Facebook’s International headquarters are based in Dublin where they come under EU data protection laws. Their use of user data has been under scrutiny from the Irish Data Protection Commissioner (DPC) who conducted a data protection audit in October and reported the findings on Wednesday.
As a result, Facebook has agreed to make a number of privacy improvements for all non-US/Canada users. In particular limiting the period it can keep ad-click data to two years, and highlighting its new facial-recognition technology (introduced in June) to users, making it clear how it works and how they can opt out of being tagged automatically in photos.
The audit concluded that most of Facebook’s data privacy systems and policies were compliant with European standards and in some areas, better. Facebook has until July 2012 to set its house in order, and that may explain the new ‘About Ads’ page, which tackles the “Is it true that Facebook sells my name and contact info to make money?” question head-on.