France orders Facebook to revise its data privacy failings
Tue 9 Feb 2016
French data protection regulator CNIL, has today flagged Facebook with a formal notice to comply with European data privacy laws within the next three months, or face possible sanctions.
If the company is able to make the changes to its operations within this timeframe, Facebook will not face any punishment for its alleged data privacy failures.
According to reports, Facebook is now reviewing the CNIL’s demands, and has provided the following statement: “We are confident that we comply with European Data Protection law and look forward to engaging with the CNIL to respond to their concerns.”
The CNIL has argued that Facebook is violating multiple data protection laws, including the collection of non-member browsing activities. Yesterday’s CNIL statement read: ‘The company does not inform internet users that it sets a cookie on their terminal when they visit a Facebook public page (e.g. page of a public event or of a friend). This cookie transmits to Facebook information relating to third-party websites offering Facebook plug-ins (e.g. Like button) that are visited by internet users.’
The group also added that the social media platform is gathering data regarding the sexual orientation, religious and political preferences ‘without the explicit consent of account holders.’ It noted too that Facebook does not notify users at sign-up of their rights concerning their personal data.
The CNIL further accused the website of setting advertising cookies ‘without properly informing and obtaining the consent of internet users.’ Users are neither offered any tool or information about stopping the collection of their data for use in targeted advertising, thereby violating ‘their fundamental rights and interests, including their right to respect for private life.’
It also asserted that Facebook is continuing to use the U.S. data transfer system, Safe Harbor, four months after it was declared illegal by the European Court of Justice.
The CNIL wrote that it had made its formal notice publicly accessible, due to the seriousness of the failures, as well as the number of people who have expressed concerns over Facebook’s data operations.
