As GDPR came into effect last Friday, Facebook has announced two new features to help businesses better protect people’s privacy and respond to privacy requests.
To help developers and businesses protect people’s privacy according to GDPR, Facebook has launched two new features to “better protect people’s privacy and respond to their privacy requests” in accordance with the regulation. The first is the ability to provide a “callback URL” which would automate a request for data to be deleted, and the second is a way for businesses to provide the contact details of their Data Protection Officer (DPO).
The personal data deletion callback as it’s been called provides the ability to add a callback URL that receives “a person’s request that the information an app/website received from Facebook be deleted.” So, if someone removes an app or website from Facebook’s apps and websites settings, Facebook can give them an option to request that all their information received from Facebook be deleted.
Facebook engineer Ethan Goldman-Kirst explains that “the experience on Facebook will inform people when they sent a request and when it was acknowledged by your service. It will also provide them with a confirmation number you supply and a way to check the status of their request.”
The option allows businesses to automate customer service requests and to show people that they are handling their information responsibly in accordance with GDPR and other compliance requirements. It can be enabled at an app’s Facebook Login Settings page in the app dashboard, and the callback must use HTTPS. Furthermore, if the data deletion request is implemented, “it must initiate the deletion of any data” that an app has from Facebook about the user.
Facebook also now gives companies that serve individuals in the EU the ability to “designate and publish contact information for a Data Protection Officer (DPO).” The DPO’s role is to assist with personal information-processing matters. We are now offering a way for you to easily provide this contact information to people. The DPO can be designated within an app’s Facebook Login Settings page in the app dashboard. There, the DPO’s name (optional), mailing address, and email address can be added.
If anyone has questions about how their data is processed and used by an app or website, they can simply contact the DPO.