Facebook’s latest push to educate users about privacy will be unavoidable.
Over the next few weeks, Facebook users outside of Europe will see a notice that walks them through privacy settings and explains how the company collects data. It’s a slightly altered version of what Facebook had to do for all users in the European Union, where a major privacy law is going into effect on Friday.
The EU’s General Data Protection Regulation, or GDPR, is a complex collection of rules meant to give users more transparency and control over their personal data. Facebook is voluntarily rolling out similar changes in the US and other countries.
What is GDPR?
Your email inbox is likely to be a lot emptier after Friday, when those European data privacy laws come into effect.
GDPR sets into place much tougher rules for companies that hold or use data on people inside the European Union, and gives customers more control over their data.
Facebook, Google, Twitter, and many other companies have changed their privacy settings to comply.
Companies are no longer allowed to bury details about collecting data in general terms and conditions, and must instead request consent from individuals in plain language.
As a result, people have received endless emails from companies in recent weeks, and have taken to Twitter to poke fun at the deluge.
The new law expands and updates rules that have been in place since 1995. The European Union said the new rules protect consumers in an era of huge cyber attacks and data leaks.
Facebook’s reaction
It has become a necessary pubic relations move for the company, which is still struggling to regain user trust. In March, news surfaced political data firm Cambridge Analytica collected personal data about 87 million people through a Facebook app.
It is also an attempt to show Facebook can self-regulate, so other countries won’t feel compelled to pass additional privacy laws.
Under GDPR, European data regulators can impose fines of up to 4% of global annual sales each time companies break the new law. This includes not storing data properly or failing to report hacks quickly enough. Based on 2017 figures, penalties could top $1.6 billion for Facebook.
Outside the EU, Facebook’s latest alert will be sent to users over email and SMS text messages, and appear as a pop-up on Facebook News Feeds. It says, “Some important settings and updates to review” on top, and then walks users through four topics with an option to change settings.
It includes a recap of profile information, including what political, religious and relationship information is shared. The alert also highlights what data is used by advertisers and apps, has an option to turn off face recognition (it will not be turned on if it was already off), and ends with a prompt to read and accept the new terms of use and data policy.
Facebook has repeatedly said it would offer similar protections to its users outside of the EU.
“It’s hard to say in a clean way what the differences are because they’re actually very small. They’re wording changes,” said David Baser, head of Facebook’s new privacy division, told CNNMoney. “The flow is exactly the same steps, exactly the same imagery, the exact same controls, the exact same buttons put in the same spots. We just have to do things to actually adapt it to the rest of the world’s requirements.”
The US version of the alert includes a summary up front that explains Facebook isn’t altering existing privacy settings. But in Europe, Facebook is required to show the notice until a user clicks and agrees to the new terms of service. In other locations, the alert will only pop up twice before users can go on liking dog photos.
