> The most important principle for Facebook is that every person owns and controls her information. Each person owns her friends list, but not her friends’ information. A person has no more right to mass export all of her friends’ private email addresses than she does to mass export all of her friends’ private photo albums.
> Email is different from social networking because in an email application, each person maintains and owns their own address book, whereas in a social network your friends maintain their information and you just maintain a list of friends. Because of this, we think it makes sense for email applications to export email addresses and for social networks to export friend lists.
So the way they're construing this, contact information is not your data to begin with, but rather someone else's data which you've been granted (perfectly revokable) access to. I don't know if this holds in court, but I'm pretty sure no one will bother bringing this to court to find out.
I think tomelders is talking about the legality of the plug-in, which collects personal data and provides it to another party. (Edit: Actually, on rereading, maybe he really was talking about a right of access to the Facebook data. The following stands either way.)
I'm not a lawyer, but I do spend a significant amount of time working with data protection and privacy issues in the UK. With my current understanding, I don't see how that could even possibly be permitted under the data protection and privacy laws here without the consent of those whose data you're transferring to Google+.
I suspect Google could get into trouble with the ICO (what, again?) if they are behind the plug-in, but if I were them, I'd be more worried about the European level privacy hawks. Here in the UK we're relatively forgiving, but Europe can and does slap down megacorps with significant penalties from time to time.
Yeah. Except Google's DLF allows you to export just about anything and everything you can create in Google products. It's true that Google's search is it's bread and butter but in the battle for good will, Facebook keeps shooting itself in the foot.
The 1998 data protection act is about data relating to you - the data of your friends would not be covered (obviously it would be covered for them).
Even for that data, while the (British) law states that people must be able to claim the information stored about them, they have to submit a request, and the company is allowed to charge a small fee.
Stored lists of related individuals are covered by the DPA 1998, just not their personal details other than their name. This is not explicit but implied by the fact that related people on a credit file can be obtained under the DPA setting a precedent for access.
This has been demonstrated a few times in court but I can't be bothered to dig around for references.
You can play it out in court if the judge is favourable with this case: Since Facebook has allowed viewing emails for many years, there's a reasonable expectation that emails will always be there. By suddenly doing attempts to circumvent a tool, they could run afoul of; de facto false advertising (the author stated that the use was allowed since 2010) or anti-trust/monopoly laws by abusing their monopoly against new competition.
However, Facebook could whip out their ToS and point out that his extension is illegal as noted buried somewhere deep in the legalese. Or something else.
Even though I'm IANAL, this isn't clear cut to me either.
Data Protection wouldn't cover this. They're keeping the data securely, and you have personal access to it. Data Protection doesn't stipulate that you must be able to easily export your data to rival services, I'm afraid.
If it's still on their servers, to comply with the act they'd need to provide access to your information within 40 calendar days for a charge no greater than £10.
I would have hoped that data protection laws (I'm in the UK) would have protected this, since it provides me with access to my own data.