A Brussels commercial court has ruled that Facebook must within 48 hours cease collecting their subscribers’ Internet browsing data when they are not logged in. If they don’t stop this practice, then the Social Media giant faces a daily fine of €250,000. As a consquence, Facebook stock closed lower by 0.56% to $106.49 yesterday (Monday).
The Belgian Privacy Commission had brought the case against Facebook in June, accusing the company of raking in personal data of its users as well as nonmembers without asking for consent or adequately explaining how the data would be used. At issue for the regulator was how Facebook tracks Internet users on external websites through the use of “like” and “share” buttons. This latest ruling is merely the latest in a set of Facebook-related privacy investigations in Europe and comes a month after the European Court of Justice ruled that the EU-US Safe Harbor data transfer pact was invalid, following a complaint against Facebook Ireland.
Facebook does not refute these allegations and has already acknowledged that it collects data on users’ Internet browsing when they are not logged in via cookies placed within an individual’s Web browser if they have visited the Facebook.com website. It says that the cookies in question only identify browsers, not people, and helps the company to distinguish legitimate visits from those by attackers. Interestingly, Facebook also argued that it should be regulated solely by the Irish Data Protection Commissioner owing to the fact that it has its European headquarters in Dublin.
This week’s decision is the first time that a European privacy watchdog has successfully sued Facebook for not complying with privacy law. Facebook, meanwhile, has commented that it will be appealing the decision. The site remains by far the most popular social network in Ireland with 60% of Irish people owning accounts. Of these users, 72% log on every day. This makes Facebook more than twice as popular as Twitter which has 26% of Irish people owning accounts. Facebook controls access to its 1.5 billion or so users wordwide, and it does so by tweaking the algorithm that determines which updates appear in a particular user’s news feed. Furthermore, an increasing number of online publishers now rely on Facebook for a significant part of their traffic—in some cases as much as 60% of it.
The obvious influence of the company is apparent and with decisions like this now being handed down it is an interesting time for privacy law which faces an ongoing battle with corporate interests. The aforementioned cookies can subsist for up to two years, and while their individual effect may be minimal, it can be argued that when they are coupled with other data there is a guaranteed impact on a person’s privacy if/when such aggregated data falls into the wrong hands. Please read our blog for opinion and analysis on what can, and does, happen and feel free to contact us via PrivacyEngine if any advice on information privacy is needed.