“According to the GDPR”: how do social networks change their privacy policies and how they work with PD
The following Friday, the General Data Protection Regulation ( GDPR ) will come into force, which will tighten regulation of the PD sphere in the territory of the European Union. In connection with the new requirements of IT companies update the regulations for working with PD.
Today we decided to talk about what we have already entered into WhatsApp, Facebook, Instagram and Twitter.
/ photo Japanexperterna.se CC
')
The main goal of the GDPR is to provide citizens of 28 states (EU members) with control over the data they share with various services and media. The new regulation will affect the business of all companies that store and use data from users in the European Union.
Including it will concern and the American corporations. Therefore, companies are already taking steps to prepare for work in new conditions.
A week ago, WhatsApp published an updated privacy policy and terms of service . To comply with the GDPR regulations, the messaging service created an office in the EU (WhatsApp Ireland Limited) and introduced a function that allows the user to request information about the account - these are settings, profile photos, group names, etc. Chat messages will not be transmitted in this way. But the correspondence history can be exported in other ways, depending on the smartphone OS.
On the new FAQ page, the company provided an algorithm of actions for requesting and downloading a report with account information. It is provided within three days after the application. During the processing of a request, account actions are restricted, for example, you cannot delete an account or change a phone number - this will cancel the application for a report.
In a blog, company representatives separately emphasized that WhatsApp shares only a limited amount of data with its owner, the Facebook company. Messages, photos, account information will not be transmitted to Facebook without the permission of the client. The social network has stopped using information from the WhatsApp account to provide relevant content.
However, some of the information, in particular, the device used, the operating system version and applications (and others), still falls into the hands of Facebook. The FAQ notes that this is necessary to increase the level of security of services and to combat spam (for example, to determine which Facebook Companies accounts belong to the same user).
Another update of the messenger is an increase in the age limit for users from 13 to 16 for EU residents. For residents of other regions registration will be possible from 13 years.
Paragraph 32 of the GDPR notes that “if the processing of personal data has several purposes, consent must be given for each of them”. Therefore, Facebook and other companies can no longer use the personal data they store for promotional purposes without the knowledge and permission of their owners. At the same time, companies do not have the right to deny access to the service to those who refused to monitor their actions on the network.
Therefore, Facebook has added a dialog box in which users can give their consent (or refuse) to collect this or that information about themselves. However, the manner in which this was done was criticized by such major publications as TechCrunch and The Guardian . They note that the application interface is designed to persuade users to quickly give their consent to the processing of all information and continue working with the service.
Facebook also returned to Europeans face recognition function, which has been banned since 2012 . It will be enabled by default, but it can be disabled by unchecking the corresponding checkbox in the settings.
Even on Facebook, it was possible to upload the search history on the social network, as well as the history of location tags - previously this data was only available in the user action log.
To do this, the company launched the service Download Your Information.
Data provided by the service includes status updates, deleted messages, video drafts that have not been downloaded, as well as lists of phone calls. However, as the editors of Wired note, this is not all that the company knows about its users. In their opinion, the tool does not show:
However, there is reason to believe that in the near future, users of the social network (at least in Europe) will have access to this information.
/ photo Garry Knight CC
Instagram also announced a new data download option (Data download). Access to information can be obtained in the section "Security and Privacy", leaving your email address. The application promises in 48 hours to send a link to the archive with photos, profile information, comments and other data. Currently, the feature is available only in the desktop version, but is already being developed for applications on iOS and Android.
On April 24, Twitter data protection specialist Damien Kieran published a post where he announced a social network privacy policy update. The purpose of the update is to clarify and inform users about what data they share with Twitter.
When the GDPR regulation comes into force, users will see a message about updating the network’s privacy policy when they log into their account. They will be asked to confirm or change the settings. Kiran also noted that people can contact his team directly if they have any questions about the treatment of PD and the entry into force of the GDPR. The latest updates on social network policies will be posted on the @Policy page.
PS What else do we write in the First blog about corporate IaaS:
PPS Some materials on the topic from our blog on Habré:
Today we decided to talk about what we have already entered into WhatsApp, Facebook, Instagram and Twitter.
