Facebook in Belgian Watchdog Sight Over Privacy Data Issues

Facebook /4/be joining Google in battling out against the European Union soon. A Belgian watchdog group warns that belligerence will not stop recommendations for meeting EU privacy laws.

Look out, Google. You’re not the only American company being observed by European watchdogs.

The Wall Street Journal reports that Belgium’s Commission for the Protection of Privacy (CBPL) called for a better adjustment to European Union and Zone regulations.  Reasoning that Facebook had been “particularly sparing with precise answers,” the commission’s first recommendation focuses heavily on “tracking trough social plug-ins.”

While Google’s faced off against the EU repeatedly, Belgium’s Privacy Commission 28-page report against Facebook shows how targeting ads and mining data clashes with the Internet privacy laws. The same privacy laws forcing Google to erase people’s identities if requested—not just their private data, but all available information. Data and cookie tracking are opt-in, not opt-out.

WSJ notes the Netherlands, France, Spain and Germany have taken a keen interest in the problem since the social media giant hasn’t really explained why the data is being collected.

Willem Debeuckelaere, the commission’s president, finds Facebook to be “contemptuous of the private lives of its members and of all Internet users” which demands swift, regulatory action.  Part of the problem comes from the fact the site is used by “almost half of all Belgians.”

By representing so many Belgians, the commission believes executives and stakeholders must “start working in a privacy-friendly way.” And one of the major disputes involves tracking cookies, according to CIO Today.

#Facebook in Belgium. Q1 data: Daily Active People & Monthly Active People https://t.co/b9pQk9RHA5 Via @bartvandevel pic.twitter.com/rnmlwSJ5iu— Kenneth Tallir(@Kenneth_Tallir) /4/16, 2015

In Europe, companies must post an advert of acknowledgment, so consumers /4/either move forward while allowing a cookie to be placed on a computer or to exit the site entirely. Transparency is vital in protecting personal data and Facebook, like Google, chooses to not follow the EU requirements.

According to the commission, one of the better ideas is to implement “specific consent for cookies and other meta files of which they /4/not control re-use.”
One of the biggest questions tied to mining involves the “like” and “share” buttons, which /4/be used to promote other links or products to a consumer. As the controller, it is up Facebook to perform due diligence and maintenance.

Calling the service usage “intrusive,” the report notes “social network interactions and sensitive data” like medical information or personal preferences would then be available for advertisers. Because the site requires a real or facsimile name and not a pseudonym, “users’ surfing behavior” ties directly to an easily discovered, real identity.

Facebook pushed back, saying answers must only satisfy Irish regulators, where the company’s European headquarters are located. Pointing out that the regulations “were unclear” in ways to apply the recommendations, the American company conceded a response if the regulators agreed.

“But we will of course review the recommendations when we receive them with our European regulator, the Irish Data Protection Commissioner.”

One of the recommendations included a second link before opting in to the tracking through liking or sharing a post, especially for those who are not on the platform.

In April, the Belgian commission discovered that Facebook had been monitoring nonusers. The company called the error a bug and quickly fixed it, but users still pursued a class action lawsuit attempt at the non-compliant behavior.

Use privacy software if you want to be safe from Facebook, warns watchdog http://t.co/za1jILDs3f— Ars Technica (@arstechnica) /4/17, 2015

Additionally, an article on Venture Beat mentioned that cookies are about to expire as social media and the internet becomes tied to mobile platforms and phones, not just computers. So why would a company continue to use a failing model?

Facebook uses their Single Sign-On model, which is similar to Open ID, except it also tracks your movements and advertisement choices. SSOs are popular for many large companies, like Google, so logging in with the same account across platforms allows all information to flow freely.

European commissions do not agree in the idea of freely putting your information out there simply to foster easier log-ins.

In counter to Facebook only needing to follow Irish protocol, the Belgians said an office based in Belgium means the company must follow national and international guidelines. And not just the U.S. based legalities, where most legal statements are created and implemented.

While the watchdog group holds no power in forcing change, the Belgian prosecutor’s office will be given an opportunity to move forward with a case if the dossier is convincing. However, the CPBL reminds uneasy users that privacy mode is one protective measure built into most major browsers.

And in the meantime, European officials hope that a concrete set of data-privacy rules will be completed by the end of the year. By setting standards, multinational and international businesses will have a difficult time finding legal loopholes.

Stephen Deadman works as a Facebook privacy executive and finds the entanglements to be an annoyance for the larger companies. “But for smaller businesses and startups, it represents a major barrier to even getting off the ground: a huge setback for Europe’s digital ambitions.”

Facebook ‘scoffs at’ European privacy rules, claims regulator http://t.co/zNJexfpMrL via @IrishTimesBiz pic.twitter.com/ODS3KcuRKv— The Irish Times (@IrishTimes) /4/15, 2015

Belgian officials do not agree, finding the lack of cooperation and refusal “to agree to requests to postpone the application” to be belligerent. “Facebook continues to refuse to recognize the application of Belgian law as well as the Belgian Privacy Commission.” As Europe enforces actions against non-compliance, even the big businesses /4/face repercussions.

When CIO Today reached out to Facebook, a spokesperson reiterated that the company would looking to the recommendations but saw little need as they followed the “European data protection” already.

“As we expressed to the CBPL in person when we met, there is nothing more important to us than the privacy of our users and we work hard to make sure people have control over what they share and with whom.”

A second recommendation is expected later this year. However, even Facebook admits “Facebook Belgium SPRL is impacted by the privacy issues of the social network. This obviously refers to the number of users of the social network of the entire Facebook Group.” So what can be done?

If Facebook does not reach a compromising agreement, the California-based business /4/find itself in the cross-hairs like Google. The European Union’s standards on privacy and data gathering are not going to decrease and creating a barrier will not help either company find a beneficial resolution.

Sources: CBPL, CIO Today, WSJ