Germany has reopened its investigation of Facebook's facial recognition database after failed attempts to persuade the company to revise its policies, according to the New York Times. The dispute centers around Facebook's requirement that users opt-out of its facial recognition database, rather than opting-in as mandated by European Union law. Facebook suspended the practice for new users in July while it worked with EU officials, though it maintains that its regional headquarters in Dublin adheres to Ireland's data privacy laws, having implemented changes outlined by an audit last year.
Johannes Caspar, Germany's data protection commissioner argues that the social network is violating the EU's Article 29 Working Party decision which prohibits the capture of biometric data without explicit consent. The maximum fine for the infraction, however, is €25,000, or about $30,000 — a paltry sum for a multi-billion dollar corporation. Despite Facebook's efforts to placate the EU, Caspar is unsatisfied and believes more could be done, telling the BBC:
"It is to be welcomed that Facebook clearly recognises that the process of collecting biometric data is at least not in accordance with data protection law in Europe. But Facebook can't just stay halfway there."
In the meantime, Ireland's Office of Data Protection commissioner has promised to release another audit of Facebook's privacy policies next month. Whether it will prompt local regulators to take a firmer stance on Facebook, however, remains to be seen.