A student-led group in Europe said Tuesday that it is preparing to file a suit against Ireland’s data protection regulator over its audit of Facebook’s privacy policies.
The group, which calls itself europe-v-facebook.org, has published its own, 70-page report outlining the ways in which it believes the social network violates European law.
Max Schrems, who leads the group and who was recently profiled in The Washington Post, says Facebook collects too much information on its users. After asking the company for his own Facebook profile data last year, Schrems received a 1,222 pages listing three years of photos, comments and “likes” he had posted on the social network. He encouraged thousands of others to request their own information.
Schrems has brought 22 complaints against Facebook before the Data Protection Agency in Ireland, Facebook’s European headquarters, contesting the ways that the company collects and shares data on its network.
Unhappy with the IDPC’s audit, Schrems and his group are now challenging the report.
Scherms wrote in a release Tuesday that the commission had taken “half-hearted” steps to fix the problems he has identified. “The non-binding audit has led to improvements, but many are just going half the way to compliance with the law,” the release said.
The organization also wants access to the data, including the arguments Facebook provided to the Irish government, to assess whether the company addressed all 22 complaints.
The group said in its statement that it expects to take its grievances to court and has started a crowd-sourced fundraiser to help pay legal costs. In the release, Schrems said that he would like to see the case to go all the way to the European Court of Justice.
As The Post reported, Schrems has no way to sue Facebook directly in this case and is only able to bring an individual suit against the privacy regulators. In recent months, he has been trying to raise at least $260,000 to continue his fight against Facebook.
When asked about the group’s potential lawsuit, Facebook said in a statement that its practices have been closely scrutinized by the Irish agency.
“The two detailed reports produced by the DPC demonstrate that Facebook Ireland complies with European data protection principles and Irish law,” the company said. “Nonetheless we have some vocal critics who will never be happy whatever we do and whatever the DPC concludes.”
(The Washington Post Co.’s Chairman and Chief Executive, Donald E. Graham, is a member of Facebook’s board of directors.)