CNET también está disponible en español.

Ir a español

Don't show this again

Digital Media

Facebook to roll out new privacy tools ahead of EU law

The landmark GDPR will give Europeans more control over how companies use their data.


Facebook COO Sheryl Sandberg speaks with French President Emmanuel Macron during the "Choose France" summit at the Chateau de Versailles, near Paris, on Monday.

Thibault Camus/AFP/Getty Images

Facebook plans to give its 2 billion users more control over their data before a landmark data collection law goes into effect in Europe this spring.

The European Union's General Data Protection Regulation, which goes into affect in May, aims to give Europeans more control over their information and how companies use it. Companies that fail to comply face fines of as much as 4 percent of their annual revenue.

"We're rolling out a new privacy center globally that will put the core privacy settings for Facebook in one place and make it much easier for people to manage their data," Facebook COO Sheryl Sandberg said, according to a Reuters account of a Facebook event in Brussels on Tuesday.

Facebook has for years had a complicated relationship with users' privacy, making the social-networking giant the subject of criticism, lawsuits and threatened federal action over various changes to its privacy policy.

The company abandoned its controversial Beacon advertising program in 2007 after user backlash over the broadcasting of members' activity on partner sites to their Facebook friends. Under the program, the purchase of a Fandango movie ticket would be immediately broadcast to your Facebook friends.

Two years later, a revision to Facebook's terms of use suggested the company claimed ownership of user profile data and photos. The resulting backlash forced the company to rescind those changes and resulted in CEO Mark Zuckerberg saying the company would create "a new approach to site governance" so that its decision making would be more transparent.

The new law will introduce tougher rules on processing and storing personal data and require companies to seek explicit consent before using personal data. Companies must be able to provide its users with a copy of their personal data and are required to report data breaches within 72 hours.

"Our apps have long been focused on giving people transparency and control and this gives us a very good foundation to meet all the requirements of the GDPR and to spur us on to continue investing in products and in educational tools to protect privacy," Sandberg said.

The new law isn't focused solely on Facebook or tech companies in general. Other companies that collect large amounts of data, including health care providers, insurers and banks, will also be deeply impacted by the new law.

Special Reports: All of CNET's most in-depth features in one easy spot.

It's Complicated: This is dating in the age of apps. Having fun yet? These stories get to the heart of the matter.