Logo and page links

Main menu

What happens with personal information in Facebook?

In 2010, the Norwegian Data Protection Authority conducted a case study of Facebook from a privacy point of view. The case study resulted in the report "Social Network Services and Privacy".

Based on the report, the Nordic Data Protection Authorities formulated a series of questions to Facebook. The questions focus on who gain access to or collects personal information about Facebook`s members, and also what happens to the collected personal data.

Privacy Settings

The Nordic Data Protection Authorities are also interested to find out more about Facebook`s attitude towards its members' privacy settings. This applies to attitudes towards the parts of the platform that Facebook's control, and to third party services or applications. How much control does Facebook allow its members to have over these settings and to what extent Facebook or third parties are able to change or reset them?

Are IP-addresses passed on?

The Data Protections Authorities wish to know who has access to personal information and IP addresses. Furthermore, they want to know whether this information is passed on to third parties such as advertisers or companies that provide services or programs for Facebook's platform. Examples of such companies are Zynga.com who is behind Farmville, Pandora - Personalised Music and Rotten Tomatoes - Friend's removal request.

What is stored about non-members?

Equally important for the Data Protection authorities as member’s personal information, is what information Facebook stores about its non-members? Through the "like" button, "Friend-finder" and "the face-recognition" applications, Facebook gains access to non-members pictures and e-mail addresses. If the social network saves this information, non-members will have little or no control over this personal information and possible further use of it.