Facebook Moves 1.5 Billion Users' Data Out Of Europe To Circumvent New Privacy Law

This doesn't bode well for Facebook CEO Mark Zuckerberg and what remains of his tattered credibility.


After Zuck suggested (but stopping short of promising) during testimony before Congress last week that he would treat all Facebook users' data as if it fell under the European Union's new General Data Protection Regulation, Reuters and the Guardian are reporting that Facebook has quietly moved the data of more than 1.5 billion users out of reach of European privacy law by transferring it from the company's European headquarters in Ireland to its global headquarters in California.

Here's the Guardian:

In a tweak to its terms and conditions, Facebook is shifting the responsibility for all users outside the US, Canada and the EU from its international HQ in Ireland to its main offices in California. It means that those users will now be on a site governed by US law rather than Irish law.

The move is due to come into effect shortly before General Data Protection Regulation (GDPR) comes into force in Europe on 25 May. Facebook is liable under GDPR for fines of up to 4% of its global turnover – around $1.6bn – if it breaks the new data protection rules.

The shift highlights the cautious phrasing Facebook has applied to its promises around GDPR. When asked whether his company would promise GDPR protections to its users worldwide, Zuckerberg demurred. “We’re still nailing down details on this, but it should directionally be, in spirit, the whole thing,” he said.

A week later, during his hearings in front of the US Congress, Zuckerberg was again asked if he would promise that GDPR’s protections would apply to all Facebook users. His answer was affirmative – but only referred to GDPR “controls”, rather than “protections”. Worldwide, Facebook has  to let users exercise their rights under GDPR, such as downloading and deleting data, and the company’s  are similarly universal.

As Reuters explains, by moving the data, Facebook is creating an important buffer against legal penalties.

That removes a huge potential liability for Facebook, as the new EU law allows for fines of up to 4 percent of global annual revenue for infractions, which in Facebook’s case could mean billions of dollars.

The change comes as Facebook is under scrutiny from regulators and lawmakers around the world since disclosing last month that the personal information of millions of users wrongly ended up in the hands of political consultancy Cambridge Analytica, setting off wider concerns about how it handles user data.

The change affects more than 70 percent of Facebook’s 2 billion-plus members. As of December, Facebook had 239 million users in the United States and Canada, 370 million in Europe and 1.52 billion users elsewhere.

In separate statements to Reuters and the Guardian, Facebook essentially denied that the change would have any impact on how user data are treated, and that Facebook users would have "the same privacy protections everywhere."

Facebook told Reuters "we apply the same privacy protections everywhere, regardless of whether your agreement is with Facebook Inc or Facebook Ireland." It said the change was only carried out "because EU law requires specific language" in mandated privacy notices, which US law does not.

In a statement to the Guardian, it added: "We have been clear that we are offering everyone who uses Facebook the same privacy protections, controls and settings, no matter where they live. These updates do not change that."

However, a data privacy researcher who spoke with the Guardian said Facebook's statements are disingenuous (surprise, surprise).

Privacy researcher Lukasz Olejnik disagreed, noting that the change carried large ramifications for the affected users. "Moving around one and a half billion users into other jurisdictions is not a simple copy-and-paste exercise," he said.

"This is a major and unprecedented change in the data privacy landscape. The change will amount to the reduction of privacy guarantees and the rights of users, with a number of ramifications, notably for for consent requirements. Users will clearly lose some existing rights, as US standards are lower than those in Europe."

"Data protection authorities from the countries of the affected users, such as New Zealand and Australia, may want to reassess this situation and analyse the situation. Even if their data privacy regulators are less rapid than those in Europe, this event is giving them a chance to act. Although it is unclear how active they will choose to be, the global privacy regulation landscape is changing, with countries in the world refining their approach. Europe is clearly on the forefront of this competition, but we should expect other countries to eventually catch up."

In an interesting twist, Facebook disclosed that moving the data would not come with tax ramifications. This bifurcation means that Facebook will continue paying taxes on that business in Ireland, but the data will be based in the US, where it will be exempt from European privacy laws.

