Facebook rolled out privacy changes — but it’s being forced to do it anyway by regulators

  • Facebook has announced privacy changes to its platform since the Cambridge Analytica scandal.
  • These are aimed at making it easier for users to see the data being held and deleting it anyway.
  • But experts say that Facebook would have had to do this anyway to comply with a new EU rule called the General Data Protection Regulation or GDPR.
Jason Alden | Bloomberg via Getty Images

Facebook has announced a number of privacy changes to its platform in recent days following the Cambridge Analytica data scandal, but the social network would have likely had to make the fixes anyway because of new upcoming legislation.

On March 21, Chief Executive Mark Zuckerberg spoke out about the scandal in which 50 million Facebook user profiles were harvested with the data being sent to political consultancy Cambridge Analytica. He announced some changes including a tool at the top of the News Feed to show users what apps have access to the data, restricting developers' access to data, and other initiatives.

On Wednesday, the social media giant unveiled a raft of measures aimed at making it easier for users to see and access the data held by the company. Facebook said that it had been working on these measures for a while.

While they are trying to regain trust with consumers by pushing out the new measures, it's likely they would have come in whether the data scandal had happened or not.

"A lot of it, a lot of stuff they would need to have done to be compliant with the new European data protection laws, known as GDPR. So I'm not convinced how much of that was actually really new stuff," Damian Collins, a U.K. lawmaker who has summoned Zuckerberg to appear in front of the British parliament, told CNBC Wednesday.

Collins: Want to give data watchdog more powers
UK lawmaker: Want to give data watchdog more powers   

GDPR is short for the General Data Protection Regulation, a piece of legislation that will come into force across the European Union on May 25.

Part of GDPR requires companies to allow users to download the data held on them and let them transfer it to another service if they want. Another part of the legislation is the right to be forgotten and the right to request data be deleted. That is something Facebook said it is making easier.

So as much as Facebook might talk about being more responsible and being open to regulation, some of those laws are on the way and it's forcing them to implement these new features. And the implications will go beyond Europe to users in other parts of the world.

"A much tighter data environment from Europe is set to change the way Facebook handles what they collect and how they sell it; and given that Facebook's 2-plus billion users are tightly interconnected, a change in Europe will affect how they handle business for those users connected to those in Europe as well," Ian Bremmer, founder of political analysis firm Eurasia Group, said in a note earlier this week.

"So it's not quite as challenging for Facebook to say they're taking the popular outcry seriously and are prepared to address it — that legal 'fix' was already in the books."

A Facebook spokesperson was not immediately available for comment.

In a recent note to clients, Barclays said that Facebook has 93 million "lighter-weight" users in Europe and could see a small percentage of them go off the service completely.