Facebook’s tracking of non-users in breach of Belgian law

The Belgian Court of First Instance has ruled that it was a breach of Belgian privacy law for Facebook to track internet users who do not have accounts with them. The Court gave Facebook 48 hours to comply with the order or else pay a fine of €250,000 a day. The proceedings were initiated by the Belgian Privacy Commission in June.

Facebook tracks users using a special cookie, called the datr cookie, which lodges on their device when they visit a Facebook page even if they are not signed up to the network. The cookie stays on the device for up to two years and allows Facebook to consult it whenever the user pays further visits to Facebook pages. The Court ruled that this was personal data and could only be used with the user’s express permission.

Facebook claimed, however, that the cookie, which it has used for over five years, is safe, and plans to appeal the judgement.

The Belgian judgement is the second legal setback for Facebook in recent months. It follows a decision of the European Court of Justice (ECJ) in October which invalidated the EU-US Safe Harbour data sharing agreement. Under this agreement, US companies such as Facebook were permitted access to European data as long as they certified that the data would receive a guaranteed level of protection.

Click here for the Press Release of the Belgium’s Commission for the Protection of Privacy.

Click here for our Bulletin article on the Safe Harbour judgement.

Share

Resources

Sustaining Partners