As Facebook prepares for its $5 billion initial public offering here in the U.S., European representatives are meeting with student activists from Austria regarding complaints the group has filed over how the company handles private information.
On Monday, Richard Allan, Facebook's European director of policy and a former member of Parliament in Britain, and another California-based Facebook executive are meeting with Max Schrems and other student activists from the group Europe v. Facebook, which filed complaints against Facebook with the Irish Data Protection Commissioner (DPC) in August and September.
Facebook makes money through advertisements on its site. And it's able to sell targeted advertising based on the detailed information it collects and shares with advertisers. It's a lucrative business, generating $3.2 billion in revenue for the company in 2011.
But European regulators and activist groups, such as Europe v. Facebook, worry that Facebook is compromising users' privacy when collecting, storing and transferring this information. Some regulators are looking to impose stricter rules, while activists, like Europe v. Facebook are pushing for regulators to enforce many of the laws already in place.
The big question for Facebook is whether or not the company will be able to satisfy the concerns from privacy activists and government regulators, while still serving enough information to advertisers to make Facebook a valuable platform on which to target consumers. The company cited future regulation throughout the world, which might restrict its ability to collect and share data with advertisers, as a potential risk to its revenue stream in the company's S1 filing with the Securities and Exchange Commission.
"Our business is subject to complex and evolving U.S. and foreign laws and regulations regarding privacy, data protection, and other matters. Many of these laws and regulations are subject to change and uncertain interpretation, and could result in claims, changes to our business practices, increased cost of operations, or declines in user growth or engagement, or otherwise harm our business."
After DPC concluded the audit, Facebook said it would comply with many of the recommendations to ensure it's not violating Irish and European privacy laws. For instance, Facebook agreed to make changes, such as removing part of the IP address that it logs from the "Like social plug-in within days, IDG reports. And Facebook said it would completely delete logs collected by the "Like" button after 90 days.
But Schrems and the Europe v Facebook group say that the recommendations don't go far enough. And they say that Facebook is still violating European law. And they would like to see the regulator enforce those privacy laws.
Facebook said in a statement that it is following European law in how it collects and handles customer data, according to the New York Times. Facebook also said that its users could easily obtain a copy of what information Facebook stores about them by using a function within the personal settings on their accounts.
The meeting between Facebook executives and the Europe v Facebook activist group is not binding. In other words, Facebook isn't obligated to take any action following the meeting. But Schrems told the New York Times that he hopes Facebook will do more to address his concerns and he plans to continue pushing the Irish DPC to make a final decision on the remaining issues.