Did Facebook violate EU privacy laws?

An extension to recover the old version of Facebook -

Geeko

Two cybersecurity researchers, Talal Haj Bakry and Tommy Mysk, claim that Facebook has violated European privacy laws.

A change in the previews of links sent via Messenger and Instagram would be indirect proof of Facebook's fault.

A few weeks ago, the two researchers had already revealed that link previews in popular messaging apps could lead to security and privacy concerns on iOS and Android, as MacRumors recalls.

Through these seemingly innocuous insights, applications were able to collect users' IP addresses, but also download large files or even collect private data without the knowledge of their users.

In the case of Facebook, its messaging applications used to download all of the content shared as a link on its servers, according to the two researchers.

Blatant proof

This copy of the link preview data stored on external servers could be considered an infringement of user privacy.

This practice is all the more worrying when some users exchange bills, contracts or medical records via Messenger or Instagram.

However, it seems that Facebook has recently made a change in its messaging applications, so that they comply with the European Union ePrivacy directive which entered into force at the end of 2020. Messenger and Instagram no longer offer previews of the links sent on their platform.

However, according to cybersecurity researchers, this change would be indirect proof that Facebook was violating European laws on confidentiality.

“This is an implicit confirmation that Facebook's handling of link previews in Messenger and Instagram did not comply with privacy regulations in Europe, otherwise they would not have disabled the feature… The discontinuation of this service in Europe strongly suggests that Facebook could use this content for purposes other than generating insights, ”the two researchers said.

Lack of transparency

Facebook would thus have violated several articles of the European regulation, including the obligation to inform users in a clear and complete manner about the treatment of their private data - in this case, the links sent via Messenger and Instagram.

The ePrivacy Directive prohibits Facebook - and others - from storing, processing or using information without the informed consent of users in the EU.

It is difficult to know if the EU could launch an investigation against Facebook on this subject today.

The two researchers, however, advise non-European users to avoid sending links via Messenger and Instagram, as the latter are not protected by the same rules applied by the EU.

High Tech

Facebook and Google "manipulate" users despite GDPR, study finds

World

Zoom, Messenger or WhatsApp ... A new European regulation to regulate online communications

• Social networks

• Cybersecurity

• Personal data

• Instagram

• Facebook

• Facebook Messenger

• High Tech