Facebook tracks visitors "secretively: no consent is asked for this 'tracking and tracing' and the use of cookies," the Privacy Commission said. (Photo: Ze'ev Barkan/flickr/cc)
Nov 10, 2015
A Belgian court on Monday gave Facebook 48 hours to stop tracking visitors who are not members of the social media network--or start paying $269,000 a day in fines.
Privacy Commission, a Belgian watchdog group, sued the tech company in June for violating the country's privacy laws by using so-called "datr" cookies to track visitors without accounts and store their personal data for up to two years, including how long they stayed on the site, what they clicked on, and which preferences they set. The cookies even ensnare those who click a Facebook "like" button on other websites.
Monday's ruling said the company had to obtain explicit consent before it could collect such unique and identifying information.
"The judge ruled that this is personal data, which Facebook can only use if the internet user expressly gives their consent, as Belgian privacy law dictates," the court said in its statement.
The Privacy Commission investigated Facebook's use of the datr cookies for months before filing the lawsuit. "Facebook does this secretively: no consent is asked for this 'tracking and tracing' and the use of cookies," the organization wrote in May. "No targeted information is provided. The available information is vague and authorizes just about anything."
The commission's president, Willem Debeuckelaere, said at the time, "The way in which these members' and all internet users' privacy is denied calls for measures."
Facebook must "start working in a privacy-friendly way," Debeuckelaere said. "It's bend or break."
Facebook said it would appeal the ruling. The tech giant has previously argued that it is only subject to privacy laws in Ireland, where its European headquarters are located--a claim it has used in other countries, such as Germany, over similar privacy complaints.
"We've used the data cookie for more than five years to keep Facebook secure for 1.5 billion people around the world," a Facebook spokesperson said after the ruling. "We will appeal this decision and are working to minimize any disruption to people's access to Facebook in Belgium."
Monday's decision is the latest legal challenge to emerge from within the European Union (EU) against the tech industry. The European Court of Justice in October ruled that the right to personal privacy trumps government spying--a case that will force companies in the U.S., including Facebook, to come up with alternative means of transferring user data.
"It follows a trend of the courts in Europe," Alexander Whalen, manager of digital economy policy at DigitalEurope, toldUSA Today. "It does send a message."
Join Us: News for people demanding a better world
Common Dreams is powered by optimists who believe in the power of informed and engaged citizens to ignite and enact change to make the world a better place. We're hundreds of thousands strong, but every single supporter makes the difference. Your contribution supports this bold media model—free, independent, and dedicated to reporting the facts every day. Stand with us in the fight for economic equality, social justice, human rights, and a more sustainable future. As a people-powered nonprofit news outlet, we cover the issues the corporate media never will. |
Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.
Nadia Prupis
Nadia Prupis is a former Common Dreams staff writer. She wrote on media policy for Truthout.org and has been published in New America Media and AlterNet. She graduated from UC Santa Barbara with a BA in English in 2008.
A Belgian court on Monday gave Facebook 48 hours to stop tracking visitors who are not members of the social media network--or start paying $269,000 a day in fines.
Privacy Commission, a Belgian watchdog group, sued the tech company in June for violating the country's privacy laws by using so-called "datr" cookies to track visitors without accounts and store their personal data for up to two years, including how long they stayed on the site, what they clicked on, and which preferences they set. The cookies even ensnare those who click a Facebook "like" button on other websites.
Monday's ruling said the company had to obtain explicit consent before it could collect such unique and identifying information.
"The judge ruled that this is personal data, which Facebook can only use if the internet user expressly gives their consent, as Belgian privacy law dictates," the court said in its statement.
The Privacy Commission investigated Facebook's use of the datr cookies for months before filing the lawsuit. "Facebook does this secretively: no consent is asked for this 'tracking and tracing' and the use of cookies," the organization wrote in May. "No targeted information is provided. The available information is vague and authorizes just about anything."
The commission's president, Willem Debeuckelaere, said at the time, "The way in which these members' and all internet users' privacy is denied calls for measures."
Facebook must "start working in a privacy-friendly way," Debeuckelaere said. "It's bend or break."
Facebook said it would appeal the ruling. The tech giant has previously argued that it is only subject to privacy laws in Ireland, where its European headquarters are located--a claim it has used in other countries, such as Germany, over similar privacy complaints.
"We've used the data cookie for more than five years to keep Facebook secure for 1.5 billion people around the world," a Facebook spokesperson said after the ruling. "We will appeal this decision and are working to minimize any disruption to people's access to Facebook in Belgium."
Monday's decision is the latest legal challenge to emerge from within the European Union (EU) against the tech industry. The European Court of Justice in October ruled that the right to personal privacy trumps government spying--a case that will force companies in the U.S., including Facebook, to come up with alternative means of transferring user data.
"It follows a trend of the courts in Europe," Alexander Whalen, manager of digital economy policy at DigitalEurope, toldUSA Today. "It does send a message."
Nadia Prupis
Nadia Prupis is a former Common Dreams staff writer. She wrote on media policy for Truthout.org and has been published in New America Media and AlterNet. She graduated from UC Santa Barbara with a BA in English in 2008.
A Belgian court on Monday gave Facebook 48 hours to stop tracking visitors who are not members of the social media network--or start paying $269,000 a day in fines.
Privacy Commission, a Belgian watchdog group, sued the tech company in June for violating the country's privacy laws by using so-called "datr" cookies to track visitors without accounts and store their personal data for up to two years, including how long they stayed on the site, what they clicked on, and which preferences they set. The cookies even ensnare those who click a Facebook "like" button on other websites.
Monday's ruling said the company had to obtain explicit consent before it could collect such unique and identifying information.
"The judge ruled that this is personal data, which Facebook can only use if the internet user expressly gives their consent, as Belgian privacy law dictates," the court said in its statement.
The Privacy Commission investigated Facebook's use of the datr cookies for months before filing the lawsuit. "Facebook does this secretively: no consent is asked for this 'tracking and tracing' and the use of cookies," the organization wrote in May. "No targeted information is provided. The available information is vague and authorizes just about anything."
The commission's president, Willem Debeuckelaere, said at the time, "The way in which these members' and all internet users' privacy is denied calls for measures."
Facebook must "start working in a privacy-friendly way," Debeuckelaere said. "It's bend or break."
Facebook said it would appeal the ruling. The tech giant has previously argued that it is only subject to privacy laws in Ireland, where its European headquarters are located--a claim it has used in other countries, such as Germany, over similar privacy complaints.
"We've used the data cookie for more than five years to keep Facebook secure for 1.5 billion people around the world," a Facebook spokesperson said after the ruling. "We will appeal this decision and are working to minimize any disruption to people's access to Facebook in Belgium."
Monday's decision is the latest legal challenge to emerge from within the European Union (EU) against the tech industry. The European Court of Justice in October ruled that the right to personal privacy trumps government spying--a case that will force companies in the U.S., including Facebook, to come up with alternative means of transferring user data.
"It follows a trend of the courts in Europe," Alexander Whalen, manager of digital economy policy at DigitalEurope, toldUSA Today. "It does send a message."
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.