2 October 2011

Hóigh, Facebook, How Deeply Do You Care About Data Protection?

Image: Hanover Quay – Dublin Docklands by informatique on Flickr
Hanover Quay - Dublin Docklands

Hanover Quay, Dublin 2.

That is the address of Facebook’s European headquarter or, strictly legally, the business seat of the Facebook Ireland Limited.

The above is important

as owing to Section 18 of Facebook’s Terms of Use, users who are not residents of the USA and Canada have their agreement to use the social network with Facebook’s Irish subsidiary.

That means that if you have any

data protection issues

with the Zuckerberg-led company, you are entitled to approach the Irish Data Protection Commissioner.

The Austrian based data protection advocacy group Europe vs Facebook already started doing this.
They have identified several breaches and have undertaken a number of actions, thereby including complaints and access requests and, have covered each of them on their website.


enforcing its powers

under Section 10 of the Data Protection Act, the Irish Data Protection Commissioner has started an investigation against Facebook.

I am curious what the outcome of the foregoing will be and will therefore monitor and provide for follow-ups.

By the way, how much do you care about what Facebook does with your data, but without your consent?

21 January 2011

Of Sushi and Data Protection

Just ordered a large set of sake sushi on the phone.

Credit: Ricardo Bernardo

Again, I had run a long day and needed some refreshment. I rang up, could order pretty fast and felt well-served.

Besides one thing.

They knew who I was and where I lived. I was not even supposed to tell them my name… Strange, I thought, and started speculating how could those guys have obtained my personal data. Could that be, since I have ordered there already? However, what was even more worrying: what were/are they going to do with that?

Why am I concerned? Because I do not like to represent a record in a database whose existence I could not even assume. This is the reason why data controllers have an explicit obligation to obtain data subjects’ (written) consent prior to processing their data. Otherwise such processing is not lawful according to our fancy legislation on data protection.

To the best of my knowledge, I have never allowed the sushi restaurant to process my data. In order to be absolutely sincere, I checked their website while composing this blog post. Their general terms and conditions are just as silent as the fish they make sushi of.

It is funny, but data protection provisions were once introduced to oppose the dealings of state agents. Nowadays data traders are their primary objective and that does not surprise, since data are considered tradable commodities. Some of them are – depending on their exposure to the public – deemed really precious.

So, I will let those sushi makers know of their lack to comply with stringent law. I thought of writing them an email so I will not forget to tell them how good their sushi was.

Did you find this article informative and helpful? If yes, you might want to share it by pressing one of below buttons or to otherwise tell your friends about it.