San Francisco: Facebook Chief Executive Mark Zuckerberg said on Tuesday that he agreed “in spirit” with a strict new European Union law on data privacy but stopped short of committing to it as the standard for the social network across the world.
As Facebook reels from a scandal over the mishandling of personal information belonging to millions of users, the company is facing demands to improve privacy and learn lessons from the landmark EU law scheduled to take effect next month.
Zuckerberg said that Facebook was working on a version of the law that would work globally, bringing some European privacy guarantees worldwide, but the 33-year-old billionaire demurred when asked what parts of the law he would not extend worldwide.
“We’re still nailing down details on this, but it should directionally be, in spirit, the whole thing,” Zuckerberg said. He did not elaborate.
The European law, called the General Data Protection Regulation (GDPR), is the biggest overhaul of online privacy since the birth of the internet, giving Europeans the right to know what data is stored on them and the right to have it deleted.
His comments signal that US Facebook users, many of them still angry over the company’s admission that political consultancy Cambridge Analytica got hold of Facebook data on 50 million members, could find themselves in a worse position than Europeans.
Apple and some other tech firms have said they do plan to give people in the United States and elsewhere the same protections and rights that Europeans will gain.
Push for data privacy
Privacy advocacy groups have been urging Facebook and its Silicon Valley competitors such as Alphabet Inc’s Google to apply EU data laws worldwide, largely without success.
“We want Facebook and Google and all the other companies to immediately adopt in the United States and worldwide any new protections that they implement in Europe,” said Jeff Chester, executive director of the Center for Digital Democracy, in Washington.
Zuckerberg said many of the tools that are part of the law, such as the ability of users to delete all their data, are already available for people on Facebook.
“We think that this is a good opportunity to take that moment across the rest of the world,” he said. “The vast majority of what is required here are things that we’ve already had for years across the world for everyone.”
Google and Facebook are the global leaders in internet ad revenue. Both based in California, they possess enormous amounts of data on billions of people.
Google has declined to comment on its plans.
When GDPR takes effect on May 25, people in EU countries will gain the right to transfer their data to other social networks, for example. Facebook and its competitors will also need to be much more specific about how they plan to use people’s data, and they will need to get explicit consent.
GDPR is likely to hurt profit at Facebook because it could reduce the value of ads if the company cannot use personal information as freely and the added expense of hiring lawyers to ensure compliance with the new law.
Data is central to Facebook’s advertising business, and it has not yet sketched out a satisfying plan for how it plans to comply, said Pivotal Research analyst Brian Wieser.
“I haven’t heard any solutions from Facebook to get ahead of the problem yet,” Wieser said.