Facebook's Privacy Woes Continue as French Authorities Issue Warning
Social media giant Facebook is under scrutiny in Europe yet again as the French data protection authority, known as the CNIL, has ordered the company to get its house in order. The regulator has given Facebook three months to comply with its orders to avoid charges, but warned that failure to do so would mean possible sanctions for the firm. Facebook has yet to comment publicly on the CNIL order, but confirmed that it has received it and is in the process of reviewing it. In a statement, the company claimed: "We are confident that we comply with European Data Protection law and look forward to engaging with the CNIL to respond to their concerns."
According to the CNIL's order to Facebook, those concerns are mainly over Facebook's collection of browsing history on users that do not have a Facebook account. In part, the order reads as follows: “the company does not inform Internet users that it sets a cookie on their terminal when they visit a Facebook public page (whether they are logged into Facebook or not). This cookie transmits to Facebook information relating to third-party websites offering Facebook plug-ins that are visited by Internet users.” The order also noted that Facebook collects users' data without their permission, including sexual orientation, religious and political views. The order also accuses the social network of continuing to use the now-illegal Safe Harbor data transfer mechanism, though it was outlawed by the European Court of Justice in October. Facebook has denied that it is still using Safe Harbor.
The fact that the CNIL has made its notice to Facebook public belies the perceived seriousness of the allegations, as well as the number of users affected by the practices in questions, noting that Facebook has 30 million users in France alone. A similar action was taken against the company last year, when the Belgian data protection authority ordered the company to stop tracking non-account holders. The company eventually relented, switching to requiring visitors to lo in to view any pages on Facebook. The company is also under investigation by DPAs in Germany, Spain and the Netherlands, who are working both individually and collectively to force Facebook to comply with European data protection rules.