Facebook was given 3 months to stop tracking non-members’ online activity without their consent and stop some transfers of personal information to the United States. The order of the French data protection authority was celebrated as the first significant action taken against Facebook following an EU court ruling in 2015 striking down an agreement used by tech giants to avoid cumbersome European data transfer rules.
Following the concerns over mass US government snooping, the transatlantic Safe Harbour pact was ruled illegal in October 2015. As a result, the EU data protection authorities announced that the tech firms had 3 months to set up alternative legal arrangements for transferring data. Now those 3 months are over, which means that regulators can start taking legal action against firms still relying on the pact to approve data movement. The French CNIL did exactly that in relation to Facebook.
In the meantime, Facebook has previously claimed that it does not use Safe Harbour as a means of transferring data to the United States and has already arranged alternative legal structures to continue its transfers in line with the local law. The problem is that the US and the EU indeed agreed on a new pact to replace Safe Harbour, but it is not yet operational. As a result, the EU data protection authorities have said they require more time to decide if transatlantic data transfers should be restricted.
The most popular social network in the world was confident that it complied with EU data protection legislation, but the French regulator doesn’t agree, pointing out that Facebook tracks non-members by placing a cookie on their browser without informing them when they visit a Facebook page. In addition, CNIL said that the company uses cookies that harvest data later used for advertising without users’ consent. The regulator believes that Facebook users should be able to prevent it from profiling them in order to serve them personalized ads.
Back in 2015, Facebook was already forced to stop tracking non-users in Belgium after the Belgian watchdog took the case to court. The changes of the social network to its privacy policy prompted the authorities of many European countries to start investigations into Facebook’s practices.
Now, if Facebook fails to comply within 3 months, it could be fined.
Following the concerns over mass US government snooping, the transatlantic Safe Harbour pact was ruled illegal in October 2015. As a result, the EU data protection authorities announced that the tech firms had 3 months to set up alternative legal arrangements for transferring data. Now those 3 months are over, which means that regulators can start taking legal action against firms still relying on the pact to approve data movement. The French CNIL did exactly that in relation to Facebook.
In the meantime, Facebook has previously claimed that it does not use Safe Harbour as a means of transferring data to the United States and has already arranged alternative legal structures to continue its transfers in line with the local law. The problem is that the US and the EU indeed agreed on a new pact to replace Safe Harbour, but it is not yet operational. As a result, the EU data protection authorities have said they require more time to decide if transatlantic data transfers should be restricted.
The most popular social network in the world was confident that it complied with EU data protection legislation, but the French regulator doesn’t agree, pointing out that Facebook tracks non-members by placing a cookie on their browser without informing them when they visit a Facebook page. In addition, CNIL said that the company uses cookies that harvest data later used for advertising without users’ consent. The regulator believes that Facebook users should be able to prevent it from profiling them in order to serve them personalized ads.
Back in 2015, Facebook was already forced to stop tracking non-users in Belgium after the Belgian watchdog took the case to court. The changes of the social network to its privacy policy prompted the authorities of many European countries to start investigations into Facebook’s practices.
Now, if Facebook fails to comply within 3 months, it could be fined.