In another controversial step, Facebook has moved over 1.5 billion users out of reach of the European privacy laws. While Mark Zuckerberg during the House and Senate hearings and his assistants through the blog posts and media discussions have been promising to offer GDPR-like protections, it now appears the company isn't planning to do anything more than adding a few permission screens.
Facebook users outside of the US and Canada are currently subject to terms and conditions that are tied with the company's operation in Ireland.
However, Facebook is now shifting responsibility for users outside of the United States, Canada and the European Union from its international headquarters in Ireland to its offices in California in an effort to bring those users under the US laws and not the stricter European regulations.
Over 1.5 billion users will now be governed by US laws in an effort to limit exposure to GDPR
Facebook has decided to change its Terms of Service for its international users to move their jurisdiction out of Ireland and to the US ahead of the launch of the General Data Protection Regulation (GDPR). While many users aren't aware, Facebook governs its international users under European laws through its international HQ.
"That removes a huge potential liability for Facebook, as the new EU law allows for fines of up to 4 percent of global annual revenue for infractions, which in Facebook’s case could mean billions of dollars," Reuters reported. The report added that the change will affect over 70 percent of Facebook users - nearly 1.52 billion - from Asia, Africa, Australia, and Latin America.
The move will come into effect before GDPR comes into force on May 25. Under these new laws, the company could be pushed to pay 4% of its global turnover if it's discovered breaking the new rules - fines that could go up to $1.6 billion.
Similar to other technology companies, Facebook too uses Ireland to benefit from the country's low corporate tax rates. The company says the latest change won't have tax implications.
Facebook's side of the argument
In its statement the company said it's just a change of location - the terms of service will remain the same. "We apply the same privacy protections everywhere, regardless of whether your agreement is with Facebook Inc or Facebook Ireland," it claimed. The company added that it's only introducing this change "because EU law requires specific language" that US law does not.
The decision comes at a time when the social network is already under heightened scrutiny for its careless data protection practices and shady user policies. Yesterday, when the company revealed how it was planning to comply with the GDPR rules, it became evident that Facebook was simply coercing its users into hitting the "agree" button and not receiving informed consent.
But as the GDPR rules are almost here, Facebook is trying to reduce its liability under the European laws as much as it can. With this decision, it will become even more difficult for Facebook to sell its "GDPR everywhere regardless of where you live" mantra that it has been trying to push in the last few days.