Germany Scolds Facebook's Facial Recognition Software

A German privacy expert has accused Facebook of using facial recognition software that violates German and European privacy laws.

A German privacy expert has accused Facebook of using facial recognition software that violates German and European privacy laws.

Facebook uses individual biometric data that allows users to locate new friends after discovering their identity. The feature, which was introduced in June, matches data captured in a picture with data collected from the other hundreds of millions of users. The database is reported to include more than 75 billion photos with more than 450 million people tagged.

Like Johannes Caspar, a data protection expert in Hamburg told a local German newspaper:

If the user’s data falls into the wrong hands, it would be possible to compare and identify anybody capture in a photo taken with a mobile phone. This is what’s most problematic. The programme feeds off a stock of data designed to physically identify millions of users.

A Facebook spokesman told The Wall Street Journal:

We will consider the points the Hamburg Data Protection Authority have made about the photo tag suggest feature but firmly reject any claim that we are not meeting our obligations under European Union data protection law.

Caspar has written to Facebook demanding it to delete any related data acquired through the facial recogntion software. Facebook has until Aug. 11 to respond to the legal complaint. If it does not comply, it could result in restrictions of access for German citizens and Facebook could face fines of up to 300,000 euros ($426,000) under the European Data Protection Directive.

This isn’t Caspar’s first rodeo with Facebook. In July 2010, Caspar investigated the site’s friend finder feature, which imported users’ email address books without notifying them. In January, Facebook agreed to inform members and altered friend finder to make it more transparent.

Germany has regularly been at the forefront over Internet privacy issues. Readers, do you think Caspar makes a valid point? Additionally, do you think the European Union’s data privacy laws are too strict or should the U.S. make its privacy laws stricter?