Facebook Says Some of Your Personal Data Is Its 'Trade Secrets or Intellectual Property'

from the you-thought-it-was-your-life dept

A few weeks back, Techdirt posted a story about a European campaign group called “Europe vs. Facebook”, which is trying to find out exactly what information Facebook holds about its users. It is doing this using European data protection laws, thanks to the fact that Facebook’ s international headquarters are in Ireland.

The group’s founder, Max Schrems, received a reply to his request for the data Facebook held about him in the form of a CD-ROM storing over 800 pages. But looking through them, Schrems noticed that important information was missing, and so contacted Facebook again, asking for the extra details. But Facebook refused:

To date, we have disclosed all personal data to which you are entitled pursuant to Section 4 of the Irish Data Protection Acts 1988 and 2003 (the Acts).

Please note that certain categories of personal data are exempted from subject access requests. Pursuant to Section 4(9) of the Acts, personal data which is impossible to furnish or which can only be furnished after disproportionate effort is exempt from the scope of a subject access request. We have not furnished personal data which cannot be extracted from our platform in the absence of disproportionate effort.

It seems hard to believe that a sophisticated, leading-edge company like Facebook can’t pull out all the information about one user ? the basic node of the social network – without “disproportionate effort”, but that’s not the real issue here. Alongside all that terrible effort, Facebook cited another reason for refusing to give Schrems the missing details:

Section 4(12) of the Acts carves out an exception to subject access requests where the disclosures in response would adversely affect trade secrets or intellectual property. We have not provided any information to you which is a trade secret or intellectual property of Facebook Ireland Limited or its licensors.

Claiming that certain aspects of your personal data is “a trade secret or intellectual property of Facebook Ireland Limited or its licensors” seems pretty extraordinary. Schrems is not letting things rest there, though, and has contacted the Irish Data Protection Commissioner to pursue the matter further. Meanwhile, Facebook has released a statement on the matter:

We are cooperating fully with the Irish Data Protection Commissioner who will come to a view on Mr Schrems? complaint in due course.

I can hardly wait for that view – and for Facebook’s response if it requires the release of some “proprietary” data.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Filed Under: , ,
Companies: facebook

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Facebook Says Some of Your Personal Data Is Its 'Trade Secrets or Intellectual Property'”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Re: The real trade secret

Almost certainly the basis for FB’s claim, and here in the US would quite easily meet the UTSA criteria for a trade secret.

What troubles me more than anything else is not persons/companies who rely upon copyright law, but the incremental expansion of so many social media companies into the gathering and exploitation of private information.

As of late I have noticed that Google is pursuing virtually the same path. Users are constantly filling their inventory coffers, i.e., personal data that can be marketed and sold to third parties.

John Doe says:

They apparently track everything

Facebook knows more about you than even the government knows about you. I use to tease my friends that Google is a secret department run by the Department of Homeland Security but I will have to modify that to Facebook. Heck, it is bad enough that we volunteer so much info about ourselves, now Facebook has recruited our friends to record info about us.

My coworker reported where I work, my family marks me as their family member, a fellow High School graduate recorded the year and school of my graduation. Talk about a playground for identity thieves.

Anonymous Coward says:

Re: Follow me @glynmoody ... on Google+

Why trust Google? Will Google give you all of your data? Do you really trust Google to ‘do no evil’?

From where I’m sitting, Google and Facebook are competitors in the same game – the game of using your information to better target you with advertising.

Anonymous Coward says:

Glyn, maybe one day people here will wake up and realize that much of the “FREE!” is just a bullshit come on to get access to their personal information. In the case of companies like Google and Facebook, it’s an attempt to play middleman on everything you say, do, or see.

“FREE!” not only isn’t free, but the price is too high.

Mike Acker (profile) says:

Re: Re:

people here will wake up and realize that much of the “FREE!” is just a bullshit come on to get access to their personal information.

Their “business model” is similar to TV. In Television what is sold is audience and it is sold to the advertisers

in FoolsBook it’s the same: you are being sold.

everytime you see something for “free” it is good to ask: who is selling what to whom.

out_of_the_blue says:

The frightening aspect is that masses of dolts /give/ it away.

To Google too, of course. And intelligence agencies aren’t so stupid as to ignore those giant pots of data — if they are that stupid, they should be fired — at, when stood against nearest wall.

But I think the people are beginning to see the traps in these honey-pots.

Anonymous Coward says:

Claiming that certain aspects of your personal data is “a trade secret or intellectual property of Facebook Ireland Limited or its licensors” seems pretty extraordinary.

I think you’re jumping to conclusions. The letter says that disclosures which would adversely affect their IP need not be made. They DO NOT say that this person’s personal information sought here is in fact protected IP. They are speaking in generalities. It’s just as likely that information the person seeks isn’t being released because of the “disproportionate effort” exception.

That’s OK, though. Good enough for Techdirt.

Alazarin says:

I find it worrisome that FB is claiming that parts /aspects / data of someone’s own life is their property. If that isn’t identity theft, I don’t know what is. How soon before we start hearing of cases where people are forbidden to use their own identity because it has become the property of some social networking [or other] corporation? I fear that it’s only a matter of time.

PrometheeFeu (profile) says:

My guess is that they are referring to data which they computed about you based upon data you provided. Some of that data may reveal proprietary information. For instance they may calculate a certain number of scores about you which allow them to better target ads at you. Depending upon what disclosure means, they may have to disclose some proprietary information about what they look at or how they compute such scores… I can see why they might want to avoid doing so.

Otherwise, I think the data disclosure requirements imposed on private companies are absurd. As long as the original gathering is legal, it’s not your data anymore. It’s their data.

TonyRockyHorror says:

Social networks are about one thing only: data mining. They serve NO other purpose. If you think otherwise, you’re not thinking very hard.

The “social” aspects of these networks are the method by which that data is generated. They are marketed based on the methods by which members can be used by them but not on what their purpose is.

Debbie Frost (profile) says:

Comment from Facebook

This is Debbie Frost from Facebook. We actually provided Mr Schrems with all of the information required in response to his request. It included requests for information on a range of other things that are not personal information, including Facebook’s proprietary fraud protection measures, and “any other analytical procedure that Facebook runs”. This is clearly not personal data, and Irish data protection law rightly places some valuable and reasonable limits on the data that has to be provided.

aesop says:

hmm, I can imagine one type of information gathered from personal data that they wouldn’t have to give up. E.g. if Google gathers data from conversations between people, and uses that to create a language model. This might be stored in plain text, like a list of N-grams:

and then he
then he said
he said ,
said , why
, why do
why do n’t

etc. Now, if that’s been compiled somewhere, and it’s all cluttered up with other data, from various other users, then they have a good reason why it’s impractical to extract whatever came from you (as well as being a trade secret).

Of course, if you don’t want companies gathering that sort of data, don’t give them your private info ? join diasp.org or something instead 🙂

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...