The Information Commissioner’s Office has joined forces with data protection authorities from around the world in demanding more openness from Facebook and other firms supporting the social media giant’s proposed Libra digital currency, amid fears the scheme could potentially be in breach of privacy laws.
Plans for the Libra blockchain digital currency were first revealed in May this year. The project, currency and transactions are to be managed and cryptographically entrusted to the Libra Association, a membership organisation founded by Facebook’s subsidiary Calibra and 27 others across payment, technology, telecoms, online marketplace, venture capital and not-for-profit organisations.
However, the plans have already been met by huge opposition on both sides of the Atlantic. Now, the ICO has waded in, too, by asking Facebook and the other 27 organisations to provide details of how customers’ personal data will be processed in line with data protection laws.
The statement asks for assurances that only the minimum required data will be collected, that the service will be transparent, and requests details of how data will be shared between Libra Network members.
The statement is signed by a cross section of authorities representing hundreds of millions of people in Europe, the Americas, Africa and Australasia. These include Information Commissioner Elizabeth Denham and her counterparts in Australia, the US, Canada, Burkina Faso and Albania, as well as the EU’s European Data Protection Supervisor.
Denham said: “The ambition and scope of the Libra project has the potential to change the online payment landscape, and to offer benefits to consumers. But that ambition must work in tandem with people’s privacy expectations and rights.
“Facebook’s involvement is particularly significant, as there is the potential to combine Facebook’s vast reserves of personal information with financial information and cryptocurrency, amplifying privacy concerns about the network’s design and data sharing arrangements.
“We know that the Libra Network has already opened dialogue with many financial regulators on how it intends to comply with financial services product rules. However, given the rapid plans for Libra and Calibra, we are concerned that there is little detail available about the information handling practices that will be in place to secure and protect personal information.
“I hope this statement will prompt an open and constructive conversation to ensure that data protection is a key part of the design process and that data protection regulators are a key consultative group as the Libra proposals develop.”