German data protection officials have reopened an investigation into Facebook's facial recognition technology saying that the social networking giant was illegally compiling a huge database of members' photos without their consent.
After suspending the investigation in June, Hamburg-based data protection commissioner Johannes Caspar has said he is reopening the case after attempts to persuade Facebook to change its policies had failed.
Speaking to the New York Times, Caspar said it had repeatedly met with Facebook, but had not been able to get its cooperation on this issue "which has grave implications for personal data".
The problem relates to Facebook users having to opt-out of photos uploaded by other members, despite European data protection laws requiring people to give their explicit consent to the practice.
The German regulator is demanding that Facebook destroys its photographic database of faces collected in Germany and revises its website to obtain the explicit consent of members before it creates a digital file based on the biometric data of their faces.
Caspar said that Facebook acknowledged that the company was compiling biometric data on users, but that the process is legal in Ireland where Facebook's European operation is incorporated.
He also said that Facebook could be fined up to £20,000 ($30,057) should it refuse to destroy its biometric database and alter its consent practices. Facebook said that it has voluntarily agreed to suspend its tagging feature for all Europeans who join the network as of 1st July, while the situation for others "remains under active discussion".
A Facebook statement said: “We believe that the photo tag suggest feature on Facebook is fully compliant with EU data protection laws. During our continuous dialogue with our supervisory authority in Europe, the Office of the Irish Data Protection Commissioner, we agreed to develop a best practice solution to notify people on Facebook about photo tag suggest.”
In a statement to BBC News, Caspar welcomed Facebook's decision to block the feature for new users, but said it did not go far enough to address his concerns.
He said: “It is to be welcomed that Facebook clearly recognises that the process of collecting biometric data is at least not in accordance with data protection law in Europe. But Facebook can't just stay halfway there.”
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
