Article by Mark Duell and Martin Robinson for MailOnline - published 15 December 2020
Facebook should not be trusted with protecting UK users when their data is moved to its US headquarters after Brexit because the social network is more interested in profits than privacy, a leading Tory told MailOnline today.
Damian Collins, former chairman of the Culture, Media and Sport Select Committee, believes that British Facebook users should have grave concerns about the plan announced by Mark Zuckerberg's social media behemoth this morning.
He said: 'For years Facebook has gathered as much data about people as it can, with as little transparency as possible, to maximise its profits. Can we trust it now when our data is transferred to their California headquarters?'
From next year the social network's US team will take control of legal responsibilities for UK users from next year, shifting away from stricter current EU-based user agreements. Google made the same decision in February.
UK users are currently overseen by Facebook Ireland in Dublin as part of the EU but this will switch to Facebook Inc in California once the Brexit transition period is over on January 1.
Privacy experts have raised fears that the change could also expose users to surveillance by US intelligence agencies or data requests from law enforcement.
Tory MP Mr Collins told MailOnline: 'We should have big concerns about this decision from Facebook. Although the legal protections for UK citizens' data will still apply, how easy will they be to enforce when it is being processed in the USA?'.
Pressure group The Real Facebook Oversight Board said sarcastically today: 'Oh look! Facebook is so concerned with privacy that it will move UK users to California terms now that EU has published plans to protect the privacy of its residents! Why would they do that?'
It comes as the EU attempts to clamp-down on the tech giants by forcing the likes of Facebook and Google to reveal how much advertising cash is passed onto publishers.
There are concerns the UK may move to a looser data privacy regime post-Brexit, especially as it pursues a trade deal with the US, which offers fewer protections.
Facebook's decision comes as the UK is escalating efforts to ban strong encryption, which the American firm is moving to implement on all its products.
The UK, like the EU, is also pressuring Facebook and its founder Mark Zuckerberg on a number of other fronts, including hate speech and terrorism policies.
Jim Killock, boss of the UK-based non-profit Open Rights Group, said: 'The bigger the company, the more personal data they hold, the more they are likely to be subject to surveillance duties or requirements to hand over data to the US government.
'Moving data out of the EU makes it harder to enforce your privacy rights. It means European actions to limit the power of the tech giants will not apply to UK citizens.
'It means the UK Information Commissioner's Office will need to be pushed to make the same decisions when companies break the law.
'And it means those tech giants can lobby for weaker UK rules to ensure they can get away with things in the UK that they cannot in the EU.'
EU-wide General Data Protection Regulation (GDPR) rules which require firms to protect people's data and privacy are among the strictest in the world.
Facebook said it will follow UK GDPR from 2021 and there will be no change to the privacy controls or services it currently offers.
The change - initially revealed to Reuters by sources briefed on the matter before Facebook confirmed it - follows a similar move announced in February by Google.
The two firms both currently have European head offices in Dublin, but Brexit will change the UK's legal relationship with Ireland, which remains in the EU.
A spokesman for Facebook's UK arm said: 'Like other companies, Facebook has had to make changes to respond to Brexit and will be transferring legal responsibilities and obligations for UK users from Facebook Ireland to Facebook.
'There will be no change to the privacy controls or the services Facebook offers to people in the UK.'
Facebook is making the change partly because the EU privacy regime is among the world's strictest, according to people familiar with the company.
The EU rules give users granular control over the use of their personal data.
The US Cloud Act, passed in 2018, set a way for the UK and US to more easily exchange data about cloud computing users.
US courts have held that constitutional protections against unreasonable searches do not apply to non-citizens overseas.
UK information industry regulators said they had been in touch with Facebook along with companies keeping European headquarters as Brexit nears.