|
|
|
Sites such as Facebook and Myspace must ensure users' data is kept safe
Social networking sites (SNS) are legally responsible for their users' privacy, even if their headquarters are based outside the EU, Europe's privacy watchdogs have said.
The article 29 working party, a committee of data protection regulators, has said sites such as Facebook and MySpace are 'data controllers'. They said just because content is produced and posted by users, this does not allow these sites to escape their legal obligations.
But individual users need to be aware they also have a duty of care. There are no obligations on them when posting purely personal information, but those who do so on behalf of a club, society or company are also considered data controllers.
“They provide the means for the processing of user data and provide all the 'basic' services related to user management (e.g. registration and deletion of accounts). SNS providers also determine the use that may be made of user data for advertising and marketing purposes – including advertising provided by third parties,” said the committee.
Under European data protection legislation a data controller has greater legal responsibilities than a data processor. A data controller is a person who determines the purposes for which, and the manner in which, personal information is to be processed.
This may be an individual or an organisation and the processing – including using, storing and deleting data - may be carried out jointly or in common with other persons.
However, data processors do have some responsibilities. A data processor is an organisation or person processing personal data on behalf of another. Processing includes reading, amending, storing and deleting.
They must be clear about their identity, offer privacy-friendly default settings to any service they offer. They must also provide users with privacy warnings and should give warnings to users about the potential privacy implications of their actions.
According to privacy law expert William Malcolm the committee’s opinion offers clarity for companies and users, but should not contain surprises for followers of data protection law.
"This finally puts to bed the argument that social networking sites might not be data controllers and therefore might not be subject to the Data Protection Directive and its local implementing legislation,” he said.
Article tags
Related articles
With children using the family PC for more and more activities, it makes sense to protect them from unsuitable sites. We explain how to keep your youngsters safe
It's easy for other people to find out more about you than want them to know but we explain how you can lessen the chances of revealing too much online
No-one wants to think about it, but you should consider what will happen to your digital data after you die. We look at how to make sure it all goes to your heirs
Q.Why are some of the keys on my keyboard doing strange...
Q.Is my phone’s Bluetooth any use?
Q.Can I switch boot drives so that I can work on older...
Make a profit from your unused gadgets
Run Windows and Ubuntu on the same computer
Hide private folders
Save up to 40% on the price
Exclusive subscriber website
Our price won't be beaten
St Helena, a 'small British village' in the mid-Atlantic, is seeking support and funding for a broadband connection
|
|
|
|
|
Computeractive Excel (2010) Online tutorialPrice: £19.99 |
Computeractive Word (2010) Online TutorialPrice: £19.99 |
Computeractive Powerpoint (2010) Online TutorialPrice: £19.99 |
Angry BirdsPrice: £9.99 |
Back Issue CD-Rom 14 (2011)Price: £15.99 |
Excellent article
Well done for digesting the EU report
Posted by Jennifer Perry - E-Victims, 24 Jun 2009