Less than a month ago Facebook settled with the US Federal Trade Commission and consented to 20 years of privacy checks, and now its audit on the other side of the pond has been completed. The Irish Data Protection Commissioner has concluded its three-month-long audit of Facebook's privacy practices, and it has mostly cleared the social network. The audit was designed to help Facebook (International) ensure that it is compliant with Ireland and the EU's data protection policies (which differ in some ways from the US and are generally stricter) — not to accuse the company of any wrong doing. The audit was performed with Facebook's "full cooperation," and the Palo Alto-based company has already "committed to either implement, or to consider positively," the recommendations.
While the audit was concerned with all of Facebook's privacy practices (i.e. how much, how long, and how securely it holds users' data), it also examined in detail the facial-recognition picture tagger, the Like button, the Friend Finder, third-party applications, and the extent to which Facebook uses members' information to target advertising. It looks like Facebook's in the clear in most of these areas, though the commissioner did recommend various "best practice" improvements concerning the controls users have over what information is stored, the collection of non-members' information, and targeted advertising. As a result of these findings, Facebook said that it'll make more notifications to inform European users about the Tag Suggest feature, change policies to minimize the amount of data it collects on non-users, and give users more information about how to control their data. The company said that "meeting these commitments will require intense work over the next six months." The audit team will formerly review Facebook's progress in these areas in July of next year.