German Commission Orders Facebook to Allow Fake Names

The Hamburg Data Protection Authority, a German regulatory body tasked with protecting data and privacy, said last Tuesday that Facebook is violating the privacy rights of its users by banning pseudonyms. The group ordered Facebook to allow users to choose fake names and has forbidden the company from changing usernames or asking users for their IDs. Facebook has issued an apology to affected users and will allow the use of preferred names.

The order came after a woman complained to the agency when Facebook blocked her account that used a fake name. Facebook then requested a copy of her ID and unilaterally changed her profile to display her real name. The woman purportedly used the pseudonym to avoid receiving business related contact through the site. Other business owners are worried about setting up business pages that must be associated with their real names.

Facebook has said that its policy against fake names is intended to ensure that users know who they’re interacting with, thus protecting their privacy and safety. However the policy has faced criticism from many arenas. For example transgender users and domestic violence survivors have voiced concern that the policy makes them vulnerable to abuse. Facebook apologized for the way it enforced the policy against members of the LGBT community and promised to make changes.

This decision is contrary to a result reached in December 2011, when an Irish court upheld the real name policy, agreeing with the rationale that it helps limit harassment and bullying. Facebook has argued that since its international headquarters are in Ireland, the company should only be subject to Irish law in Europe. But the Hamburg commissioner for data protection said, “Facebook cannot again argue that only Irish data protection law would be applicable. Anyone who stands on our pitch also has to play our game.” Facebook’s policy reversal stands in contrast to a German court’s 2013 ruling that Facebook was not subject to German data protection laws since the company’s European headquarters are located in Ireland.