Privacy regulators in Canada have recently said that Facebook broke local privacy laws by mishandling user data. On Thursday, the regulators announced that they would be taking the company to court to force it to change how it protects consumer privacy.
“Facebook’s refusal to act responsibly is deeply troubling given the vast amount of sensitive personal information users have entrusted to this company,” says Daniel Therrien, privacy commissioner of Canada. “Their privacy framework was empty, and their vague terms were so elastic that they were not meaningful for privacy protection.”
The Office of the Privacy Commissioner of Canada opened its investigation into Facebook’s privacy practices following the Cambridge Analytica scandal last spring. Around 300,000 Facebook users across the globe downloaded the “This is Your Digital Life” app, which siphoned data to the political consulting firm Cambridge Analytica.
That abuse of data privacy standards resulted in the disclosure of data belonging to around 87 million people, and around 600,000 Canadians, according to the press release.
According to the report, Facebook did not obtain meaningful consent from users to share their data with the third-party app, it did not conduct proper oversight over apps with access to the platform, and it engaged in irresponsible behavior with consumer data. When prompted by authorities to submit to audits, Facebook refused, despite already complying with US data checkups.
For these reasons outlined in the report, the regulators intend to take their findings to Canadian federal court to seek an order that would require Facebook to change its privacy practices to account for their findings.
“The stark contradiction between Facebook’s public promises to mend its ways on privacy and its refusal to address the serious problems we’ve identified – or even acknowledge that it broke the law – is extremely concerning,” Therrien said.
The report also makes suggestions to update current privacy like allowing regulators to implement fines or conduct audits to ensure companies like Facebook are in compliance with the law.
“It is untenable that organizations are allowed to reject my office’s legal findings as mere opinions,” Therrien said.
Canadian regulators do not have the authority to wage fines like officials do in the US and the EU.
