5 European Countries Challenging Facebook Over Privacy Rights
Across Europe, Facebook is facing legal challenges to its data collection practices and it’s not likely to go away anytime soon. Regulatory agencies in five countries are teaming up to share resources and contacts so they can ensure Facebook is in compliance with local privacy policy. Meanwhile, Europe’s new data protection rules, set to go into effect in 2018, will apply stricter standards to all EU data, even when it’s transferred to the US and other countries.
Privacy protection is a high priority for us at Reputation Defender since sensitive personal information leaked publically can cause serious reputation issues. Our online privacy services include ongoing surveillance and in-depth privacy reporting, as well as suppression of unwanted data. We’d recommend this for anyone interested in keeping their personal information safe.
Stricter legal standards will help to limit the amount of information large companies, such as Facebook, can collect and store, and it will reduce the chances that this data could end up in the wrong hands. Read on to learn about how European agencies are working to make this a reality.
Working to Make a Difference
· France — Watchdog group CNIL has fined Facebook €150,000 (£129,000) following non-compliance with a deadline to stop illegal tracking of non-users and data transfer to the US. In a statement, CNIL also cited Facebook for ‘massive compilation of personal data’ and the use of cookies to track browsing activity on third party sites ‘without (user) knowledge’. The fine represents the highest amount CNIL could demand as of 2014 when it began investigating Facebook, but this has since been increased to €3 million, so expect to see even higher fines in the future.
· Belgium — The Belgian Privacy Commission has an ongoing case against Facebook regarding its tracking of both users and non-users. The court has found the use of ‘cookies’ to track non-users illegal under the Belgian Privacy Act. If the latest recommendations are not followed, the Privacy Commission will seek enforcement in October.
· The Netherlands — Facebook has been found in violation of the Dutch Data Protection Authority (DPA) for collecting sensitive personal information on 9.6 million users in the Netherlands without their consent. Facebook has reportedly made changes to its practices in the Netherlands and the Dutch DPA is currently investigating whether violations have ceased.
· Germany — the German data protection agency took issue with Facebook’s 2016 announcement that it would share data on Facebook’s 1 million users with WhatsApp. According to Johannes Casper, Hamburg’s Data Protection and Freedom of Information Commissioner, Facebook didn’t obtain “an effective approval” and there was no legal basis for the sharing unless it was specifically requested by the user. As of August 2016, Facebook had promised to work with the Hamburg DPA to resolve any concerns.
· Spain — Two infringement procedures against Facebook have been filed in Spain and the Spanish data protection agency has also highlighted data sharing between Facebook and WhatsApp as an issue.
So far, Facebook’s main defence is that, since the company’s European headquarters are located in Ireland, all privacy concerns should be handled under Irish law. This tactic has already failed in the Belgian court where the judge ruled that Facebook conducts sufficient operation in Belgium to be covered by national privacy regulation. The new EU policy, which applies strict standards to EU citizens’ data regardless of where it is stored or processed, is likely to make Facebook’s reasoning even more obsolete.
