Facebook suspends photo tagging tool in Europe

Facebook has suspended its facial recognition photo tagging service in Europe following a privacy audit by the Irish Data Protection Commission

Facebook will suspend its facial recognition photo tagging service in Europe by 15 October, following a privacy audit by the Irish Data Protection Commission (DPC).

The technology, which suggests when registered users could be tagged in photographs uploaded to the site, was identified by regulators as one of the main privacy threats posed by Facebook.

The move follows a review of Facebook’s efforts to implement changes recommended last year by the DPC in Ireland, where Facebook’s European operation is headquartered, according to the BBC.

But the social networking company says it wants to reinstate the feature once a form of consent can be found that meets new guidelines issued by the European Union.

In December 2011, the DPC gave Facebook six months to comply with its recommendations, which included more transparency about how data is used and individuals targeted by advertisers, as well as more user control over privacy settings.

Irish data protection commissioner, Billy Hawkes welcomed the suspension of the photo tagging tool and said Facebook was sending a clear signal of its wish to demonstrate its commitment to best practice in data protection compliance.

Read more about Facebook privacy

  • How to reassess privacy settings in wake of Facebook cloaking issues
  • Data privacy issues present new data governance challenges
  • Zuckerberg recommits to Facebook privacy policy after FTC lashing

On Friday, Richard Allan, Facebook's director of policy for Europe, said that considering the wide ranging investigation by the DPC, Facebook’s overall scorecard was very good, but the DPC said there were still some areas where more work was required.

The DPC is concerned about whether photos marked for deletion were actually being deleted within 40 days as required under Irish Data Protection law. It also wants Facebook to contact users with inactive accounts within two years of their last log-in and to do more to educate users about its privacy policies.

The DPC wants an update within a month on these outstanding issues, as well as more information in relation to advertising, because of concerns about the potential for the use of sensitive data such as ethnicity, trade union membership and political affiliation to be used by advertisers.

Facebook could be fined up to £80,000 if it does not comply with the latest orders of Irish regulators by the four-week deadline, according to the Telegraph.

The social networking firm said it was confident it could continue to resolve the outstanding issues and vowed to continue to work with Irish regulators to ensure it remains compliant with European data protection laws as new products and features are created, the paper said.

Read more on Privacy and data protection