On Wednesday, Facebook announced a number of privacy changes that will be rolled out in the next few weeks to help consumers locate, control, download, and delete their personal data. The changes are largely cosmetic, but visual cues, such as a consent interface that encourages users to opt-in to data collection, can make a big difference. Recent consumer outrage has underscored how Facebook’s troubling privacy practices were hidden in the fine print and buried deep in its privacy settings.
As part of Wednesday’s privacy changes, Facebook redesigned its settings menu on mobile devices so that privacy options are available in a single place, rather than spread out across nearly 20 different screens. Facebook will also let users download more of their information than before, so they can see and manage the personal data they’ve shared with Facebook (including new categories such as likes, comments, reactions, search history, and location history), and transfer it to another service, if they choose.
Facebook also introduced a new tool called Access Your Information, which allows users to access and delete posts, reactions, comments, and search history.
“The last week showed how much more work we need to do to enforce our policies, and to help people understand how Facebook works and the choices they have over their data. We’ve heard loud and clear that privacy settings and other important tools are too hard to find, and that we must do more to keep people informed,” Erin Egan, vice president and chief privacy officer of policy, and Ashlie Beringer, vice president and deputy general counsel, wrote in a company blog post. The executives stressed that these changes had been in the works for awhile, in addition to privacy improvements that CEO Mark Zuckerberg promised last week, like making it easier for users to revoke access to third parties.
Zuckerberg has faced a maelstrom of criticism following reports that the political consulting firm Cambridge Analytica misused the personal data of millions of Facebook users. This weekend, Zuckerberg took out a full page ad in major newspapers in the US and UK apologizing for the “breach of trust.” Around the same time, reports surfaced that Facebook had been scraping call and text message data from Android users for years. The company assured irate users that they had opted in to the feature, though some complained they had not realized it.
But Facebook has another major motivator to clean up its privacy act. In May, a new consumer-centric privacy law will go into effect in the European Union called the General Data Protection Regulation (GDPR), which severely restricts the collection of personal data and demands increased transparency about how personal data is shared and why it is collected. Violators can face fines of up to 4 percent annual global revenue, which for Facebook could reach as high as $1.6 billion.
In January, Facebook said it would launch a privacy dashboard as part of its GDPR compliance efforts, and today’s announcement is part of that effort. Facebook promised more changes in the coming weeks, including updates to both its terms of service and its data policy, making them more transparent about what data is collected and how that data is used. “These updates are about transparency—not about gaining new rights to collect, use, or share data,” the executives wrote in Wednesday’s post.