After Facebook was stopped from launching a dating service in Europe on Feb. 13, infosec experts are left wondering if the social media network had learned anything from the Cambridge Analytica debacle in 2018 or the platform’s other data privacy transgressions.
The EU found Facebook committed data protection violations
within the forthcoming service, such as demonstrating that a required
assessment of privacy risks had been performed.
Separately, the Irish Data Protection Commission (DPC) faulted
Facebook for not providing enough advanced warning about the dating service,
which the DPC only learned about on Feb. 3.
A Facebook spokesperson told TechCrunch,“It’s really
important that we get the launch of Facebook Dating right so we are taking a
bit more time to make sure the product is ready for the European market.” But
in regard to the Irish regulator, Facebook said it had no legal obligation to
notify the IDPC of product launches.
Matt Meckes, co-founder of Cohaesus, views the go-around attempt as being tone-deaf.
“Attitudes to data need to change and although steps are
being taken to hold internet giants to account, like the introduction of GDPR,
companies also need to take responsibility,” Meckes said.
The dating service launched in the U.S. last fall at which
time Facebook said a European launch was planned by early 2020.
The European delay, according to Meckes, “shows how difficult
it is for an organization the size of Facebook to change its philosophy around user
data,” which it captures continuously without know what its future use might be.
“Customers shouldn’t be viewed as data banks, where
companies extract everything and anything they can about a user,” he added
Meckes praised the European courts for doing a great job in
holding Facebook to account and he hopes they continue to do so no matter how
influential a company might be.