FACEBOOK ESTÁ DIRECIONANDO OS USUÁRIOS PARA LONGE DAS PROTEÇÕES DE PRIVACIDADE

FACEBOOK IS STEERING USERS AWAY FROM PRIVACY PROTECTIONS

ALYSSA FOOTE

FACEBOOK WEDNESDAY ANNOUNCED changes to how it asks users for permission to collect their personal information, in order to comply with strict new European privacy rules. But critics say Facebook’s new offerings seem designed to encourage users to make few changes and share as much information as possible.

The European rules, called the General Data Protection Regulation, or GDPR, go into effect May 25th and will apply to any companies that collect or process data on individuals in the EU. They require that consumers give informed consent to how their data is being collected and used. Critics, however, say the consent process Facebook outlined relies on design tricks that encourage users to share their personal information widely.

Paul-Olivier Dehaye, a Belgian mathematician and cofounder of PersonalData.IO, whose requests to see his Facebook data under EU law forced the company to include more information about ad tracking, says Facebook’s “confusing choices [are] nudging people in one direction.” Dehaye says Facebook’s approach to GDPR will likely attract the attention of regulators and nonprofits, scrutiny the company likely did not anticipate when the rules were approved in 2016. European privacy activists like Max Schrems are already planning to use options for collective action under GDPR to go after tech giants. “If Facebook goes on this way, it’s a clearer first target,” says Dehaye.

Sandy Parakilas, a former Facebook operations manager who warned the company about privacy issues, says Facebook appears to want to comply with the letter of the European rules, while changing as few of its data-handling practices as possible. “Everything about the page is designed to manipulate you into doing the thing they want,” he says. “The goal of the design exercise is to get you to accept, and not go into your settings and turn things off.”

In a statement to WIRED about the criticism, a spokesperson for Facebook said, "We're ensuring that all of our products and services comply with the GDPR."

The law applies principally to data about Europeans, but Facebook says it is changing how it asks users for consent worldwide. “We not only want to comply with the law, but also go beyond our obligations to build new and improved privacy experiences for everyone on Facebook,” Erin Egan, Facebook’s vice president and chief privacy officer, and Ashlie Beringer, vice president and deputy general counsel, wrote in a blog post Wednesday. “We want to be clear that there is nothing different about the controls and protections we offer around the world.”

The changes Facebook displayed Wednesday would alter how the company asks you for consent to collect personal data about you from other websites and apps in order to target ads; consent to share sensitive information on your profile; consent around facial recognition; consent for data tracking and sharing political and religious views on teen users; and an updated terms and services policy.

A press briefing Tuesday at Facebook’s headquarters about the changes turned critical, according to TechCrunch. (WIRED was not invited to the briefing.) Reporters scoffed when a Facebook product designer defended the company’s updated Terms of Service, which offers users either a big blue “I ACCEPT” button or a hyperlink for another option in small gray type.

FACEBOOK

Many of the other choices Facebook displayed showed similar disparities, using tiny font or grayed-out options for users to restrict access to data. Some are more stark. Take the privacy screen that pops up for 13- to 15-year-olds, who have special protections under GDPR. Under Facebook’s new terms, teens who have shared their religious and political views or sexual preferences will have to get parental permission or see a less personalized version of Facebook. To gain permission, users must only enter an email address and have whoever is behind that email give consent; the person giving consent does not have to verify that she is a parent or guardian, or even a different person, TechCrunchreports.

FACEBOOK

Jason Kint, CEO of Digital Content Next, a trade association representing content companies, says Facebook’s approach was disappointing, because other companies may follow its approach. “We’ve asked them to try to raise the bar because the rest of the industry follows their lead,” he says. “It seems like they’re letting their investor relations group manage their product design.”

If Facebook succeeds in winning consent with such small changes, others may follow suit and hopes that GDPR will spur big changes in corporate-privacy practices may not be realized.

Facebook is not unique in its desire to preserve its dominance. In March, Google announced updates to AdWords, which independent legal analysis from the firm Frankfurt Kurnit commissioned by Kint’s organization found to be a legal dodge. “The consent structure proposed by Google fails to meet the transparency, specificity, and granularity standards required by the GDPR for purposes of obtaining legally valid end user consent,” the analysis said. Facebook is doing the same thing, but from a design perspective, Kint says. Google did not immediately respond to request for comment.

David Lucas, a partner with the law firm Bradley whose clients include tech companies in the US and Germany, says tech companies are likely most concerned about GDPR provisions allowing for fines of up to 4 percent of global revenue for companies found to willfully not comply with the law. By showing these updates and changes, Facebook can argue it intended to comply. “Even if they’re found not to fully comply, they’ve at least mitigated their risk,” he says.

Among the new forms Facebook will present to users is one allowing the company to collect data as users browse the web and tap other apps. But Kint questions how informed that permission will be. A few weeks ago, his organization commissioned a survey of 1,000 adults where 44 percent of respondents say they did not expect Facebook to collect data about their activities while on Facebook. “It’s all about consumer expectations, that’s what matters here,” Kint says.

