Category Archives: gdpr

TAKING ACTION AGAINST FACEBOOK

 

TAKING ACTION AGAINST FACEBOOK

 
Following up on my previous Blog article about taking on Facebook, I am trailblazing taking on Facebook.  As far as the Data Protection line of attack this is where I have got to so far:-
 
Letter sent to Facebook Ireland Limited on the 29th July:-
 

Dear Sir
 
Re:  GDPR request for information
 
I, Robin Tilbrook, make the following request:
 
Under the General Data Protection Regulation (GDPR) (EU) 2016/679.[ Data Protection Act 2018 (UK)] please supply copies of all correspondence, emails, letters, instant messenger, text, Whatsapp, data, informal notes, transcripts of off the record conversations, meeting minutes, internet articles that were read, and other records relating to:-
 
1.      The blocking of my profile (https://www.facebook.com/robin.tilbrook). No proper explanation has been given to me as to why that happened or any right of appeal. 
 
In the circumstances I formally ask, pursuant to the General Data Protection Regulation, for you to provide me with full disclosure of all information/data which you might rely upon to justify your Company’s behaviour in disabling my profile. 
 
The history of this case is as follows:-
 
Some time on Thursday, 16th May 2019 Facebook “Disabled” my “Personal Profile”.
 
The first I knew about this was when I tried to sign on to check if I had had any messages. I was then told that the account had been “Disabled”. 
 
Here is exactly what the text said:-
 
Your account has been disabled
For more information, or if you think your account was disabled by mistake visit the Help Centre”
 
For more information about our policies please review the Facebook Community Standards.  If you think your account was disabled by mistake please contact us.”
 
 
I of course thought that that must be wrong and therefore went to their next page which said:-
 
Why was my account disabled?
 
Your account has been disabled for violating Facebook’s Statement of Rights and Responsibilities.
 
Our Policies
 
One of Facebook’s main priorities is the comfort and safety of our members.  The following are not allowed on Facebook:
 
·       Support for a violent and/or criminal organization or group
·       Credible threats to harm others or the promotion of self-destructive behaviour
·       Targeting other individuals on the site
·       Hate speech or singling people out based on race, ethnicity, national origin, religion, sex, gender, sexual orientation, disability or disease
·       Graphic content including sadistic displays of violence against people or animals and depictions of sexual assault
·       Selling recreational or pharmaceutical drugs
 
Learn More
 
After looking carefully at that page I was able to see that there was some element of an appeal process, so I clicked onto the link they provided and got a page which only told me to send them a PDF of my passport or other ID.
 
So all I was able to do in response to my Profile being “Disabled” was to send them an image of my passport to confirm my identity!
 
On Friday I received a response saying that the ID Team couldn’t help with any appeal!
 
Which is absolutely hopeless.
 
At that point I thought Facebook’s procedures for appeals were completely inadequate and didn’t even remotely approach the basic “Rules of Natural Justice”.  I therefore sent off an email to every Facebook email address that I had got. 
 
Here is my email to them:-
 
Dear Sir
 
I have tried to log in to my above profile and your system asked me to submit an ID check.  There is no proper detail of any reason why this happened nor a clear appeal process just some generic items which can’t be relevant to me.
 
I am currently a candidate standing in an election here in England and I have already done your double identity check for political figures and advertising so you should be aware.
 
Here in the UK it is a crime under the Representation Of the People Acts for candidates to be slandered so I would politely ask you to sort this out and restore my profile or I shall get the police involved tomorrow.”
 
In reply I did get this answer:- 
 
“Hi Robin,
Thanks for your report.  We’ll review the information you provided and get back to you when we have an update on your report.
 
In the meantime, you can review our Community Standards to learn more bout what is and isn’t allowed on Facebook:
 
 
We appreciate your patience.
 
View updates from your Support Inbox:  https://fb.me/1FCup0kANUMY5ok
 
Thanks,
The Facebook Team
 
Since then I have not received any substantive response explaining either why they have done it or what they are going to do about it.
 
 
2.       Any discussions between staff and Employer regarding the above.
 
 
And I would like access to the following: –
 
a)    Any memoranda and notes taken (including handwritten notes) at any meetings where the above was discussed.
b)    E-mails, or any form of instant messaging or text message communications, between individuals at employer, including personal e-mails to the extent that they were used for work purposes regarding the above.
c)    Transcripts of Telephone conversations where the above was discussed.
 
In conducting a search, please ensure that search terms include for my full name, my initials, a short name or any name or variation that might be used by any of the above people to identify me.
 
If you do not disclose any of the documents mentioned above, I would be grateful if you could confirm that a search has been conducted and no results have been found. I may in due course, request sight of the search terms that were used and the results of the searches conducted.
 
It may be helpful for me to point out that there are time limits set for you response under the Data Protection Act 2018 (UK) and sanctions, including criminal sanctions, for non-compliance.
 
Yours faithfully
 
 
R C W Tilbrook
 
 
Facebook’s Reply of the 14thAugust:-
 
Dear Mr Tilbrook
 
Thank you for contacting Facebook.
 
In relation to the disablement of your account, our specialist team reviewed the disablement of your account and we can confirm that your account was correctly disabled for violations of our Terms of Service and Community Standards.  Our internal policies and protocols with respect to the application of our Terms and Community Standards are not your personal data and so these documents do not fall within the scope of Article 15 GDPR.
 
With respect to our decision to disable your account we reserve the right not to provide users with access to data relating to disablement and we are entitled to do so under the exemptions to article 15 GDPR.
 
To the extent information contained in internal documentation in respect of the violation of our policies and protocols comprises personal data about you, we are not able to provide this information to you as such provision could adversely affect the rights and freedoms of others, as set out in Article 15 (4) GDPR.  This would include the rights and freedoms of the members of our Community Operations team but more importantly, the rights and freedoms of users who have reported your behaviour.
 
Furthermore, providing specific information around what exactly triggers disablement may have the propensity to prejudice the effective application of our policies and protocols by potentially allowing individuals to understand how we determine breaches and therefore how to adjust their behaviour slightly so as to avoid their account being actioned.  As such, we will not comply with your request for this specific data.
 
We hope this is helpful information, but please do let us know if you have any further questions.
 
Facebook
 
 
I then responded on the 20th August as follows:-
 
 
 
Dear Sir
 
Thank you for your letter of the 14th August. 
 
Your answer is wholly unsatisfactory and amounts to a blatant breach not only of the GDPR but also of the basic “Rules of Natural Justice”.
 
I shall now seek your prosecution for criminal breaches of the GDPR.
 
Yours faithfully
 
 
R C W Tilbrook
 
 
I have also written to the Information Commissioner as follows on the 21st August:-
 
Dear Sir
 
Complaint against Facebook
 
I enclose a copy of my letter to Facebook dated the 29th July 2019 requesting information under the General Data Protection Regulation (GDPR) (EU) 2016/679 [Data Protection Act 2018 (UK)].  I also enclose a copy of Facebook’s response dated the 14thAugust, together with my reply. 
 
In the circumstances I formally request that you accept this as a complaint against Facebook.  I should like to see them prosecuted if they fail to provide the requisite data.
 
Yours faithfully
 
 
R C W Tilbrook