Facebook’s reputation in Europe has taken another big knock this week as a Belgian court ruled that their policy of using cookies and social plug-ins to track non-users online activities was illegal. The ruling could cost the company US$125 million (€100 million) if it doesn’t change the strategy.
The court ruled that Facebook must stop tracking Belgian users web habits in this way and destroy any data it holds on Belgian citizens which was collected in this way. If Facebook fails to comply, they will be fined at a rate of €250,000 a day up to the maximum figure given.
A long drawn-out legal challenge
The case was originally brought back in 2015 by Belgian privacy watchdog, the Belgian Data Protection Authority (DPA). They had carried out an investigation into Facebook which resulting in a highly critical report about the way they handled Belgian data.
Being dissatisfied with Facebook’s response to this report, they chose to take Facebook to civil court over the issue of how it deploys tracking cookies and social plug-ins on third-party websites to track the internet activity of users and non-users.
As is always the case when they are faced with court challenges in Europe, Facebook initially tried to argue that the Belgian DPA had no jurisdiction over this issue as Facebook is headquartered in Ireland. Belgian courts rejected this defence and this latest ruling is the second time that Facebook has lost the case.
Inevitably, Facebook has continued to appeal against the rulings and have indicated they will do again in this case. The likelihood is that the issue will eventually make it before the European Courts of Justice.
In a statement issued after the latest ruling was handed down, Facebook showed no indication that they were willing to back down or prioritise the online privacy of users and non-users over their profit margins.
Richard Allan, Facebook’s Vice-President of Public Policy for the EMEA region said, “The cookies and pixels we use are industry standard technologies and enable hundreds of thousands of businesses to grow their businesses and reach customers across the EU.”
“We require any business that uses our technologies to provide clear notice to end-users, and we give people the right to opt-out of having data collected on sites and apps off Facebook being used for ads”, he continued.
However, that doesn’t reflect the findings of the Belgian legal system and Facebook’s intransigence will be disheartening for many internet users in Belgium and across the EU. Indeed, quite how Allan can claim that end-users are given notice of Facebook’s tracking when many of the pixels they are using are invisible is hard to understand.
As the Belgian DPA explained in court, “Even if you have never entered the Facebook domain, Facebook is still able to follow your browsing behaviour without you knowing it, let alone, without you wanting it, thanks to these invisible pixels that Facebook has placed on more than 10,000 other sites.”
Belgium is not the only country where Facebook is facing serious legal pressure over their policy of tracking the online habits of users and non-users alike. A similar case is currently going through the Austrian courts brought by privacy campaigner and lawyer Max Schrems.
Facebook has also tried to wriggle its way out of facing this challenge head-on too, trying to argue that because Schrems is a campaigner he cannot bring a case based on his rights as an individual consumer. The Austrian courts have already thrown out this argument.
It would be easy for some users to think that their repeated efforts to use technicalities to get out of such privacy challenges suggests that Facebook knows it is trying to defend the indefensible. But they have such deep pockets, they are clearly prepared to drag these cases out as long as they can before facing the inevitable.
How to stop Facebook tracking your online activity
However, the inevitable might hit them sooner than they hope, with the EU’s new General Data Protection Regulation (GDPR) coming into effect in May and giving the EU the power to fine tech companies up to 4% of their global turnover if they do not comply.
Facebook claims to be working with the Irish Data Protection Commissioner on how to comply with this new law and they have announced a new global privacy settings hub will be launched soon which could be part of this.
But for internet users that doesn’t solve the privacy threat that Facebook is causing to them right now. Whether you are a Facebook user or not, the likelihood is that Facebook is recording your online activity and selling it to advertisers even as you read this article.
At present, the best means of protection is to use a VPN. Not the Facebook-recommended VPN, you will find in the Facebook settings menu. This is a piece of spyware which makes it even easier for them to keep track of your online activity.
Rather, by using a reputable VPN provider like IPVanish or ExpressVPN, you can be sure that all of your online data is encrypted and your IP Address hidden from prying eyes. Whether you are looking to protect yourself from Facebook, hackers, or Government surveillance, a VPN is the best tool around right now.