EU hearing: Zuckerberg gives no answer regarding shadow profiles

As before in the US Congress, the Facebook CEO avoided the most important question of whether Facebook also collects and stores data about non-members. Instead, he again cited security purposes.

Björn GreifEditor

Yesterday’s hearing with Mark Zuckerberg before the group chairmen and selected Members of the European Parliament in Brussels was supposed to shed light on how Facebook deals with confidential data and privacy. And MEPs’ questions were indeed much more pointed and sharper than those of their colleagues in the US Congress a few weeks ago. But due to an odd format, in which MEPs first asked all their questions at the beginning and then let Zuckerberg answer everything at the end, the Facebook CEO was more or less able to avoid inconvenient questions.

In the end, he once again failed to provide a clear answer to the most crucial question: whether Facebook is collecting and storing non-users’ data, which would inevitably result in shadow profiles. There was also no answer on whether non-members can see what data Facebook collected, delete it or whether it’s used commercially.

Zuckerberg again puts forward security reasons

It was only after Syed Kamall, co-President of the European Conservatives and Reformists Group (ECR), asked several times that Zuckerberg set about answering the question on shadow profiles, which was obviously unpleasant for him. It was all excuses though: First, he explained that Facebook users could delete data collected about them on third-party websites and in apps by using the recently announced Clear History feature. As before in the US Congress, he cited security purposes for tracking-based data collection outside the Facebook platform.

When Kamall asked again how non-Facebook users can stop that data from being transferred, Zuckerberg briefly repeated: “On a security side, we think it is important to keep it to protect people in our community.” Then he quickly changed the subject, which the MEPs let him get away with due to a lack of time.

A clear violation of GDPR

“His attempts to justify the surveillance of everyone’s browsing behavior, regardless of whether he or she is a Facebook user or not, with security reasons is very unsettling as it reveals that he has no idea of the concept of privacy,” says Jean-Paul Schmetz, Managing Director and Founder of Cliqz. “As a society, we’d never allow the police to intercept all citizens’ browsing activities for security reasons. Why should we allow Facebook?”

To detect bots or fraudulent login attempts, third-party tracking is probably helpful, but not needed at all. A company like Facebook certainly can find less invasive methods to strengthen security, which are not so much at the cost of the privacy of all Internet users.

Zuckerberg also said in the hearing that Facebook will be fully GDPR compliant on May 25th. However, without a Facebook profile users can’t access or delete the data Facebook has collected about their browsing behavior and which they never gave their consent for in the first place. That’s a clear violation of GDPR and exposes Zuckerberg’s disrespect of the right of privacy.

Massive criticism of the hearing format

Immediately after the meeting, many participants criticised the format of the hearing: “unfortunately the format was a get out of jail free card and gave Mr. Zuckerberg too much room to avoid the difficult questions.”, Syed Kamall wrote on Twitter.

His colleague Guy Verhofstadt, President of the Group of the Alliance of Liberals and Democrats for Europe (ALDE), who asked Zuckerberg, among other things, about adequate compensation for users in return for the data collected for advertising purposes, made a similar statement:

We can only hope that the pledged written answers to the many outstanding questions will finally create the transparency that Zuckerberg never grows tired of promising. We will stay tuned!