Facebook to hold UK users to US terms, skirting EU privacy rules

Facebook is making the change partly because the EU privacy regime is among the world’s strictest, sources told the Reuters news agency.

Facebook's decision will move UK users out of their current relationship with the company's Irish unit and out of reach of Europe's privacy laws [File: Jenny Kane/AP Photo]

Facebook Inc will shift all its users in the United Kingdom into user agreements with the corporate headquarters in California, moving them out of their current relationship with Facebook’s Irish unit and out of reach of Europe’s privacy laws.

The change takes effect next year and follows a similar move announced in February by Google. Those companies and others have European head offices in Dublin, and the UK’s exit from the EU will change its legal relationship with Ireland, which remains in the EU.

Initially, sources briefed on the matter told the Reuters news agency about the move. Facebook later confirmed it.

“Like other companies, Facebook has had to make changes to respond to Brexit and will be transferring legal responsibilities and obligations for UK users from Facebook Ireland to Facebook Inc. There will be no change to the privacy controls or the services Facebook offers to people in the UK,” the company’s UK arm said.

Facebook’s UK users will remain subject to UK privacy law, which for now tracks the European Union’s General Data Protection Regulation (GDPR).

Facebook is making the change partly because the EU’s privacy regime is among the world’s strictest, according to people familiar with the company. The EU’s rules give granular control to users over data about them.

In addition, the US Cloud Act, passed in 2018, set a way for the UK and the United States to more easily exchange data about cloud computing users.

Privacy advocates fear the UK may move to an even looser data privacy regime, especially as it pursues a trade deal with the US, which offers far fewer protections.

Some also worry that UK Facebook users could more easily be subject to surveillance by US intelligence agencies or data requests from law enforcement.

“The bigger the company, the more personal data they hold, the more they are likely to be subject to surveillance duties or requirements to hand over data to the US government,” said Jim Killock, executive director of the UK-based nonprofit Open Rights Group.

US courts have held that constitutional protections against unreasonable searches do not apply to non-citizens overseas.

UK information industry regulators said they had been in touch with Facebook along with companies keeping European headquarters as Brexit nears.

“We are aware of Facebook’s plans and will continue to engage with the company in the new year,” said a spokeswoman at the Information Commissioner’s Office.

Facebook will inform the users of the shift in the next six months, a spokesman said, giving them the option to stop using the world’s largest social network and its Instagram and WhatsApp services.

Facebook’s decision comes at a time when the UK is escalating efforts to ban strong encryption, which Facebook is moving to implement on all its products.

The UK, like the EU, is also pressuring Facebook on a number of other fronts, including hate speech and terrorism policies.

The US may also pursue new laws on privacy and social media content, and federal and state prosecutors recently launched antitrust lawsuits against both Facebook and Alphabet Inc’s Google.

Still, tech lobbyists expect that US tech regulations will remain more industry-friendly than those in the UK.

Source: Reuters