To be sure, if certain Democratic lawmakers have their druthers and pass a privacy law modeled after the GDPR, Facebook might need to find another domicile for its data. And assuming the outrage over the company's treatment of user data has a lasting impact, the company might need to repeat this process again and again, until there's nowhere left to hide.

In other Facebook news, an auditor reviewing the company's privacy practices gave the company "a clean bill of health" in a report to federal authorities last year - well after Facebook had discovered Cambridge Analytica's alleged deception. The audit was required as part of a settlement Facebook reached with the FTC in 2011, per the Wall Street Journal.

An auditor reviewing Facebook Inc.’s FB -0.67% privacy practices gave the social-media company a clean bill of health in a report to federal authorities last year—well after Facebook discovered that political consulting firm Cambridge Analytica improperly obtained millions of users’ personal data.

“In our opinion, Facebook’s privacy controls were operating with sufficient effectiveness to provide reasonable assurance to protect the privacy of covered information,” the auditing firm, PricewaterhouseCoopers, said in the report to the Federal Trade Commission dated April 12, 2017. A heavily redacted version of the report is posted on the FTC’s website.

The audit, which covers a two-year period ended in February 2017, was required as part of a settlement that Facebook reached with the FTC in 2011 to ensure the company was clearly informing users about the way their data was being used. But PwC’s conclusions raise questions about the vigor of its vetting process at a time of mounting questions about Facebook’s ability to protect user privacy.

Back in 2011, the FTC accused Facebook of deceiving consumers by telling them they could keep their data private, but then repeatedly allowing the data to be shared and made public (sound familiar?). An agreement reached by the two sides required Facebook to give consumers "clear and prominent notice" and "obtain their express consent" before sharing their information in any way that wasn't explicitly laid out in their privacy settings.

The question of whether the company has violated its FTC settlement is now the subject of an intense debate. At stake are millions of dollars in fines.


SocratesSolves beepbop Sat, 04/21/2018 - 11:57 Permalink

He's not just a Zionist. He's a puppet Zionist placed there. This punk kid of the Black Hats of Hate, the Zionists—didn't create Facebook. Facebook was stolen by Jewish Zionist typical skulduggery power in the CIA. The real founder is continually paid off. Only a fool would be on Facebook. Only a fool would give an ounce of time to listen to such an arrogant ignorant punk. 

There is one problem on the World Stage which is the World's Foremost Problem as Henry Ford stated roughly a hundred years ago. This problem is the International Jews that are the Black Magic Black Hat Bullies of the World. Indeed, in order for the world to live, Rothschild Zionism must die. And this is what will happen. Have no doubt, the Zionist Jews in Israel and New York brought down the twin towers. Christopher Bollyn's analysis on this is groundbreaking. Christopher Bollyn will become a household name. 

You will see these Black Hat Black Magic Bullies of the World fall faster than the Twin Towers they brought down. 

In reply to by beepbop

zero_pussy brianshell Fri, 04/20/2018 - 23:16 Permalink

did you downvote me?  you're right, but i can sue you for anything i want, and i shouldn't need a lawyer to do so.

in which case, then i am able to get whatever information i want out of you.  then i can share that information with whoever i want regardless of the outcome of the case.

unless of course you're advocating the abolition of civil courts and constitutional law.

In reply to by brianshell

Sudden Debt brianshell Sat, 04/21/2018 - 02:57 Permalink





It's called GDPR compliance. I just did a training course about it and in short the people just got 110% control over their private information.

If you get junk mail or a advertising mail, it's in your right to sue the company that send it and claim your money.


Democracy has won in Europe while it lost like a crybaby in America. You can't even compaire it anymore how Europe handles privacy compaired to America. Compaired to Europe, America is now a banana republic that sells out it's own people.


Advertisers can't work with facebook data anymore.

If a company get's caught using facebook data, it risks a penalty of 4% of it's turnover per complaint. It's now the fastest way to go bankrupt if anybody does it.


