Skip to main content

Facebook Faces Fines Of $268K Per Day For Tracking Non-Users In Belgium

Image
By

Facebook is facing fines of €250,000 per day unless it alters the operation of tracking cookies in Belgium after a data protection court ruling. Facebook has said it will be appealing.
The court action dates back to June when the country’s data protection watchdog filed a civil suit against Facebook, following a highly critical report of Facebook’s data protection practices which the Belgian DPA commissioned following updates to Facebook’s privacy policy at the start of this year.
At specific issue in this court case: how Facebook deploys tracking cookies and social plug-ins on third party websites to track the Internet activity of users and non-Facebook users. At the time of filing the suit, the Belgian DPA said Facebook had failed to answer questions about how it tracks non-users and what it does with the data it gleans — hence the watchdog’s decision to challenge the company in court. It also said it wanted to seek legal clarity on whether it had jurisdiction.
In seeking to combat the suit, Facebook had argued the Belgian privacy commission had no jurisdiction over its European business, given it is headquartered in Ireland. However the court slapped this down, ruling that Belgian data protection law does indeed apply and that Belgian courts have jurisdiction.
On this point it’s worth noting the Brussels’ court ruling aligns with recent landmark rulings by Europe’s top court, the ECJ, also relating to jurisdiction and data protection — including the so-called right to be forgotten ruling involving Google Spain, and a more recent judgement where the ECJ ruled that the Hungarian data protection authority is able to impose data protection-related fines on a Slovakian website which was offering services in Hungary — because it judged the latter to have some establishment in the country.
Returning to the Belgian data protection case, Facebook has since sought to argue its tracking cookies are an important security measure for users of the site — albeit it has not provided any public comment on how it is proportionate for an online service to systematically track non-users even for, ostensibly, security purposes.
Writing a blog post on the case last month, Facebook’s CSO Alex Stamo claimed: “We use the datr cookie to help differentiate legitimate visits to our website from illegitimate ones.”
“If the court blocks us from using the datr cookie in Belgium, we would lose one of our best signals to demonstrate that someone is coming to our site legitimately. In practice, that means we would have to treat any visit to our service from Belgium as an untrusted login and deploy a range of other verification methods for people to prove that they are the legitimate owners of their accounts. It would also make Belgian devices more attractive to spammers and others who traffic in compromised accounts on underground forums,” he added.
However again the court was again unimpressed by this line of argument. The Belgian DPA says the court found it “not credible” that systematic collection of a tracking cookie each time a social plug-in is loaded on a website should be necessary for the security of Facebook’s services — ergo it dubbed Facebook’s processing of personal data of people who do not have a Facebook account as “disproportionate”.
Facebook had also sought to argue that the data it collected via the datr tracking cookie was not personal data — but rather a means for it to identify a computer — with Stamo claiming “the datr cookie is only associated with browsers, not individual people” and saying: “It doesn’t contain any information that identifies or is tied to a particular person.”
“At a technical level, we use the datr cookie to collect statistical information on the behavior of a browser on sites with social plugins, such as the Like button, to help us distinguish patterns that look like an attacker from patterns that look like a real person,” he added.
Again the court evidently disagreed with this depiction, determining that the info being gathered and processed by Facebook via this cookie is indeed personal data. And — given the lack of consent for Facebook to gather and process the personal data of non-users — the court also judged this to be a “manifest” violation of Belgian data protection, according to the Belgian DPA.

Comments

Post a Comment

Popular posts from this blog

How ad-free subscriptions could solve Facebook

By
At the core of Facebook’s “well-being” problem is that its business is directly coupled with total time spent on its apps. The more hours you pass on the social network, the more ads you see and click, the more money it earns. That puts its plan to make using Facebook healthier at odds with its finances, restricting how far it’s willing to go to protect us from the harms of over use. The advertising-supported model comes with some big benefits, though. Facebook CEO Mark Zuckerberg has repeatedly said that “We will always keep Facebook a free service for everyone.” Ads lets Facebook remain free for those who don’t want to pay, and more importantly, for those around the world who couldn’t afford to. Ads pay for Facebook to keep the lights on, research and develop new technologies, and profit handsomely in a way that attracts top talent and further investment. More affluent users with more buying power in markets like the US, UK, and Canada command higher ad prices, effectively...
1 comment
Read more

Windows 7 and 8.1 Update to Windows 10 automatically

By
Windows 10 downloader While it might be a bit too early to start getting excited over the  Windows 10 update , which isn't expected to arrive until summer, Microsoft seems to already be warming up people's computers just the same. A recommended, and therefore purely optional, update for Windows 7 Service Pack 1 and Windows 8.1 has been discovered to be laying the groundwork for those machines' eventual upgrade to Windows 10. Although the  Windows 10 release date  was not announced officially, the details of this update also reveal how Microsoft might try to convince users to update to the latest Windows 10 version.  The  KB3035583  update "enables additional capabilities for Windows Update notifications when new updates are available to the user", which sounds pretty common. That is, until you dig into the update files and see a certain  GWXUXWorker.exe which, upon further inspection, would actually "Download Windows 10". So this rather ...
Post a Comment
Read more

Anyline Raises €1.5M To Let You Add Optical Character Recognition To Your App

By
Anyline , the Austrian startup that provides mobile OCR tech to enable developers to add text recognition to their own apps, has raised €1.5 million in funding. The list of investors is interesting, too. It includes angel investor Johann ‘Hansi’ Hansmann, busuu co-founder Bernhard Niesner, Lukas Püspök, and the U.S.-based VC-fund iSeed Ventures. However, most notable is that the round was led by Gernot Langes-Swarovski Group. As one investor put it to me, “the fact that the Swarovski family led the round shows that finally ‘old’ money is moving into Austrian startups”. Offering its own mobile Optical Character Recognition (OCR) technology — which uses a smartphone’s camera to accurately scan and recognise any kind of text, code or number — Anyline co-founder and CEO Lukas Kinigadner tells me the startup is built on the premise that “people screw up a lot”. “Mistakes happen easily when you’re writing down a 10-digit-number and then have to type it in again a few moments later...
Post a Comment
Read more

Three Reasons Why You Need Better Personal Cyber security

By
From the infamous Sony hack to the recent WannaCry virtual catastrophe that affected over 300,000 computers, the need for reliable personal cyber security has never been more apparent. Rubica's skilled team of experts want to remind every one of the importance of cyber security and the three reasons why it is becoming a more pressing issue every day. With top-notch personal cyber security, most attacks are preventable. 1. Larger Number Of Attacks Americans have heard of the most notable attacks on major corporations or government entities over the past several years. However, most people who are not in the information security field do not learn just how much the attack frequency is growing. The number of cyber attacks carried out worldwide in 2015 was quadruple a number of attacks recorded in 2013. Although the cost associated with the number of annual recorded attacks is in the $500 billion range right now, experts say that it will grow well into the trillions by ...
Post a Comment
Read more

Interview Questions

By
I am a word of five letters! People eat me! If u remove my 1 letter i will be a form of energy! If u remove my first 2 letters i will be needed 4 living. If u remove my first 3 letters i will be a preposition If u remove my first 4 letters i will be a drink 4 u. Answer if u r mastermind! Ans:_________
Post a Comment
Read more