After Facebook founder Mark Zuckerberg told Congress he promised to protect the privacy of its users, the social media behemoth comes to be making an end run around a European law that would protect people’s online data, according to a report on Thursday.
Facebook is changing its terms of service to shift responsibility for users outside the United States, Europe and Canada from its international headquarters in Ireland to its main offices in California, Reuters reported.
That means users in Europe would fall under the European Union’s General Data Protection Regulation, which takes effect on May 25, but the 1.5 billion members in Africa, Asia, Australia and Latin America would not, the wire service reported.
They would come under the jurisdiction of more lenient American privacy laws, as are US and Canadian users.
The change by Facebook affects more than 70 % of its more than 2 billion users.
It has 239 million users in the United States and Canada, 370 million in Europe and 1.52 billion elsewhere.
The new EU privacy law permits for fines of up to 4 percent of global annual revenue as a penalty for gathering users’ personal data without their consent.
In Facebook’s case, those fines could reach into the billions of dollars.
The social networking company said it plans to make the European privacy rules available to its users around the world.
“We apply the same privacy protections everywhere, regardless of whether your agreement is with Facebook Inc. or Facebook Ireland,” the company said in a statement to Reuters.
When Facebook set up its international headquarters in Ireland in 2008 to take advantage of low corporate tax rates, users outside the US and Canada came under the protection of European regulators.
The change means the 1.5 billion affected users will not be able to file complaints with Ireland’s Data Protection Commissioner or in Irish courts. They would then be governed by more lenient U.S. privacy laws, Michael Veale, a technology policy researcher at University College London, told Reuters.
Zuckerberg was grilled by lawmakers in Congress last week about how the company protects personal data after reports revealed that political marketing firm Cambridge Analytica gathered the information of 87 million users without their consent.
“We didn’t take a broad enough view of our responsibility, and that was a huge mistake, and it was my mistake. And I’m sorry. I started Facebook. I run it, and I’m responsible for what happens here,” he told members of the House Energy and Commerce Committee.