A new study has claimed that Facebook even tracks people who haven’t signed up for its service by creating a cookie for every person that visits the Facebook site or sites that have Facebook plug-ins like the ‘Like’ button.
A study commissioned by the Belgian data protection agencies revealed that any user visiting a web page on Facebook, even if they are not a member, is tracked by the social network for advertising purposes.
The report was compiled by the Centre of Interdisciplinary Law and ICT (ICRI) and the Computer Security and Industrial Cryptography Department (COSIC) at the University of Leuven and the media, information and telecommunications department (SMIT).
At the heart of the issue is Facebook’s use of social plugins such as the Like button that sits on more than 13m websites worldwide.
When a user visits a third party site that carries one of these plug-ins it detects and sends the tracking cookies back to Facebook, the report claims.
Prior consent required under EU law before cookies can be issued
EU privacy law states that prior consent is required before issuing a cookie.
So if the report’s claims are true then Facebook could be in breach of EU privacy law.
Under EU law sites need to notify users that they are to be tracked by cookies and the users must give their consent.
The report comes amid proceedings at the European Court of Justice as part of a case taken by Austrian privacy activist Max Schrems over the use of the so-called ‘Safe Harbor’ to manage EU citizen data.
‘Safe Harbor’ is the process for US companies to comply with the EU Directive for the Protection of Personal Data.
The case will be pivotal because it will define the course of how companies like Facebook, Google, Apple and others that have major operations in Ireland and across Europe manage customer data.
Cookie monster image via Shutterstock