The change comes in prelude to the EU's new data regulations.
21 Apr, 2018FORTUNE.COM
Facebook users have long complained that the service’s privacy settings and data collection information was too complicated and hard to find. In effort to reduce that confusion, the company has come out with a new privacy guide to go along with an updated data collection policy.
The changes come in prelude to new European Union rules that take effect on May 25 requiring companies to add more privacy controls and clearly disclose how and why they collect user data. The changes will eventually affect all Facebook users regardless of location, but they will first roll out in Europe.
While Facebook’s new privacy and data collection policies are more clearly laid out, it’s still a lot of information to digest. Here are the main takeaways from the new data policy.
Facebook’s new data policy guide tries to spell out the kind of user information it shares and with whom. Specifically, Facebook collects content users provide from when you sign up, when you upload or share content, and when you communicate with others on Facebook.
But it’s not just you sharing information about yourself. When others post a photo of you, post something about you, upload or sync your contact info or message you--Facebook collects that information too.
Facebook users have a number of ways to spend money through the service including in-game purchases and donations. Whenever you pay for something through the site, Facebook collects information about the transaction, including payment information like debit and credit card numbers, authentication information, and billing and shipping details.
A big question that repeatedly came up when Facebook founder and CEO Mark Zuckerberg testified before Congress earlier this month was whether it sells data about individual users to advertisers. Zuckerberg answered each time that Facebook does not and instead uses that information internally to target ads.
The new data policy more clearly lays out how exactly Facebook handles ads and user data. The company says it only shares non-personally identifiable information like telling an advertiser that an ad did well with a certain demographic. In addition to advertisers, Facebook also provides some information to service providers or vendors that provide technical support, customer support or other services.
Facebook is making a few changes including prompting users about whether they want to keep sharing political or religious information and whether they want to allow targeted ads. Users already had the ability to turn off targeted ads and remove religious or political information from their profiles, but now users will specifically be asked about those matters.
Users in the EU and Canada must now opt into allowing Facebook to use facial recognition technology to suggest friends to tag in photos and videos or to detect when others may be trying to use your image as their profile picture. Users previously had to choose to turn the feature off rather than opt in.
The GDPR also gives more protections to minors from data collection and to maintain more privacy. Facebook already has certain safety settings for users ages 13 to 18, but now they will also need a parent or guardian’s permission to allow some features like seeing targeted ads in certain countries (Facebook doesn’t say who it will get parental consent or how it will verify that any consent is legitimate). However, Facebook will continue to collect information about minors use of the site, regardless of their ad targeting preference. And regardless of location, Facebook will prompt those users globally on whether they want targeted ads or not.
However, for most users, Facebook’s data collection and opting in user to certain data collection practices will not change. Instead, users will, in some cases, be more directly asked, and information about what data is being collected will be more clearly disclosed. Facebook itself said it is not asking for new rights “to collect, use or share your data on Facebook” or changing any of users’ previous privacy choices.