Facebook said it isn't violating any U.K. laws. "We believe we are in full compliance with UK data protection law," the company stated. "We give users the notice that the UK Data Protection Act requires in order to inform them about what information is collected. We also give users granular control over what information they share and who they share it with."
But Dale Evans, senior data protection manager at the Information Commissioner's Office, reportedly told BBC Radio 4 that the organization was worried the procedure to completely expunge information was too cumbersome. "One of the things that we're concerned about is that if the onus is entirely on the individual to delete their own data," he said, according to the U.K. paper The Telegraph.
A European Union directive provides that companies should not retain personally identifiable information for "longer than is necessary for the purposes for which the data were collected."
For Facebook, this probe is just the latest in a series of problems stemming from privacy concerns. Last year, user complaints forced Facebook to retreat from its controversial new Beacon ad program, which told members about their friends' purchases. After weeks of protest, the company revamped the program to require users to opt-in before information about their e-commerce activity was shared.
The company also introduced an ad program dubbed Social Ads that tells members which of their friends have signed on as "fans" of particular marketers. That program also has come under fire for potentially violating people's right to control the commercial use of their images.
Two U.S. privacy groups, the Center for Digital Democracy and Electronic Privacy Information Center, are planning to file a lawsuit this month challenging both programs.
Jeff Chester, executive director of the Center for Digital Democracy, said he's hopeful that the U.K. investigation will help prompt a re-examination of the social networking site's policies. "It shows there's growing interest on both sides of the Atlantic to put Facebook's privacy policies in the regulatory crosshairs."