Facebook ordered to boost privacy after critical audit

The audit was launched in October and was carried out by the Irish Data Protection Commission (DPC).

It was prompted by complaints from privacy groups claiming Facebook was creating "shadow profiles" of individuals not on the social network, and using the "Like" button and other social plug-ins to track users after they had logged out.

The 800 million-member social network, whose European operations are based in Dublin, has now agreed to a series of privacy improvements, including deleting unneeded user data, which are to be completed within six months.

Among the best-practice recommendations Facebook has agreed to implement are: increased transparency and controls for the use of personal data for advertising purposes; additional notifications to European users about Facebook's facial recognition photo-tagging feature; deleting information held by users or non-users outside of the site, when users access websites with social plug-ins, such as "like" and  improving  the information Facebook users are given about how to control their personal information on the site and when using its applications.

Facebook has agreed to a formal review into its delivery on these commitments in July next year.

The DPC said in a statement that because of the "almost Darwinian" nature of the Facebook site, which was constantly evolving, there would "constantly" be ""an absolute need" to have "robust mechanisms" in place to keep pace with the innovation that was the source of its success.

Richard Allan, director of public policy at Facebook EMEA, wrote on the company's blog yesterday: "We work on a daily basis with regulators around the world, and we appreciate the investment of time and effort by the DPC and its leadership to improve the experience of Facebook users.

"As a result of their work, we are better able to give people the ability to connect and share and make the world more open. We have benefited from the open, honest and cooperative relationship and look forward to continue working together."

Details of the audit come just weeks after Facebook settled issues with the US Federal Trade Commission, over privacy complaints.

As a result of the probe, Facebook agreed to gain users' consent before making any changes to their privacy settings, as well as 20 years of independent audits. At the time of the settlement, Facebook founder and chief executive Mark Zuckerberg admitted the company had "made a bunch of mistakes" in relation to privacy on the site.

The privacy settlements come ahead of the company's flotation next year, which has been tipped to value the company at $100m.

Follow Sarah Shearman on Twitter @Shearmans

This article was first published on mediaweek.co.uk