Belgian court orders Facebook to stop tracking non-members or face a $269000.
Facebook intends to appeal a privacy ruling in Belgium that forces the social media giant to stop collecting digital information about people who are not its users.BRUSSELS: Facebook said it would appeal a court ruling ordering it to stop tracking the online activities of non-Facebook users in Belgium who visit Facebook pages, or face a €250,000 (RM1.17mil) daily fine.As the AFP reports, Belgium set the clock ticking on Monday, saying that Facebook would face fines of up to €250,000 Euro ($267,000 USD) a day if it doesn’t comply within 48 hours. The ruling, announced late on Monday, is the latest in a number of European data protection cases that have engulfed Facebook, which collects reams of data on individuals’ online activities to power its fast-growing digital advertising business.
Belgium’s data protection regulator took the US company to court in June, accusing it of trampling on EU privacy law by tracking people without a Facebook account without their consent. A Belgian court on Monday dinged Facebook for secretly tracking visitors, while search website Spokeo will probably get away with similarly nosy conduct in America. Specifically, Facebook must change its tracking cookie policy, which can be used to monitor non-users’ activities and behaviors even though they are not actually registered or logged in. The court action dates back to June when the country’s data protection watchdog filed a civil suit against Facebook, following a highly critical report of Facebook’s data protection practices which the Belgian DPA commissioned following updates to Facebook’s privacy policy at the start of this year.
Many of the Continent’s data watchdogs, as well as the European Court of Justice, the European Union’s highest court, have also taken a tough line on how American technology companies gain access to, manage and use people’s digital information. The datr cookie can be viewed on browsers when they search for terms such as “facebook data policy”, but other websites will not notify the use of the cookie.
At specific issue in this court case: how Facebook deploys tracking cookies and social plug-ins on third party websites to track the Internet activity of users and non-Facebook users. The efforts are part of Europe’s strict data protection rules that have enshrined an individual’s privacy as a fundamental right on a par with freedom of expression. Once an official English translation of the ruling has been delivered to Facebook, which is expected to take up to two weeks, the social network will have only 48 hours to comply with the Belgian government’s demands.
But analysing the court case, independent United Kingdom data privacy expert Chris Boyd, malware intelligence analyst at Malwarebytes, said users are unlikely to agree with Facebook’s stance. The company has also argued that since it has its European headquarters in Ireland it should be regulated solely by the Irish Data Protection Commissioner.
The Belgian court announced that this datr cookie is in violation of Belgian privacy laws since the data that they’re accessing is personal data, which can only be accessed by an Internet company if the “Internet user expressly gives their consent”. In seeking to combat the suit, Facebook had argued the Belgian privacy commission had no jurisdiction over its European business, given it is headquartered in Ireland. The company had collected data on people’s online activities — both those of Facebook users and those of people who do not have Facebook accounts — through so-called digital cookies. On this point it’s worth noting the Brussels’ court ruling aligns with recent landmark rulings by Europe’s top court, the ECJ, also relating to jurisdiction and data protection — including the so-called right to be forgotten ruling involving Google Spain, and a more recent judgement where the ECJ ruled that the Hungarian data protection authority is able to impose data protection-related fines on a Slovakian website which was offering services in Hungary — because it judged the latter to have some establishment in the country.
It’s no surprise, then, that a Brussels court ordered Facebook to stop installing tracking files, called cookies, on computers of casual visitors to the site. Returning to the Belgian data protection case, Facebook has since sought to argue its tracking cookies are an important security measure for users of the site — albeit it has not provided any public comment on how it is proportionate for an online service to systematically track non-users even for, ostensibly, security purposes. But Facebook’s spokesperson confirmed in a statement: “We will appeal this decision and are working to minimise any disruption to people’s access to Facebook in Belgium”. In practice, that means we would have to treat any visit to our service from Belgium as an untrusted login and deploy a range of other verification methods for people to prove that they are the legitimate owners of their accounts. A Facebook user recently sued the company for violating his privacy by transferring personal information from its Irish processing center to U.S. servers, where data protections were weaker.
Again the court evidently disagreed with this depiction, determining that the info being gathered and processed by Facebook via this cookie is indeed personal data. Facebook provided the following statement to TechCrunch in response to the ruling: “We’ve used the datr security cookie for more than five years to keep Facebook secure for 1.5 billion people around the world. As part of its decision, the court also said that Europe’s national privacy authorities had the right to intervene if they believed their citizens’ data was at risk when companies moved information outside national borders. Conflicting privacy rules make global operations difficult for the likes of Facebook and Google – now called Alphabet – whose businesses rely on mining information.