/ photo Japanexperterna.se CC
')
The main goal of the GDPR is to provide citizens of 28 states (EU members) with control over the data they share with various services and media. The new regulation will affect the business of all companies that store and use data from users in the European Union.
Including it will concern and the American corporations. Therefore, companies are already taking steps to prepare for work in new conditions.
About whatsapp changes
A week ago, WhatsApp published an updated privacy policy and terms of service . To comply with the GDPR regulations, the messaging service created an office in the EU (WhatsApp Ireland Limited) and introduced a function that allows the user to request information about the account - these are settings, profile photos, group names, etc. Chat messages will not be transmitted in this way. But the correspondence history can be exported in other ways, depending on the smartphone OS.
On the new FAQ page, the company provided an algorithm of actions for requesting and downloading a report with account information. It is provided within three days after the application. During the processing of a request, account actions are restricted, for example, you cannot delete an account or change a phone number - this will cancel the application for a report.
In a blog, company representatives separately emphasized that WhatsApp shares only a limited amount of data with its owner, the Facebook company. Messages, photos, account information will not be transmitted to Facebook without the permission of the client. The social network has stopped using information from the WhatsApp account to provide relevant content.
However, some of the information, in particular, the device used, the operating system version and applications (and others), still falls into the hands of Facebook. The FAQ notes that this is necessary to increase the level of security of services and to combat spam (for example, to determine which Facebook Companies accounts belong to the same user).
Another update of the messenger is an increase in the age limit for users from 13 to 16 for EU residents. For residents of other regions registration will be possible from 13 years.
What Facebook adds
Paragraph 32 of the GDPR notes that “if the processing of personal data has several purposes, consent must be given for each of them”. Therefore, Facebook and other companies can no longer use the personal data they store for promotional purposes without the knowledge and permission of their owners. At the same time, companies do not have the right to deny access to the service to those who refused to monitor their actions on the network.
Therefore, Facebook has added a dialog box in which users can give their consent (or refuse) to collect this or that information about themselves. However, the manner in which this was done was criticized by such major publications as TechCrunch and The Guardian . They note that the application interface is designed to persuade users to quickly give their consent to the processing of all information and continue working with the service.
Facebook also returned to Europeans face recognition function, which has been banned since 2012 . It will be enabled by default, but it can be disabled by unchecking the corresponding checkbox in the settings.
Even on Facebook, it was possible to upload the search history on the social network, as well as the history of location tags - previously this data was only available in the user action log.
To do this, the company launched the service Download Your Information.
Data provided by the service includes status updates, deleted messages, video drafts that have not been downloaded, as well as lists of phone calls. However, as the editors of Wired note, this is not all that the company knows about its users. In their opinion, the tool does not show:
- browsing history in the browser;
- information about the applications used;
- data about advertisers who downloaded user contact information;
- advertisements with which the user interacted.
However, there is reason to believe that in the near future, users of the social network (at least in Europe) will have access to this information.
/ photo Garry Knight CC
Instagram and Twitter innovations
Instagram also announced a new data download option (Data download). Access to information can be obtained in the section "Security and Privacy", leaving your email address. The application promises in 48 hours to send a link to the archive with photos, profile information, comments and other data. Currently, the feature is available only in the desktop version, but is already being developed for applications on iOS and Android.
On April 24, Twitter data protection specialist Damien Kieran published a post where he announced a social network privacy policy update. The purpose of the update is to clarify and inform users about what data they share with Twitter.
When the GDPR regulation comes into force, users will see a message about updating the network’s privacy policy when they log into their account. They will be asked to confirm or change the settings. Kiran also noted that people can contact his team directly if they have any questions about the treatment of PD and the entry into force of the GDPR. The latest updates on social network policies will be posted on the @Policy page.
PS What else do we write in the First blog about corporate IaaS:
- What refers to personal data from the point of view of the Russian regulator
- Personal data in the cloud: processing principles
- Personal data protection: a European approach
PPS Some materials on the topic from our blog on Habré:
Source: https://habr.com/ru/post/358728/
All Articles