Facebook is yet again being tagged in a breach of data protection laws, but this time it’s ‘checking-in’ to a European court in Brussels, Belgium.
A recent slew of cases, in which Facebook is the leader, hints at stricter and broader privacy laws to protect users’ private data. Harvesting data for marketers and advertisers continues to be the hot topic. A decision on Monday regarding Facebook confirms this.
On Monday, a court in Brussels ordered Facebook to stop collecting digital information about non-users who accessed Facebook users’ profiles or webpages – subjecting it to a fine of $270,000 a day if fails to comply. Just last week, a California federal judge ordered Facebook to turn over data it compiled from users’ private messages and subsequently sold to advertisers.
The case was brought by the Belgian Privacy Commission and accused the social media giant of compiling data or “digital cookies” on non-users and users who were “logged out” for advertising purposes. These digital cookies are simple files embedded in Facebook’s page and in other websites that have “like” or “share” buttons linked to Facebook.
The specific cookie which Facebook calls the “dtr cookie” stays with a user for up to two years and provides whether a user has visited a website before and notifies the website itself – it tracks data such as how many times a user visits the site, how long the user stays on the site, and what the user clicks on.
“The judge ruled that this is personal data, which Facebook can only use if the internet user expressly gives their consent, as Belgian privacy law dictates,” a statement from the court stated.
The European court found that those non-users did not consent to Facebook’s use of their online activities.
The Belgian Privacy Commission has suggested several solutions for Facebook to comply with EU data privacy laws: track users only when they are logged into the social network and not logged out, use session cookies which expire after a certain time or when they aren’t need, or seek explicit consent from users for any tracking related to serving ads.
Facebook claims that it used the dtr cookie safely for the past five years and plans to appeal. The ruling and subsequent appeal should prove helpful to provide guidelines on issues of consent and European / International Data Privacy Laws.