Facebook has been sharply criticised by European data protection officials for putting users’ privacy at risk with changes to its service.
Officials advising the European Commission said in a letter to the social networking company that changes to its default settings made last December were “unacceptable”.
It is the strongest rebuke yet for the US company from European data protection officials and indicates an increasing willingness to crack down on privacy violations.
Officials said Facebook needed default settings that ensured only selected contacts could see user profiles. Users should be able to choose explicitly whether their information could be accessed by search engines.
Facebook’s changes in December meant that users’ profiles were made accessible to others by default, and certain aspects – such as lists of friends – were impossible to keep private.
Richard Allan, Facebook’s director of public policy in Europe, said he was considering the company’s response to the letter. Facebook has made a few adjustments to address privacy concerns raised by European regulators in the past, but he said there could be some areas where the company would be unwilling to compromise.
For example, European data authorities have wanted users to be able to log on to social networking sites under pseudonyms – something that is enshrined in German law. However, this went against Facebook’s principles, which require all users to register under their real names, Mr Allan said.
“We would argue that it is not appropriate for us to allow this,” he said.
Facebook is encouraging users to share increasing amounts of information as it competes with sites like Twitter and seeks new kinds of advertising deals.
The social networking site, which has more than 400m users, has faced a barrage of criticism on both sides of the Atlantic. In the US, the Electronic Privacy Information Center filed a complaint over the December changes with the Federal Trade Commission, and FTC commissioners recently criticised Facebook for not doing more to protect users.
In Canada, the company was forced to make changes to its data policies after being threatened with court action by the country’s privacy commissioner.
Viviane Reding, the European Union’s information society commissioner, has warned social networking sites that they must do more to protect minors or face legislation.
The latest letter to Facebook is from the Article 29 Working Party, an influential group of data protection officials from 31 countries, which advises the European Commission on privacy matters.