22 décembre 2011

Irlande: rapport d'enquête sur Facebook

Le Data Protection Commissioner d'Irlande vient de rendre public son rapport d'enquête sur les pratiques de Facebook en matière de protection des renseignements personnels au regard de la loi irlandaise et, par le fait même de la Directive 95/46/CE.

On peut alors lire dans le communiqué de presse que:
"this Report is not the conclusion of our engagement with Facebook Ireland.  It is rather the first significant step on a road that can place it at the forefront of the technology sector in meeting users’ legitimate privacy expectations as to how their personal data is handled and empowering them to make informed choices when sharing that information on the site.  It is the role of our Office to ensure that Facebook Ireland complies with data protection law and this report assesses that compliance. Taking a leadership position that moves from compliance with the law to the achievement of best practice is for Facebook Ireland to decide but if it continues to display the commitment I witnessed throughout the Audit process it is certainly achievable.

The Report records significant recommendations and commitments from Facebook Ireland in relation to: 
- a mechanism for users to convey an informed choice for how their information is used and shared on the site including in relation to Third Party Apps;
- a broad update to the Data Use Policy/Privacy Policy to take account of recommendations as to where the information provided to users could be further improved;
- transparency and control for users via the provision of all personal data held to them on request and as part of their everyday interaction with the site;
- the deletion of information held on users and non-users via what are known as social plugins and more generally the deletion of data held from user interactions with the site much sooner than presently;
- increased transparency and controls for the use of personal data for advertising purposes;
- an additional form of notification for users in relation to facial recognition/”tag suggest” that is considered will ensure Facebook Ireland is meeting best practice in this area from an Irish law perspective;
- an enhanced ability for users to control tagging and posting on other user profiles;
- an enhanced ability for users to control whether their addition to Groups by friends;
- the Compliance management/Governance function in Dublin which will be further improved and enhanced to ensure that the introduction of new products or new uses of user data take full account of Irish data protection law.

Facebook Ireland’s delivery on its commitments will be evaluated throughout the first six months of 2012 and as part of an agreed formal review in July of next year that will take the form of a follow-up Audit."

(Source: Irish Data Protection Commissioner, Press Release, December 21, 2011)
À suivre donc. 

Aucun commentaire:

Enregistrer un commentaire

Remarque : Seul un membre de ce blog est autorisé à enregistrer un commentaire.