Facebook has hit back at claims it creates 'Shadow profiles' of web users that have not signed up to the social network.

According to Max Schrems, a 24-year old Austrian law student that raised his concerns with Ireland's Data Protection Commissioner (IDPC), profiles for non-users are created by storing information such as email addresses, phone numbers, names and even work information when members sync their mobile phones with their social networking account, or even import information from their email accounts and instant messaging services. Schrems has also set up a website Europe versus Facebook in a bid to raise awareness of the issue.

The Shadow profiles are just one of a total of 22 complaints that have been filed with the Irish Data Protection Commissioner by the student.

However, Facebook denies the claims. Communications and Policy Manager Mia Garlick told The Register the only information on non-user that is stored is their email address and name so that friends that may have searched for that at some time can be made aware when they join the network.

“We keep the invitees’ email address and name to let you know when they join the service. This practice is common among almost all services that involve invitations … the assertion that Facebook is doing some sort of nefarious profiling is simply wrong,” she said.

“In addition, Facebook offers more control than other services, by enabling people to delete their e-mail address from Facebook, or opt-out of receiving invites.”

The IDPC confirmed it would be investigating the complaints as part of a pre-planned audit of the social network, which is expected to begin before the end of the month. According to The Guardian, if Facebook is found to be breaching data protection laws, the social network could face a fine of up €100,000.