Facebook's new timeline feature combined with other data such as a user's activity log will "present a more comprehensive set of access controls" for users to see their data than other comparable services, said Richard Allan, Facebook's director of policy for Europe.
Facebook has also agreed to changes around the use of its "Like," button, a widely used social plug-in used to share content from external websites on Facebook profiles.
Much controversy has surrounded what data the Like button collects and how it is used. The button collects IP addresses for users who are not even members of Facebook, reporting the key identifier back to the company. It will also do that for people who are Facebook members but are logged out of the service.
As a result of the audit, Facebook said it will now remove the last octet of an IP addresses it logs from a social plug-in within 10 days. For all users, whether logged in or logged out or not even a member, Facebook said it will delete its logs collected by a social plug-in after 90 days.
Ireland's DPC found that Facebook does not use information collected by the Like button for targeted advertising.
The DPC did rebuke Facebook over its facial recognition feature, which stores biometric information on users' faces in order to enable an automatic photo tagging feature.
The DPC said Facebook "should have handled the implementation of this feature in a more appropriate manner." Facebook has agreed to quickly change how it is presented by the end of the first week in January. Facebook will notify users a total of three times about the feature.
"We think that’s a very reasonable approach by Facebook on that issue," said Gary Davis, deputy data protection commissioner for Ireland, during a conference call.
The DPC said it confirmed that if a person that does not want to use the feature -- called "tag suggestions" -- their facial profile data will be deleted.
Sign up for CIO Asia eNewsletters.