Facebook’s over-zealous face tagging
Should Facebook automatically suggest who is in a photo? Sebastian Huempfer asks whether Facebook’s photo tagging software infringes the privacy of its users.
Photo by claudiaveja under Creative Commons Attribution-NonCommercial-ShareAlike Licence.
The case
On 23 September 2012 Facebook disabled automatic face tagging in photos for all users in Europe following an audit by Ireland’s data protection commissioner. When automatic face tagging is enabled, facial recognition software scans a user’s photos and suggests who might be in them. European regulators had for months criticised the feature, with some arguing the “right to anonymity is in danger”. Facebook initially resisted, insisting that automatic tagging did not contravene European laws because users could easily opt out of the service. The company eventually accepted the demands when regulators threatened legal action and fines. Facebook had previously clashed with regulators in Ireland, headquarters of Facebook’s non-US operations, and in Germany, where privacy laws ban any collection of data without the user’s direct consent.
The company faced similar problems in the US. In August 2012 the US Federal Trade Commission finalised a settlement with Facebook requiring “biennial privacy audits for the next 20 years” and forcing Facebook to make all future changes to its privacy policies opt-in rather than opt-out. Crucially, however, “new products with new privacy controls” need not be opt-in. In a statement, Facebook’s CEO Mark Zuckerberg played down the significance of this settlement.
Author opinion
Facebook’s policy changes annoy many of its users, and some countries appear to be more protective of their privacy than others. Of my 22 Facebook friends who use fake names for their main account, 16 are German. Most European countries share a preference for stricter privacy rules than the US. This collective preference has worked its way through democratic institutions and a global company is now forced to offer slightly different products abroad. In my mind, this does not constitute what our second principle calls “illegitimate encroachment” because it is democratically legitimated.
The deeper problem with Facebook is that users are not just customers, but also the suppliers of information that Facebook sells to generate revenue. Not surprisingly, Facebook tries to get as much of that information as possible. But because Facebook has few credible competitors, it has become increasingly difficult for users to threaten to sell their information elsewhere. As long as there is no genuine alternative to Facebook, only collective pressure through regulation will stop the company from taking more information than users want to yield. This makes banning automatic tagging even more legitimate than a democratic mandate alone.