. Under the GDPR, the social giant will need to be more transparent and flexible with how it asks users to hand over their data—or it could face substantial fines.
Editor’s note: This story has been updated for clarity and context.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.