ALYSSA FOOTE

O FACEBOOK ANUNCIOU NA QUARTA-FEIRA mudanças em como pede permissão aos usuários para coletar suas informações pessoais, a fim de cumprir com as novas regrasrígidas de privacidade na Europa . Mas os críticos dizem que as novas ofertas do Facebook parecem destinadas a encorajar os usuários a fazer poucas mudanças e compartilhar o máximo de informações possível.

The European rules, called the General Data Protection Regulation, or GDPR, go into effect May 25th and will apply to any companies that collect or process data on individuals in the EU. They require that consumers give informed consent to how their data is being collected and used. Critics, however, say the consent process Facebook outlined relies on design tricks that encourage users to share their personal information widely.

Paul-Olivier Dehaye, a Belgian mathematician and cofounder of PersonalData.IO, whose requests to see his Facebook data under EU law forced the company to include more information about ad tracking, says Facebook’s “confusing choices [are] nudging people in one direction.” Dehaye says Facebook’s approach to GDPR will likely attract the attention of regulators and nonprofits, scrutiny the company likely did not anticipate when the rules were approved in 2016. European privacy activists like Max Schrems are already planning to use options for collective action under GDPR to go after tech giants. “If Facebook goes on this way, it’s a clearer first target,” says Dehaye.

Sandy Parakilas, a former Facebook operations manager who warned the company about privacy issues, says Facebook appears to want to comply with the letter of the European rules, while changing as few of its data-handling practices as possible. “Everything about the page is designed to manipulate you into doing the thing they want,” he says. “The goal of the design exercise is to get you to accept, and not go into your settings and turn things off.”

In a statement to WIRED about the criticism, a spokesperson for Facebook said, "We're ensuring that all of our products and services comply with the GDPR."

The law applies principally to data about Europeans, but Facebook says it is changing how it asks users for consent worldwide. “We not only want to comply with the law, but also go beyond our obligations to build new and improved privacy experiences for everyone on Facebook,” Erin Egan, Facebook’s vice president and chief privacy officer, and Ashlie Beringer, vice president and deputy general counsel, wrote in a blog post Wednesday. “We want to be clear that there is nothing different about the controls and protections we offer around the world.”

The changes Facebook displayed Wednesday would alter how the company asks you for consent to collect personal data about you from other websites and apps in order to target ads; consent to share sensitive information on your profile; consent around facial recognition; consent for data tracking and sharing political and religious views on teen users; and an updated terms and services policy.

A press briefing Tuesday at Facebook’s headquarters about the changes turned critical, according to TechCrunch. (WIRED was not invited to the briefing.) Reporters scoffed when a Facebook product designer defended the company’s updated Terms of Service, which offers users either a big blue “I ACCEPT” button or a hyperlink for another option in small gray type.

FACEBOOK

Many of the other choices Facebook displayed showed similar disparities, using tiny font or grayed-out options for users to restrict access to data. Some are more stark. Take the privacy screen that pops up for 13- to 15-year-olds, who have special protections under GDPR. Under Facebook’s new terms, teens who have shared their religious and political views or sexual preferences will have to get parental permission or see a less personalized version of Facebook. To gain permission, users must only enter an email address and have whoever is behind that email give consent; the person giving consent does not have to verify that she is a parent or guardian, or even a different person, TechCrunchreports.

FACEBOOK

Jason Kint, CEO of Digital Content Next, a trade association representing content companies, says Facebook’s approach was disappointing, because other companies may follow its approach. “We’ve asked them to try to raise the bar because the rest of the industry follows their lead,” he says. “It seems like they’re letting their investor relations group manage their product design.”

If Facebook succeeds in winning consent with such small changes, others may follow suit and hopes that GDPR will spur big changes in corporate-privacy practices may not be realized.

O Facebook não é único em seu desejo de preservar seu domínio. Em março, o Google anunciou atualizações para o Google AdWords, que a análise jurídica independente da empresa Frankfurt Kurnit encomendada pela organização de Kint revelou ser uma fuga legal. "A estrutura de consentimento proposta pelo Google não atende aos padrões de transparência, especificidade e granularidade exigidos pelo GDPR para fins de obter o consentimento do usuário final legalmente válido", disse a análise. Facebook está fazendo a mesma coisa, mas a partir de uma perspectiva de design, diz Kint. O Google não respondeu imediatamente ao pedido de comentários.

David Lucas, sócio do escritório de advocacia Bradley, cujos clientes incluem empresas de tecnologia nos Estados Unidos e na Alemanha, diz que as empresas de tecnologia estão mais preocupadas com as provisões de GDPR que permitem multas de até 4% da receita global para empresas que não cumpram deliberadamente. a lei. Ao mostrar essas atualizações e mudanças, o Facebook pode argumentar que pretende cumprir. "Mesmo se eles não cumprirem totalmente, eles pelo menos mitigaram o risco", diz ele.

Entre os novos formulários que o Facebook apresentará aos usuários está um que permite que a empresa colete dados à medida que os usuários navegam na Web e acessam outros aplicativos. Mas Kint questiona como essa permissão será informada. Há algumas semanas, sua organização encomendou uma pesquisa com 1.000 adultos, na qual 44% dos entrevistados disseram não esperar que o Facebook coletasse dados sobre suas atividades enquanto estivessemno Facebook. "É tudo sobre as expectativas dos consumidores, é o que importa aqui", diz Kint.