Proposed EU laws on Internet privacy will target a critical money-
maker for Internet companies such as Facebook: their wealth of
personal data on users.
With its initial public offering this week, Facebook is roaring
ahead. However, new European Union privacy regulations are taking
aim at Internet companies' ability to profit through control of
personal information - the key to their tremendous online
Now in its eighth year, social networking website Facebook is set
to become the hottest ticker on Wall Street - and it's not hard to
see why. With 800 million users worldwide and $3.71 billion in sales
in 2011, the company's IPO is expected to raise between $50 billion
and $100 billion on the open market.
But with a business model built on leveraging user data to sell
targeted advertising, Facebook, Google, and other Internet companies
are on a collision course with EU demands that its citizens' right
to privacy be respected. The EU regulations pit two Internet
philosophies against each other: 1) that more regulation is needed
in order to protect unwitting users, 2) that more regulation will
encourage overactive censorship.
Giving users more control
On Jan. 25, EU Justice Commissioner Viviane Reding unveiled a
wide-ranging data protection program that aims to regulate all
companies doing business online in the EU, not just those based
there. The data protection laws, which will take about a year to be
enacted, will be uniform across all 27 member states.
"Companies must understand that if they want access to 500
million consumers in the EU, then they have to comply. This is not
an option," says Matthew Newman, spokesperson for the justice
The proposal prescribes fines of up to EUR 1 million ($1.3
million) or 2 percent of annual revenue, includes a "right to be
forgotten" that allows users to permanently delete their data, and
allows users easier access to their data and easier migration of it
to other services. Additionally, companies wishing to do business in
the EU will need a representative based there.
"The principle behind [the right to be forgotten] is quite
simple: it's your data, you're in control of it and you get to
decided what is done with it," says Mr. Newman.
Jeffrey Rosen, legal commentator and law professor at George
Washington University, says he supports tougher privacy regulations,
but called the EU's "right to be forgotten" a "legal minefield."
Mr. Rosen says the regulations will create a dramatic clash
between the right to freedom of expression and the right to privacy,
arguing that under the proposal, websites like Facebook will be
obliged to not only to delete on request material that users upload,
such as photos, but any shared copies of photos - and potentially
even material uploaded by third parties that another user objects
The new rules will bring Europe and the United States' different
privacy norms face to face.
"There are hugely different cultures. Europe tends to trust the
state and not private companies and in America it's the reverse.
There's also a difference of tradition between dignity and liberty,"
Rosen says. "There is potential for radical disruption of the way
users experience the Internet in the EU. This would transform
Facebook and Google into censors-in-chief."
The question of privacy vs. openness hits at the heart of a major
commercial issue in the Web 2.0 world, where personal data is traded
for free access to online services.
As part of the company's IPO announcement, Facebook founder and
CEO Mark Zuckerberg sent a letter to shareholders, saying, "Facebook
was not originally created to be a company. It was built to
accomplish a social mission - to make the world more open and
The Wild West of online data
Users of online services need to be more aware of what data is
collected and how it is used, says Kieron O'Hara, a philosopher
working at the University of Southampton's school of computer
science in Britain. …