By Jessica Guynn, Los Angeles Times –
SAN FRANCISCO — Facebook Inc. has agreed to delete all the facial recognition data it has collected from European users and switch off the feature in Europe by Oct. 15.
The move follows a review of the facial recognition feature that prompts users to “tag” friends in photos uploaded to the service.
Ireland’s privacy regulator, Billy Hawkes, said Facebook would not turn it back on without agreeing with his office on “the most appropriate means of collecting user consent.” He said Facebook was “sending a clear signal of its wish to demonstrate its commitment to best practice in data protection compliance.”
Hawkes’ office, which began reviewing Facebook’s compliance with Irish and European Union data protection rules in 2011, has urged Facebook to give users a better understanding of how their personal data is handled and increased control over privacy settings. He said that the “great majority” of the recommendations had been implemented to the regulator’s satisfaction.
“This audit is part of an ongoing process of oversight, and we are pleased that, as the Data Protection Commissioner said, the latest announcement is confirmation that we are not only compliant with European data protection law but we have gone beyond some of their initial recommendations and are fully committed to best practice in data protection compliance,” Facebook spokesman Andrew Noyes said in an emailed statement.
Germany’s Hamburg Commissioner for Data Protection also issued an administrative order that Facebook can only create and store facial recognition data with the consent of users.
The German data protection official reopened an investigation into Facebook’s facial recognition technology in August, saying that Facebook was saving images of users’ faces in a database without their explicit consent in violation of European privacy laws. At the time, Facebook said it notified European users of the data collection.