Facebook has already been on the wrong end of a privacy investigation in Germany, but it looks like the company’s legal woes aren’t quite over yet. The New York Times reports that German data protection officials have reopened their investigation into Facebook’s facial recognition technology after it became apparent that Facebook wasn’t going to change its policy. According to data protection commissioner Johannes Caspar, Facebook is building a database of user photos for its facial recognition feature, something that is illegal under European privacy law.
It isn’t illegal for Facebook to build that database, but it is illegal for Facebook to do it without the consent of its users. Facebook hasn’t done that, instead including everyone in the collection from the start, and giving users the opportunity to opt-out. Since Facebook hasn’t complied, Caspar is demanding that the company destroy its database of German users and begin collecting data from only those who have given their consent.
Facebook, for its part, thinks that its policies are in line with privacy laws in Ireland, where the company’s European efforts are based, but Ireland isn’t sure that’s the case. Irish data officials will be conducting another audit of the company’s practices, and in the meantime, deputy data commissioner Gary Davis says that Facebook has agreed to temporarily to suspend picture tagging for all European users who join after July 1.
Caspar says that his investigation should be finished by the end of September, by which time he will formally request that Facebook change its policy. With Germany demanding that Facebook destroy its database, don’t expect the company to follow orders without putting up a fight. Stay tuned, because we could be headed for a whole new privacy fight over in Europe.