BRUSSELS— European Union data protection regulators said on Wednesday that they would investigate Facebook over a feature that uses face-recognition software to suggest people’s names to tag in pictures without their permission, and a privacy group in the United States said that it planned to file a complaint with the Federal Trade Commission over the feature.
A group of privacy watchdogs drawn from the European bloc’s 27 nations will study the measure for possible rule violations, said Gérard Lommel, a Luxembourg member of the so-called Article 29 Data Protection Working Party. Authorities in Britain and Ireland said they are also looking into the photo-tagging function on the world’s most popular social networking service.
“Tags of people on pictures should only happen based on people’s prior consent and it can’t be activated by default,” said Mr. Lommel. Such automatic tagging suggestions “can bear a lot of risks for users” and the European data protection officials will “clarify to Facebook that this can’t happen like this.”
Facebook said on its blog on Tuesday that “Tag Suggestions” was available in most countries after being phased in over several months. When Facebook users add photos to their pages, the feature uses facial-recognition software to suggest names of people in the photos to tag based on pictures in which they have already been identified. Before the feature was introduced, users could tag pictures manually without permission from their friends.
The feature is active by default on existing users’ accounts, and Facebook explains on its blog how people can disable the function if they don’t want their names to be automatically suggested for other people’s pictures.
“We launched Tag Suggestions to help people add tags of their friends in photos; something that’s currently done more than 100 million times a day,” Facebook, which is based in Palo Alto., Calif., said in an e-mailed statement. “Tag suggestions are only made to people when they add new photos to the site, and only friends are suggested.”
In Europe, where personal privacy is protected by law more often than in the United States, Google, Microsoft and Yahoo have also been pushed by data protection officials to limit the amount of time they store online users’ search records.
The Information Commissioner’s Office of Britain is “speaking to Facebook” about the privacy aspects of the technology, said Greg Jones, a spokesman for the group.
“We would expect Facebook to be upfront about how people’s personal information is being used,” Mr. Jones said. “The privacy issues that this new software might raise are obvious.”
The Irish data protection authority is also looking into the issue, said a spokeswoman, Ciara O’Sullivan.
The Article 29 group guides the work of national data protection agencies, which have the power to punish companies that break privacy rules.
Meanwhile, the Electronic Privacy Information Center, based in Washington, is working on its complaint and expected to file it with the F.T.C. Wednesday or Thursday, Marc Rotenberg, the group’s executive director, said in an interview. He said other privacy and consumer groups that he declined to identify planned to join the complaint.
A spokesman for Facebook, Andrew Noyes, declined to comment on the center’s plans for the F.T.C. complaint.