Facebook Given 3 Months To Stop Tracking Non-Members in France

Written by Pronetic

Pronetic is a leading provider of core IT support for ISO 27001, Cyber Essentials and Cyber Essentials Plus compliance.

February 12, 2016

The Chair of the French data protection authority ‘Commission Nationale de l’Informatique et des Libertes’ (CNiL) has issued Facebook with a formal notice giving it 3 months to stop tracking non-members of the social network in France. The CNiL has also asked Facebook to stop the transfer of some personal data to the U.S. If Facebook does not comply with the CNiL’s requests it could face sanctions.

What’s The Problem?

The problem has arisen because the CNiL believes that Facebook is not currently complying with the French Data Protection Act (DPA) due to a number of alleged activities that the CNiL have outlined in a post on their website. The areas where the CNiL state that Facebook is not complying with the French DPA include:

  • Collecting, without prior information, data concerning the browsing activity of Internet users who do not have a Facebook account. N.B. Facebook currently tracks all visitors to the website by using cookies known as datr.
  • Collecting data concerning the sexual orientation and the religious and political views without the explicit consent of account holders.
  • The website setting cookies that have an advertising purpose without properly informing and obtaining the consent of Internet users.
  • Compiling information on account holders to display targeted advertising and not providing tools for account holders to prevent such compilation.
  • Transferring personal data to the U. S. on the basis of ‘Safe Harbor’, although the Court of Justice of the European Union declared invalid such transfers in its ruling of October 6, 2015.

The CNiL have stated on their website that the reason why the formal notice to Facebook has been made public is “due to the seriousness of the violations and the number of individuals concerned by the Facebook service (more than 30 million users in France).”

Last year Facebook made changes to the way the site is viewed in Belgium after a similar order from the Belgian Privacy Commissioner.

The new deal to replace ‘Safe Harbor’ called the “EU-US Privacy Shield” has not yet come into force and therefore it cannot be used to form the basis of an argument by companies wanting to legalize data transfers across the Atlantic. Facebook however is reported as saying that it is not using Safe Harbor.

In Reply So Far

In reply to the CNiL requests Facebook is reported to have said that it is looking forward to engaging with the CNiL to respond to the concerns raised.

You May Also Like…

0 Comments

Why Choose Pronetic

We Are ISO 27001 & Cyber Essentials Plus Certified

Be reassured that we have been externally audited. You can have complete peace of mind that the team managing your IT systems and safeguarding your data are independently vetted annually.

Seamless & Comprehensive IT Support

Our investment in people, tools and processes, continuously improved, ensures that we don’t just deliver exceptional I.T. support but include your compliance to Cyber Essentials or ISO 27001 “baked-in”. Yes, that means no more annual headaches and stress when your certification comes round.

Expert Support Money Back Guarantee

We're confident in the value we deliver. That's why we offer a 90-day, no-quibble money-back guarantee. If, for any reason, you're not completely satisfied with our IT support services, we'll provide a full refund and cancel your contract without any hassle.

Book Your Free IT Strategy Call Now!

Simply Fill In The Form Below To Receive Your Free IT Strategy Call:

By submitting this form, you consent to us using your personal information to contact you. For more information please see our privacy policy.