Facebook may not prevent its users from using fake names, a German privacy watchdog said on Tuesday, in the latest privacy setback for the U.S. company in Europe.
The Hamburg data protection authority, which is responsible for policing Facebook in Germany, said the social network firm could not unilaterally change users’ chosen usernames to their real names, nor could it ask them for official ID.
A woman had complained to the Hamburg watchdog after Facebook blocked her account for using a pseudonym, requested a copy of her ID and unilaterally changed her username into her real name.
The Hamburg Data Protection Authority said the woman did not want to use her real name to avoid being contacted through it for business matters.
Forcing users to stick to their real names violated their privacy rights, it said.
Facebook said it was disappointed with the order and that German courts had reviewed it on many occasions and deemed it compliant with EU law.
“The use of authentic names on Facebook protects people’s privacy and safety by ensuring people know who they’re sharing and connecting with,” said a spokesperson for the company.
Facebook has maintained that as its European headquarters are in Ireland it should only abide by Irish law in Europe and consequently has rejected the jurisdiction of other national authorities.
In an audit in December 2011 the Irish privacy watchdog concluded that Facebook’s authentic name policy did not contravene Irish law and its reasons for the policy, such as child safety and the prevention of online harassment, were justified.
However Johannes Caspar, the Hamburg Commissioner for Data Protection, rejected the argument that Facebook should only be subject to Irish data protection laws.
“For that matter Facebook cannot again argue that only Irish Data Protection law would be applicable … anyone who stands on our pitch also has to play our game,” he said.