And how can the government check it? Simple... taxes... facebook is bound to taxation on advertisement budgets. And anybody who wants to boost messages needs to pay with a visa.




In reply to by brianshell

pigpen zero_pussy Fri, 04/20/2018 - 22:46 Permalink

Zero, do you use a mobile adblocker?

The world is 3 clicks away from destroying these surveillance, tracking and censoring machines.

Time for the world to take install mobile adblocker on every phone to destroy the digtal advertising goobook monopolies.

I prefer brave browser as brave blocks advertising malware and tracking by DEFAULT on any device and operating system rendering digital advertising model useless.

Citizens of the world unite.

What is digtal advertising worth if an ad can't be served, viewed and tracked?

Install brave browser or equivalent mobile adblocker immediately.

Whoever controls the browser controls the digtal advertising money.



In reply to by zero_pussy

Endgame Napoleon pigpen Sat, 04/21/2018 - 13:54 Permalink

Only problem: You can’t post on it. It is like the old-fashioned internet without all of the interactive features. Otherwise, it is good.

These programmers are not going to work for free, unlike so many Americans who do or nearly do, with the womb-productive ones hoisted up in their nearly-free work by monthly welfare that covers the cost of their rent and groceries and a refundable EITC child tax credit up to $6,431.

Many of the welfare-eligible / womb-productive citizens and noncitizens work part-time, staying under the earned-income limits for welfare by working few hours for nearly nothing, but when it comes to sex and reproduction, they demand layers of pay from government.

Programmers will not go that route. They want to be paid well for their work productivity, not for womb productivity. The old-fashioned internet is harder to monetize.

In reply to by pigpen

Lumberjack Lumberjack Fri, 04/20/2018 - 20:20 Permalink

Came across this:

PwC audit gave Facebook’s privacy protections a pass even after it knew about Cambridge Analytica


An audit of Facebook’s privacy protections conducted by PricewaterhouseCoopers on behalf of the Federal Trade Commission (FTC) gave the company the all-clear despite the fact that Facebook was already aware of the Cambridge Analytica problem at the time …

In reply to by Lumberjack

Lumberjack Lumberjack Fri, 04/20/2018 - 20:31 Permalink


according to a recent report in the Wall Street Journal. This “early bird” warning system reportedly utilizes mobile usage analytics technology from Onavo, an Israeli startup Facebook acquired in 2013. Onavo’s app uses a technique that routes people’s mobile usage through a third party server for privacy purposes, but it also “gives Facebook an unusually detailed look at what users collectively do on their phones,” according to the report. The 

In reply to by Lumberjack

TeethVillage88s Lumberjack Fri, 04/20/2018 - 20:32 Permalink

Hm... AT&T, Comcast, Media Com, Windstream, Verizon, T-Mobile, Straight-Talk, Sprint, Blackberry, Apple, Samsung, Yahoo, Google, AOL online, Time Warner, The Economist, News-Corp, ABC, CBS, CNBC, MSNBC, NBC, Foxnews, NYTimes, Wapo, and more.
- How has our "Free Press" been Compromised?
- How has our Rights to free speech been systematically corrupted by Big Business?

In reply to by Lumberjack

Lumberjack TeethVillage88s Fri, 04/20/2018 - 20:35 Permalink

Voyeurism? Got a gas/grocery/other 

reward card? (they know what you buy) Got a late model car? 

At the end of the day carrying your smart phone, using debit cards, driving your car (your car has gps, knows how many people are in it by weight sensors in the seat, knows when it’s on a mechanics lift by the suspension sensors.

They know ehen you go home and turn on the lights (smart meter), taking a shower (your water meter is connected) and even taking a shit ( by volume if water used). They have the capability of knowing more about you than you do. And you dont even need to go on FB.

Chew on that one...

And I didn’t mention your home security system or smart tee vee.

Don’t get paranoid. It’s the folks doing it that are.

