OAIC holds Facebook to account over Libra project


By Dylan Bushell-Embling
Thursday, 08 August, 2019


OAIC holds Facebook to account over Libra project

The Office of the Australian Information Commissioner (OAIC) has joined forces with international privacy regulators to demand information from Facebook and the Libra network on how they will protect personal information as part of the global cryptocurrency project.

The OAIC has initiated joint action with the UK’s Information Commissioner’s Office, with support from data protection authorities in the UK, US, Canada and EU.

The agencies have issued a joint statement on global privacy expectations of the Libra Network.

“As representatives of the global community of data protection and privacy enforcement authorities, collectively responsible for promoting the privacy of many millions of people around the world, we are joining together to express our shared concerns about the privacy risks posed by the Libra digital currency and infrastructure,” the statement reads.

“These risks are not limited to financial privacy, since the involvement of Facebook Inc., and its expansive categories of data collection on hundreds of millions of users, raises additional concerns.”

According to the authorities, many regulators have had to express previous issues where Facebook’s handling of people’s information has not met the expectations of regulators, or their own users.

Because of this, the regulators are sharing their expectations with the Libra Association, Facebook’s subsidiary Calibra and any future Libra digital wallet provider in advance.

These expectations include addressing questions such as how global data protection and privacy enforcement authorities can “be confident that the Libra Network has robust measures to protect the personal information of network users”.

In particular, Libra Network is expected to ensure that participants will provide clear information about how personal information can be used, ensure that privacy control settings are prominent and easy to use, and give people procedures for exercising their privacy rights — including deleting their accounts.

This last expectation could be a challenge given that information in distributed ledgers can never be deleted, only appended.

Libra Network will also be expected, among other things, to incorporate privacy by design principles while developing its infrastructure, undertake data protection impact assessments and ensure that its data protection and privacy policies, standards and controls apply consistently across all jurisdictions.

“This is an important step in a global regulatory movement that is holding online companies to account for how they handle personal information,” Australian Information Commissioner and Privacy Commissioner Angelene Falk said.

“Given the many initiatives taking place in our finance and technology sector, privacy must be a key component of any significant digital initiative such as Libra.”

Image credit: ©stock.adobe.com/au/peshkova

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Related Articles

Digital experience is the new boardroom metric

Business leaders are demanding total IT-business alignment as digital experience becomes a key...

Data quality is the key to generative AI success

The success of generative AI projects is strongly dependent on the quality of the data the models...

The top hurdles that will keep Australian CDOs up at night in 2024

The era of AI promises plenty of potential but this also guarantees increased complexity for...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd