Belgium Tells Facebook: Quit Tracking Us...Or Pay Up

Published on

Belgium Tells Facebook: Quit Tracking Us...Or Pay Up

Court gives tech giant 48 hours to stop using data-sweeping cookies to store data of visitors who are not members of social network

Facebook tracks visitors "secretively: no consent is asked for this 'tracking and tracing' and the use of cookies," the Privacy Commission said. (Photo: Ze'ev Barkan/flickr/cc)

A Belgian court on Monday gave Facebook 48 hours to stop tracking visitors who are not members of the social media network—or start paying $269,000 a day in fines.

Privacy Commission, a Belgian watchdog group, sued the tech company in June for violating the country's privacy laws by using so-called "datr" cookies to track visitors without accounts and store their personal data for up to two years, including how long they stayed on the site, what they clicked on, and which preferences they set. The cookies even ensnare those who click a Facebook "like" button on other websites.

Monday's ruling said the company had to obtain explicit consent before it could collect such unique and identifying information.

"The judge ruled that this is personal data, which Facebook can only use if the internet user expressly gives their consent, as Belgian privacy law dictates," the court said in its statement.

The Privacy Commission investigated Facebook's use of the datr cookies for months before filing the lawsuit. "Facebook does this secretively: no consent is asked for this 'tracking and tracing' and the use of cookies," the organization wrote in May. "No targeted information is provided. The available information is vague and authorizes just about anything."

The commission's president, Willem Debeuckelaere, said at the time, "The way in which these members' and all internet users' privacy is denied calls for measures."

Facebook must "start working in a privacy-friendly way," Debeuckelaere said. "It's bend or break."

Facebook said it would appeal the ruling. The tech giant has previously argued that it is only subject to privacy laws in Ireland, where its European headquarters are located—a claim it has used in other countries, such as Germany, over similar privacy complaints.

"We've used the data cookie for more than five years to keep Facebook secure for 1.5 billion people around the world," a Facebook spokesperson said after the ruling. "We will appeal this decision and are working to minimize any disruption to people’s access to Facebook in Belgium."

Monday's decision is the latest legal challenge to emerge from within the European Union (EU) against the tech industry. The European Court of Justice in October ruled that the right to personal privacy trumps government spying—a case that will force companies in the U.S., including Facebook, to come up with alternative means of transferring user data.

"It follows a trend of the courts in Europe," Alexander Whalen, manager of digital economy policy at DigitalEurope, told USA Today. "It does send a message."

Share This Article