Facebook has been told to modify its privacy practices by the Data Protection Commissioner in Ireland, the base of its European operations.
After a protracted audit of the social network, which was undertaken following numerous complaints, the commissioner made several recommendations that Facebook has agreed to abide by on a global basis.
The report was “a comprehensive assessment of Facebook Ireland’s compliance with Irish Data Protection law and by extension EU law in this area”, the commissioner said in a statement.
“Arising from the audit, Facebook Ireland has agreed to a wide range of 'best practice' improvements to be implemented over the next six months, with a formal review of progress to take place in July of next year.”
The data protection commissioner listed eight significant changes that should improve Facebook’s privacy protection.
The commissioner called for an opt-in mechanism “for users to convey an informed choice for how their information is used, including in relation to third-party apps".
Facebook was also told to improve transparency by providing users with all information held by the company, as well a better system for deleting user data when requested. Facebook was also asked to be much clearer on how it shared user data.
Facebook must also include more granular tools for managing how images are tagged by other users and how they are added to Groups.
The company was warned that the recommendations were only the start of an ongoing process and that the changes would be assessed over the next six months, by which time they are all supposed to be implemented.