In reply to by TeethVillage88s

alpha-protagonist Fri, 04/20/2018 - 20:11 Permalink

Once again, the gubmint tries to bamboozle its people by humiliating someone in a senate hearing, then do fucking nothing.

Edit: I'm glad Zuck the fuck did that. He just stuck his middle finger at the motherfuckers who run the country and bully the middle class, while giving a free pass to the elite.

Davidduke2000 Fri, 04/20/2018 - 20:12 Permalink

the only way for this joo to escape the eu penalties is to shut down facebook in all of europe, Russia is about to shut him down and in the middle east he is having problems already.

Facebook is in serious trouble.

richsob Fri, 04/20/2018 - 20:22 Permalink

LMAO.  Every company you can imagine is doing everything it can to avoid being under a U.S. jurisdiction for taxes, securities laws, environmental regulations, etc., etc.  And this guy is running back to the U.S. and CALIFORNIA for what??!!  Protection?  Shit.  His next move is going to be a doozy when the U.S. congress critters/Kalifornia politicians/IRS/SEC/etc. get finished with him.  Want to lay odds on what will happen to Facebook over the next few years?

motoXdude Fri, 04/20/2018 - 20:35 Permalink

Sneaky little Jew Boy that Zuckerberg is... gotta give him credit for a high IQ, but sadly it's countered by his low Morals and Ethics.   Gotta pay those shareholders what they deserve, after all... they're what matters (tragically)!


keep the basta… motoXdude Fri, 04/20/2018 - 22:53 Permalink

zuck is circumcised. means he does not bond, and has  an undeveloped brain... seen by  us army autopsies in the 1940s and 1990s. IN the 1940s the 25% circumcised coincidentally had  undeveloped brains, doctors thought it was a disease.

So much for his high IQ, more like psychopathy where no waste of brain space on guilt, conscience, love, remorse. Just sadistic superiority running in a childlike brain.

In reply to by motoXdude

neilhorn Fri, 04/20/2018 - 20:42 Permalink

"This is a major and unprecedented change in the data privacy landscape. The change will amount to the reduction of privacy guarantees and the rights of users, with a number of ramifications, notably for for consent requirements. Users will clearly lose some existing rights, as US standards are lower than those in Europe."

US standards of privacy are lower than Europe. Our standards only require that if the government thinks someone has posted something that the government doesn't like, then Facebook will remove it. However, if a paid advertiser, lobbyist, influence peddler, or a golf friend who paid for 18 holes w/ a POTUS  wants to know who you are, then FB(I) is happy to turn over the information to the authorities who authorized them to mine your data. 

There is nothing more powerful than a Congressional hearing into Zuckerberg's affairs that will lighten (((his))) hold on the FB Corporate checkbook.

Oldguy05 Fri, 04/20/2018 - 20:45 Permalink

Didn't PriceWaterhouseCoopers have something to do with TV game shows years ago? I seem to remember Bob Barker or some other twit saying something about prizes including them. A NEEEWWW CAR!!!!

Truth Eater Fri, 04/20/2018 - 20:47 Permalink

Just wait until EU demands the censuring of FakeBook entirely now that they have skirted the law of the land in their data storage location.  They still are liable for what happens in that place...  and the laws can easily be written to block FB from Europe access.  I am not for government suppression, and stupid people generally should be allowed to do stupid things.... but FB and all govt spying should be restricted.

ft65 Fri, 04/20/2018 - 20:49 Permalink

This partly explains the bullshit Cambridge Analytic expose.

Why would anyone think that information willingly entered into a giant advertising database would remain private. Perhaps it was understandable 10 years ago, especially youngsters. Surely Facebook will come to a Minsky Moment as more and more revaluations are made.  

SantaClaws Fri, 04/20/2018 - 21:01 Permalink

Get out the popcorn.  The EU has already decided on a billion-Euro payday, er fine, simply because FB is loaded and the EU is broke.  By running away, Zuckerberg already looks guilty.  The EU Commission will likely throw a party to choose what crime FB is guilty of.