Facebook's Ireland offices are being audited, as the company is facing a possible €100,000 ($138,000) fine for retaining data deleted by users, The Guardian reports.

The case began when a 24-year-old Austrian law student, Max Schrems, asked Facebook for a copy of all his personal data in June. Facebook complied, sending him a CD containing 1,200 pages of data, including his likes, "friend" and "defriend" history, and chat logs.

The problem? Schrems had deleted some of the data returned to him from his profile, yet Facebook retained his information.

Schrems proceeded to start an initiative called Europe vs. Facebook, and filed 22 individual claims about the social network's practices.

The complaints include some of the ways Facebook keeps deleted user data, and highlight some of Facebook's Terms of Service and business shortcomings.

"Postings that have been deleted showed up in the set of data that was received from Facebook," says one complaint. "The privacy settings only regulate who can see the link to a picture. The picture itself is “public” on the internet. This makes it easy to circumvent the settings," says another.

According to ZDNet, the complaints have already yielded results: Ireland's Data Protection Commissioner (DPC) has called for an audit of Facebook's offices, which will take place before Christmas.

Should the DPC find Facebook has breached Irish data protection law, it can ask the company to change the way it handles personal data. Should Facebook fail to comply, it could face a fine of up to €100,000 ($138,000). Of course, for Facebook, the negative publicity could be more damaging than the amount of the fine.

In February 2009, Facebook changed its Terms of Service, giving itself the right to use or modify user data in any way it wants, even if a user quits the service.

This subtle change in Facebook's TOS prompted a huge public backlash, ultimately forcing Facebook to backpedal a little. In an elaborate blog post, Mark Zuckerberg explained why the company feels it needs to retain a copy of user's data.

While some of his arguments are valid — for example, it's very tricky to permanently delete a message you've sent another user, as the other user also has the right to keep his/her copy — this latest incident might once again spark complaints from users feeling Facebook has granted itself too many liberties with their data.

With the public roll-out of Timeline on the horizon, many users are bound to have a slew of new privacy concerns. If you are already using Timeline, have you found any of your data you thought was hidden or deleted appearing publicly? Please share your experiences below.

[via The Guardian]