Facebook’s over-zealous face tagging
Should Facebook automatically suggest who is in a photo? Sebastian Huempfer asks whether Facebook’s photo tagging software infringes the privacy of its users.
Photo by claudiaveja under Creative Commons Attribution-NonCommercial-ShareAlike Licence.
On 23 September 2012 Facebook disabled automatic face tagging in photos for all users in Europe following an audit by Ireland’s data protection commissioner. When automatic face tagging is enabled, facial recognition software scans a user’s photos and suggests who might be in them. European regulators had for months criticised the feature, with some arguing the “right to anonymity is in danger”. Facebook initially resisted, insisting that automatic tagging did not contravene European laws because users could easily opt out of the service. The company eventually accepted the demands when regulators threatened legal action and fines. Facebook had previously clashed with regulators in Ireland, headquarters of Facebook’s non-US operations, and in Germany, where privacy laws ban any collection of data without the user’s direct consent.
The company faced similar problems in the US. In August 2012 the US Federal Trade Commission finalised a settlement with Facebook requiring “biennial privacy audits for the next 20 years” and forcing Facebook to make all future changes to its privacy policies opt-in rather than opt-out. Crucially, however, “new products with new privacy controls” need not be opt-in. In a statement, Facebook’s CEO Mark Zuckerberg played down the significance of this settlement.
Facebook’s policy changes annoy many of its users, and some countries appear to be more protective of their privacy than others. Of my 22 Facebook friends who use fake names for their main account, 16 are German. Most European countries share a preference for stricter privacy rules than the US. This collective preference has worked its way through democratic institutions and a global company is now forced to offer slightly different products abroad. In my mind, this does not constitute what our second principle calls “illegitimate encroachment” because it is democratically legitimated.
The deeper problem with Facebook is that users are not just customers, but also the suppliers of information that Facebook sells to generate revenue. Not surprisingly, Facebook tries to get as much of that information as possible. But because Facebook has few credible competitors, it has become increasingly difficult for users to threaten to sell their information elsewhere. As long as there is no genuine alternative to Facebook, only collective pressure through regulation will stop the company from taking more information than users want to yield. This makes banning automatic tagging even more legitimate than a democratic mandate alone.
We are all entitled to a private life but should accept such scrutiny as is in the public interest.
Timothy Garton Ash
A personal introduction
Imagine that everything you express to the person closest to you, in your most intimate moments, is immediately posted online for all the world to see. This would not just be a nightmare of embarrassment; it would also mean that you would express yourself less freely. As anyone who has lived in a police state knows, if you fear that someone else might be listening, you no longer speak your mind. So privacy is not just an important, legitimate limit to free speech. Privacy is a condition for free speech.