German privacy regulator orders Facebook to end its real name policy

Facebook said it would vigorously fight the order

A German privacy regulator ordered Facebook to stop enforcing its real name policy because it violates a German law that gives users the right to use nicknames online.

Facebook refused to permit the use of pseudonyms on its platform as required by the German Telemedia Act, Thilo Weichert, privacy commissioner and head of the Office of the Data Protection Commissioner (ULD) Schleswig-Holstein said on Monday. The ULD issued a decree forcing Facebook to start allowing pseudonyms immediately, he said.

"This decree is binding," said Weichert, who added that it is unacceptable that a U.S. portal like Facebook keeps violating German data protection law. To ensure users' rights and comply with data protection law in general, the real name obligation must be immediately abandoned by Facebook, the ULD said.

The orders were issued on Friday against Facebook USA and Facebook Ireland, which is responsible for all Facebook's activities outside of the U.S. and Canada.

Facebook has always had a real-name policy. Users should use their name as listed on their credit card or student ID, so people know who they are connecting with, Facebook states in its name policy. Any accounts set up under fake names will be removed from the site when discovered in order to keep the community safe, according to Facebook.

While the ULD can only enforce its mandate on behalf of Facebook users in the state of Schleswig-Holstein, the order could be adopted by other German data protection authorities, Weichert said. "We informed our colleagues and most of the supervising authorities agree with us," he said.

However, similar orders weren't issued in the other states because the ULD's order is being used as a pilot case, Weichert said.

The social network has two weeks to object to the order in court, or it could also decide to simply comply, he said. However, Weichert expects Facebook to fight the decree.

"We believe the orders are without merit, a waste of German taxpayers' money and we will fight it vigorously," a Facebook spokeswoman said in an emailed statement. It is the role of individual services to determine their own policies about anonymity within the governing law, she added. Facebook's real name policy complies with European data protection principles and Irish law, according to the social network.

Loek is Amsterdam Correspondent and covers online privacy, intellectual property, open-source and online payment issues for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to loek_essers@idg.com

Join the CSO newsletter!

Error: Please check your email address.

Tags securityIdentity fraud / theftFacebookprivacy

More about FacebookIDG

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Loek Essers

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place