Back in May we wrote about Facebook’s alleged breach of European privacy law because of the way in which they monitor users without consent, according to the Privacy Protection Commission in Belgium. This month, the Privacy Protection Commission (CPP) has taken Facebook to court over the issue.
The privacy watchdog presented their case against the tech giant in Brussels yesterday. According to the CPP, Facebook has been spying on users for advertising purposes, and not only when users are active on the social networking site but also when users are logged out. The president of the CPP, Willem Debeuckelaere, said that it was “make or break time” for Facebook since they had failed to engage in negotiations openly.
The CPP, which works closely with privacy watchdogs in Germany, France, Spain, and the Netherlands and has the support of the Belgian prosecution service, said that Facebook had not responded adequately to concerns raised last month about their monitoring of online activity, which according to the CPP breached several European privacy laws. The Commission has argued that Facebook are spying on users and non-users without their permission by monitoring data stored in cookies and through the operation of discreet plugins.
According to a recent report by the CPP, Facebook has been monitoring the browsing behavior of anyone viewing pages owned by Facebook.com, including fan and profile pages and regardless of whether or not browsers are registered members. Last month, the CPP asked Facebook to discontinue tracking online activity where they had not sought consent.
Debeuckelaere made it clear that the CPP were forced to take legal action because “we can not continue to negotiate through other means”. He said that “We want a judge to impose our recommendations. These recommendations are chiefly aimed at protecting internet users who are not Facebook members”.
What Facebook Say
A spokesperson from Facebook said that the CPP had taken “theatrical action” and that it was “surprised and disappointed” with the privacy watchdog’s response. According to the multi-billion dollar social networking service, legal action had come just days before they were due to discuss the allegations with the CPP.
Facebook also said that “Although we are confident that there is no merit to the [CPP]’s case, we remain happy to work with them in an effort to resolve their concerns, through a dialogue with us at Facebook Ireland and with our regulator, the Irish Data Protection Commissioner.”
Other Legal Disputes in Europe
This latest court case has come at a time when Facebook are expanding their operations with plans unveiled for a €200m data centre in Clonee in County Meath, Ireland. Many large corporations choose to locate their European headquarters in Dublin since the Irish government subsidise corporations entering the country and because corporation tax is much lower there than in any other European country, despite a huge deficit of tax revenues in Ireland. Aside from the tax incentives for corporations in Ireland, it’s also coming to light that data retention and surveillance legislation in the country is much more opaque than it is in the rest of Europe.
In March, the European Commission warned EU citizens that they should close their Facebook accounts if they wanted to avoid being spied on by US intelligence agencies. What’s more, the commission found that the current Safe Harbor legislation does not protect citizen’s data when using Facebook. The legislation, which allows the transmission of internet data from the EU to the US, came under scrutiny when Austrian law student and Facebook user Maximilian Schrems took Ireland’s Data Protection Commission to court when he discovered that Facebook were violating his privacy rights by retaining user information with the intention of selling data for commercial purposes, not only within Europe but also in the US. The court case has been dubbed Europe v. Facebook.
Schrems said, “It would be necessary to demonstrate that this interception and surveillance of individuals or groups of individuals was objectively justified in the interests of the suppression of crime and national security and, further, that any such interception was attended by the appropriate and verifiable safeguards.”
Following the court hearing, the European Court of Justice has postponed their decision, which was due originally on 24 June. Civil liberties groups, and other supporters of Schrems, have suggested that the delay in judgement is due to ongoing discussions between the EU and the US regarding the Safe Harbor legislation. If this is the case, it’s clear that a favorable judgement for Schrems will set a precedent for Facebook’s conduct in Europe.
Schrems’ decision to take legal action against Facebook was prompted by Edward Snowden’s NSA revelations, specifically the information he revealed about U.S. national security authorities accessing the personal data of EU citizens and transferring it to the U.S. via the Safe Harbor Framework.
If the CPP allegations turn out to be true, Facebook could see similar lawsuits against them in other European countries. In May, Facebook narrowly escaped fines from a Dutch privacy watchdog who are investigating Facebook’s claim to the right to use member information and images for commercial purposes. Dutch regulators said that Facebook were cooperating at this stage of the investigation, and that’s why the threat of fines totalling $845,000 had been lifted. They may escape so easily if they continue to flaunt privacy rights in Europe.
In case you’ve missed it, we highly recommend checking out our instructional guide on how to opt out of Facebook’s offline tracking for ads.