Global regulators call for Facebook to reveal Libra's data protection policies
Since its launch, Facebook's stablecoin has garnered widespread concern about user privacy
The Information Commissioner's Office (ICO) has issued a joint statement to Facebook's Libra subsidiaries expressing concerns about the company's data protection framework to accompany its upcoming stablecoin.
The British ICO joined Albania, Australia, Canada, Burkina Faso and the USA's data protection officials, alongside the EU's Data Protection Supervisor Giovanni Buttarelli, as signatories to the statement.
In it, the signatories jointly asked Facebook and the 28 other companies behind the Libra project to answer questions about how its data policies will adhere to data protection laws.
This international effort to address Facebook and the Libra Network is a significant one because data protection regulators have never had to govern a cryptocurrency before.
The signatories acknowledge the "broad public statements" made by Facebook and its subsidiary Calibra on the topic of privacy, but note that data handling practices regarding the safekeeping of sensitive information haven't been specifically addressed.
"Additionally, given the current plans for a rapid implementation of Libra and Calibra, we are surprised and concerned that this further detail is not yet available," the statement read.
In response, the collective data watchdogs expect the Libra Network to satisfactorily address a heavily detailed list of questions including how assurances will be made regarding its robust data protection measures, compliance of data processors and the uniform application of compliance policies across all departments and arms of the Libra Network.
The statement also references Facebook's questionable data dealings from years gone by, concerning "hundreds of millions of users", and how the company's mere involvement in the project presents additional privacy concerns.
"The ambition and scope of the Libra project has the potential to change the online payment landscape, and to offer benefits to consumers," said Elizabeth Denham, UK information commissioner. "But that ambition must work in tandem with people's privacy expectations and rights.
"Facebook's involvement is particularly significant, as there is the potential to combine Facebook's vast reserves of personal information with financial information and cryptocurrency, amplifying privacy concerns about the network's design and data sharing arrangements."
This joint statement isn't the first time Facebook's Libra coin has garnered harsh criticism from the industry. Back in July, US treasury secretary Steven Mnuchin branded Facebook's cryptocurrency "a national security risk" before adding the tech giant had much more work to do before he could be comfortable with the idea of its release.
Shortly after Libra's June 2019 announcement, industry experts were quick to throw speculation in the direction of the cryptocurrency. One cryptography expert said that Libra suffers fundamental design flaws which could enable third-party data sharing.
Libra is a stablecoin announced by Facebook earlier this year - a cryptocurrency tied to a fiat currency such as a dollar or euro so the wild Bitcoin-esque price fluctuations wouldn't be an issue to contend with. It will operate much like how Bitcoin does now, using an electronic wallet to exchange funds over a managed blockchain network.
Facebook has said Libra will use "all the same verification and anti-fraud processes that banks and credit cards use, and we'll have automated systems that will proactively monitor activity to detect and prevent fraudulent behaviour".
However, as today's statement indicates, this hasn't done enough to assure regulators of the currency's data protection compliance and we can only wait and see if Facebook opens up about its policies to appease the likes of the ICO.
Consumer choice and the payment experience
A software provider's guide to getting, growing, and keeping customersDownload now
Prevent fraud and phishing attacks with DMARC
How to use domain-based message authentication, reporting, and conformance for email securityDownload now
Business in the new economy landscape
How we coped with 2020 and looking ahead to a brighter 2021Download now
How to increase cyber resilience within your organisation
Cyber resilience for dummiesDownload now