No Friends in Ireland: Probe Begins Into Facebook Privacy Issues

Privacy watchdogs began an on-site investigation Tuesday of Facebook's regional office in Ireland, has learned, following sensational accusations that the company is creating extensive "shadow profiles" of non-users.

The eye-popping assertion came in a complaint filed in August by Ireland’s Data Protection Commissioner, which alleges that users are encouraged to hand over the personal data of others. That includes "sensitive data such as political opinions, religious or philosophical beliefs, sexual orientation and so forth" -- and Facebook is storing it all up in its databases.

Despite the company's firm denials, the Data Protection Office began hunting for evidence on Tuesday, Oct. 25, to back up those claims.

"The on-site element started on Tuesday," Lisa McGann, a spokeswoman for the Office of the Data Protection Commissioner, told The search will take a number of days, she said, but she could not address questions about what specifically the commissioner hoped to find or had already discovered.

In such investigations, the office has the power to inspect the building, question employees, and take away copies of any files stored on local computers, according to the Commissioner's audit guidelines. The agency will then pore over that data for the next few weeks.

More On This...

"It is the intention of the commissioner that the investigation will be completed by the end of the year," McGann told The organization conducts few such reports each year; according to the Data Protection Commissioner's 2010 annual report, the office opened 231 formal complaints under the Privacy in Electronic Communications Regulations act -- but only conducted 32 "comprehensive privacy audits."

The complaint alleges that Facebook is using a range of methods to collect non-user data, including when users "synchronize" their mobile phones, import info from email providers and instant messaging services and even search for other people's names on Facebook.

Facebook confirmed that the audit started this week, and reiterated that it strives to comply with all regional privacy laws.

“Facebook is cooperating fully with the Office of the Data Protection Commissioner as part of its routine audit, which began this week," a spokesman told "We believe that we are fully compliant with EU data protection laws and look forward to welcoming the DPA to our EU headquarters in Dublin to demonstrate this. The Irish DPA audits several companies each year and we expect the whole process to be complete by January 2012.”

Facebook has also denied accusations that it is building shadow profiles of non-users.

"The assertion that Facebook is doing some sort of nefarious profiling is simply wrong," Facebook spokesman Andrew Noyes told last week. But experts told that it could well be true.

“There can be little doubt that Facebook collects from its current users information about individuals who are not currently Facebook users,” said Kelly Kubasta, who heads the Dallas law firm Klemchuk Kubasta’s social media division.

Kubasta was also quick to point out that Facebook is far from alone: Such data gathering is par for the course in the World Wide Web these days.

“Regardless of what Facebook is doing, many websites collect and propagate personally identifiable information about individuals who have not entered into any agreement with the website. Just a few examples include Spokeo, iSearch,,” Kubasta told

"In other words, ‘the horse may be out of the barn,’” he said.

The company may face fines of up to about $140,000. Were it to go public today, current estimates peg Facebook's worth at anywhere from $50 billion to $100 billion.