- YouTuber allegedly filmed himself abusing and killing his cat Sunday 5:49 PM
- Would you buy a Popeyes chicken sandwich from Quavo for $1,000? Sunday 3:05 PM
- Someone set up a Spider-Man memorial outside D23 Expo Sunday 2:15 PM
- A$AP Rocky just isn’t texting Trump back Sunday 1:24 PM
- Hong Kong protesters knock down alleged ‘facial recognition tower’ Sunday 12:35 PM
- PewDiePie becomes the first YouTuber to hit 100 million subscribers Sunday 11:35 AM
- ‘Breaking Bad’ movie will show us what happened to Jesse Pinkman Sunday 9:39 AM
- How to stream ROH Wrestling’s Honor For All Sunday 7:30 AM
- How to stream Steelers vs. Titans in NFL preseason action Sunday 7:00 AM
- How to stream ‘Good Eats: The Return’ online Sunday 7:00 AM
- How to stream ‘Power’ season 6 Sunday 6:00 AM
- Your best bets for finding discounted and refurbished Airpods Sunday 6:00 AM
- How to stream Barcelona vs. Real Betis Saturday 11:31 PM
- How to stream Tottenham Hotspur vs. Newcastle Saturday 11:21 PM
- All of the ‘Avengers: Endgame’ Easter eggs discovered by fans Saturday 6:52 PM
A lawsuit, filed by NOYB, a non-profit digital rights organization led by privacy activist Max Schrems, explains how two red “pending” notification dots appear on the message and notification icons when users are shown the new terms of service. They have to agree to the documents, handing Facebook their personal data, in order to investigate those alerts. The complaint says the icons will appear even when there are no notifications.
The General Data Protection Regulation (GDPR) is a strict set of rules passed by the E.U. that gives users more control over their data.
Facebook, for its part, told the Daily Dot that the red notification icons are generic visuals meant to reassure users that the terms they’re agreeing to do, in fact, come from the social platform. The icons were supposedly added so people wouldn’t suspect they were agreeing to a phishing notification.
The company also provided a more detailed statement about its approach to the GDPR.
“We have prepared for the past 18 months to ensure we meet the requirements of the GDPR,” said Erin Egan, Facebook’s chief privacy officer. “We have made our policies clearer, our privacy settings easier to find and introduced better tools for people to access, download, and delete their information. Our work to improve people’s privacy doesn’t stop on May 25th. For example, we’re building Clear History: a way for everyone to see the websites and apps that send us information when you use them, clear this information from your account, and turn off our ability to store it associated with your account going forward.”
Users are not required to agree to its updated data policy, but they must agree to the terms of service in order to use Facebook.
NOYB believes Facebook is in violation of article 5 of the GDPR, which states personal data should be “processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’).” Gaining clear consent from users to collect their data is among the core tenants of the GDPR. Companies that violate the new privacy regulation face fines of up to 4 percent of their annual turnover. In Facebook’s case, that adds up to €1.4 billion, or about $1.63 billion.
The claims against Facebook for its peculiar method of allegedly getting users to click through the terms of service is one in a series of complaints filed against the social network on May 25, the day the GDPR went live. Google was also caught in the flurry of lawsuits aimed at the two largest advertising players on the internet. Schrems claims the company’s use of checkboxes to agree to data sharing is in violation of the GDPR’s itemized consent, which says users should be able to pick and choose what they agree to.
Schrems told the Financial Times that the company’s updated terms were far from GDPR-compliant: “They totally know that it’s going to be a violation. They don’t even try to hide it,” he said.
However, Facebook doesn’t believe it’s in violation of the privacy laws.
The GDPR forces companies that do business in the E.U. to adopt new privacy and security practices. Over the past months, tech firms have scrambled to release new terms of service that comply with the regulation, while others have abandoned the E.U. altogether to avoid steep penalties.
Among those not willing to take the risk are popular newspapers under Tronc and Lee Enterprises media publishing groups, including the Los Angeles Times, the New York Daily News, and Chicago Tribune.
The spotlight has been pointed squarely at Facebook after it was revealed to have failed to prevent a political data firm from manipulating the personal information of 87 million users. During CEO Mark Zuckerberg’s testimony before Congress, Facebook was frequently criticized for its lengthy, convoluted privacy agreements and terms that force users into an all-or-nothing decision. Under the GDPR, the social giant will need to be more transparent and flexible with how it asks users to hand over their data—or it could face substantial fines.
Editor’s note: This story has been updated for clarity and context.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.