The post that wasn't: Facebook monitors everything users type and not publish

Revelations on the NSA surveillance programs have raised many questions in people's mind on the use of personal data and how personal data are analysed and for which purpose. But do users know that Facebook analyses everything they type and not publish? We (users) spend a lot of time considering what to post on Facebook. Should I argue that political point my friend has made? Should I comment on a friend's status? Do my friends need to see yet another picture of my pet or baby? Most of us have, at one point or another, started typing something and then regretted it and deleted the post. However, the code in our browser that powers Facebook remembers what we typed, even though we decide to delete it. This means that posts we explicitly choose not to share are not entirely private. Facebook calls these unpublished posts “self-censorship”. A recent paper written by two Facebookers reveals how Facebook monitors and uses such unpublished thoughts. The question is whether this practice is covered by the Facebook Data Use Policy? The policy does not refer explicitly if Facebook manage self-censorship behavior. Moreover, while Facebook does not consider this practice a privacy violation, I argue that it clearly raises privacy and data protection issues. Under EU law, personal data can only be gathered legally under strict conditions, for a legitimate purpose. In this article I will analyse, using Facebook's self-censorship practices as an example, whether this practice is consistent with EU data protection law.