This is quite something to read. The Irish data protection authority is where most GDPR complaints against US tech companies like Facebook end up, because the European activities of these companies are registered there. It has been quite clear in the past few years how enormously slow the Irish DPA has been in dealing with those complaints. Up to the point where the other DPA’s complained about it, and up to the point where the European DPA intervened in setting higher fine levels than the Irish DPA suggested when a decision finally was made. Now noyb publishes documents they obtained, that show how the Irish DPA tried to get the other national DPA’s to accept a general guideline they worked out with Facebook in advance. It would allow Facebook to contractually do away with informed consent by adding boiler plate consent to their TOS. This has been the FB defense until now, that there’s a contract between user and FB, which makes consent unnecessary. I’ve seen this elsewhere w.r.t. to transparency and open data in the past as well, where government entities tried to prevent transparency contractually. Contractually circumventing and doing away with general legal requirements isn’t admissable however, yet that is precisely what the Irish DPA attempted to make possible here through a EU DPA Guideline.
Reading this, the noticeable lack of progress by the Irish DPA seems not to be because of limited resources (as has been an issue in other MS), but because it has been actively working to undermine the intent and impact of the GDPR itself. Their response to realising that adtech is not workable under the GDPR seems to be to sabotage the GDPR.
The Irish DPA failed to get other DPA’s to accept a contractual consent bypass, and that is the right and expected outcome. That leaves us with what this says about the Irish DPA, that they attempted it in the first place, to replace their role as regulator with that of lobbyist:
It renders the Irish DPA unfit for purpose.
There are many companies named Meta, Opencorporates lists 8890 of them, about a third of them in the USA, and a handful named Meta Company. Interestingly the one doing the rounds the past few days with an ‘open letter‘ decrying Facebook’s behaviour in trying to wrest their name and domains from them, isn’t among them: Meta.Company. Nick Stulic, signing as founder, has no Google search results alongside the name Meta but without Facebook, and also has almost no online traces for the name only. Quite a feat in itself, but it raises questions in this context. There’s no Linkedin Profile for the name, the social media accounts have been created last month, and the domain has no archive traces earlier than this month. The logo above the letter has no results on tineye.com.
True, Open Corporates does not seem to hold US companies from Chicago/Illinois, where this one says to originate. Searching for the Meta company name in Chicago does surface a local fintech company that had an angel investment round last year. They used a different domain, metacash.io (now for sale), and name a different founder. There is a Nick Stulic, who coded in python some years back it seems. The domain meta.company was registered in 2014.
But there is nothing about what the company actually does in the letter, nor is there anything but that letter on its website. The named legal offices exist but don’t pertain to the company, but to the suggested FB actions.
The ‘open letter’ precisely boosts a notion about FB that seems to fit perfectly, and that many will want to believe. But I’ll put this one in the stack marked fake.
Thirteen years ago today I blogged about Google launching Open Social, an API that would allow developers to tap into multiple social networks at once. It was supposed to be an answer to Facebook (who then had opened up their
platform silo for developers to build small applications (since removed as an option). The NYT called it Google ‘ganging up’ on Facebook, the ‘new kid on the block’ (FB became globally available to all in the fall of 2006).
Seeing that 2007 posting in my ‘on this blog today in…’ widget I was curious to see whatever happened to Open Social. After the launch in 2007, I don’t remember hearing much about it anymore.
Following the link to Google’s own page on Open Social now gets a 404 error message (which isn’t different from 2007 when I blogged it, because news leaked before the launch, so that page wasn’t active yet. In between today and today in 2007 it has been a working link for some years though as the Internet Archive can attest) Wikipedia has the story of the years in between in more detail. The Open Social standard saw it latest release in August 2013, and then development stopped.
By the end of 2014 it was all transferred to the W3C’s Social Activity, the Social Web Working Group, and the Social Interest Group. All those three are defunct now too (the interest group closed in 2016, the working group and activity early 2018).
Yet, the still remaining W3C Working Group page has a photo with a number of familiar faces: core members of the IndieWeb community. And the Working Group delivered in their 2014-2018 period of activity the W3C standard recommendations for all the major building blocks of the IndieWeb (Webmentions, Micropub, Microsub, Activitypub, IndieAuth). The W3C activity wound down and reduced to a single W3C IRC channel #social that sees little activity. The log files of #social are hosted on indieweb.org.
So here we are, thirteen years down the road. It’s not Google but IndieWeb-enabled websites like mine ‘ganging up on Facebook’ instead. 😉
Facebook has warned that it may pull out of Europe if the Irish data protection commissioner enforces a ban on sharing data with the US, after a landmark ruling by the European court of justice found in July that there were insufficient safeguards against snooping by US intelligence agencies.
Never issue a threat you’re not really willing to follow up on… FB says it might stop servicing EU citizens because it isn’t allowed to transfer their data to US servers over data protection concerns. To me it would seem good news if the FB data-kraken would withdraw its tentacles. It is also an open admission that they can’t provide their service if it is not tied to adtech and the rage-fed algorithmic timeline built on detailed data collection. Call it, I’d say.
He cannot hold on to such enormous power and avoid responsibility when things get tough.
Karen Swisher, in a NY Times column about the many troubling aspects of Facebook and Zuckerbergs centralised power, seeks a fitting metaphor for how he and FB behave regarding their responsibilities as a
platform content distributor and editor and curator of that content. (FB should not be seen as a platform, until they have open API’s. That they removed FB apps and APIs over time is a sign they do not regard themselves as platform either, it’s just a convenient legal position to claim.)
She ends up with comparing Zuckerberg to a butcher disavowing responsibility for the meatproducts he sells, as most are made by others. Yes some meatproducts are rotten, but who is he to take people’s freedom to poison themselves, even he’d never eat it himself.
Jason Kottke lifts the metaphor out of Karen Swisher’s column and adds a very peculiar anecdote from 2011 when Zuckerberg only wanted to eat meat of animals killed by himself.
As Jacky Alciné says, an amazing exit from Instagram (a Facebook company) by Greg Storey:
Also see last month’s post by Om Malik leaving WhatsApp and IG, and my own second ditching of FB at the same time (the first ditching was 2 yrs earlier).