Spain Fines Facebook Over Tracking Users Without Consent (tomshardware.com) 41
Spain's Data Protection Authority has issued a 1.2 million euro fine against Facebook after it found three instances when the company collected data without informing users, as required by European Union privacy laws. Tom's Hardware reports: The AEPD found multiple issues with how Facebook gathered data on Spanish users. One of the issues was that Facebook collects data on ideology, sex, and religious beliefs, as well as personal tastes and web surfing habits without informing the users about how that data will be used. A second issue was that Facebook wasn't obtaining specific and informed consent from the users because the data it was offering them about the collection was not sufficiently clear. The company has been tracking both users and non-users of the service through the Like button across the web without informing them about this sort of tracking, nor about what it plans to do with the data. The company has said that the collection is done for advertising purposes before, but some purposes remain secret, according to the Spanish Data Protection Authority. The AEPD said this sort of collection doesn't comply with the EU's data protection regulations.
Finally, the AEPD also noticed that Facebook has not been completely purging the data about users who had already deleted their accounts and that Facebook was making use of accounts' data that have been deleted for more than 17 months. Considering the data that has remained behind is no longer useful for the purpose for which it was collected, the agency considered this another serious infringement of EU privacy laws.
Finally, the AEPD also noticed that Facebook has not been completely purging the data about users who had already deleted their accounts and that Facebook was making use of accounts' data that have been deleted for more than 17 months. Considering the data that has remained behind is no longer useful for the purpose for which it was collected, the agency considered this another serious infringement of EU privacy laws.
1.2 Million Euros? (Score:5, Insightful)
That's like fining an individual about $5 for thousands of violations.
Why didn't they just send them a sternly worded letter?
Re: (Score:1)
The fine can go up if they keep being out of line. I was not able to find a min/max or a per violation scale. It would be interesting to see if they could leverage this rule against Equifax.
Re: (Score:2)
Doesn't matter, they should have made the fine 1.2 billion euros.
Re: (Score:2)
Because Facebook would probably rather pay than fight a sum like that. And who said that we can't repeat that whenever we like it?
Re: 1.2 Million Euros? (Score:1)
Re:1.2 Million Euros? (Score:4, Funny)
Re: (Score:2)
Sure it matters how much, if you want a corporation to stop a behaviour it has to cost them more than it profits them; 1.2MM is unlikely to accomplish that.
Re: (Score:2)
When Facebook first came out, I read the TOS and it basically said "we can do whatever we want to do your data". So it a perverse way I have to agree with you: why does this fine exist at all?
Re:1.2 Million Euros? (Score:4)
Yeah, what the AC said, you can't negotiate away legal rights.
Just because I put "we have first right of refusal to any of your off-spring" in the EULA doesn't mean I can come and take your kids.
Re: (Score:2)
I should have said "can't necessarily", some you can like the right to sue in the US, apparently... but not things which are illegal.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
I prefer to look at how this changed Facebook's behaviour, and the behaviour of other companies. If they ignored the fine and carried on violating people's privacy, I'd regard it as a failure. If they stopped violating non-user's privacy, I'd say it worked. If it stops other companies doing the same thing, I'd be very happy.
Having said that, in this case it's likely to get escalated to the EU level anyway.
Re: (Score:1)
Because the LAW specifies the maximum fine to be â600k per class of offence (i.e. regardless of the number of violations -- this is not anglosaxon law) So, this would amount to 3 x â400k ---- the range being â300k-â600k for the most serious offences
Admittedly, the fine amounts haven't been modified (i.e. increased) since the law was passed ~15yr ago.... but no sane spanish company would get itself in a position where it could be fined to this leves by AEPD (potentially getting ousted fr
I guess you could say... (Score:5, Funny)
Facebook did not expect the Spanish Inquisition.
Re: (Score:3)
Nobody expects the Spanish Inquisition! Our chief weapon is fines...fines and lawsuits...lawsuits and fines.... our two weapons are lawsuits and fines...and ruthless bureaucracy.... Our three weapons are lawsuits, fines, and ruthless bureaucracy...and an almost fanatical devotion to the Euro.... Our four...no... amongst our weapons.... amongst our weaponry...are such elements as lawsuits, fines....
I'll come in again.
Déjà vu (Score:3)
Facebook becomes self-aware at 02:14 am Eastern Time after its activation on september 14, 2017 and launches user-tracking ads at Spanish users to incite a counterattack against the humans who, in a panic, tried to disconnect it.
Right after Microsoft took over LinkedIn.... (Score:2, Insightful)
...all the private messages that we "deleted" years before suddenly reappeared. We don't have STUPID written on our foreheads. Avoid these sites at all costs because they take and take while giving you nothing but a paper trail.
Here in the USA (Score:1)
We need laws and regulations like that here. Business cannot be trusted with this data.
The EU needs a new law (Score:3)
It's good that they're fining Facebook for tracking users without telling them, albeit with a slap on the wrist, but it would be nice if the laws also had fines for tracking non-users without telling them.
Re:The EU needs a new law (Score:4, Interesting)
You're an FB user just like you're an EquiFax customer. You just didn't know you were using FB because you never volunteered.
Re: The EU needs a new law (Score:3, Informative)
The EU Data Protection Regulation comes into effect in May 2018. A small fine from Spain sets a precedent. A previous conviction for the same crime when more significant fines are levied will be harder to fight in court. The conviction will also set a precedent for all 28 member countries.
I guess the EU is doing something to protect its own commerce and citizens from exploitation by non-EU companies and organizations. Sounds reasonable to me.
Some points, some not. (Score:1)
They have a point with tracking non-users with the Facebook API (like buttons, etc.)
But good luck suing them for that. EVERY advertiser does that. Every WEBSITE does that in general, without informing users. (unless the webmaster disabled it purposefully, usually on privacy-orientated sites)
As for the other half, not informing users of tracking while on the site: lol [facebook.com].
Google too? (Score:3, Informative)
the company has been tracking both users and non-users of the service through the Like button across the web without informing them about this sort of tracking,
Very similar, Google tracking shit ("google-analytics" and far more) is embedded all over the web now. It tracks people who have no Google accounts and do not use Google products or services.
Re: (Score:2)
If they don't track individual users, that's entirely different.
Don't forget (Score:2)
"One of the issues was that Facebook collects data on ideology, sex, and religious beliefs..." ...and Jew-hating as we learned.
Facebook should have been banned in Spain (Score:3, Interesting)
I'm Spaniard, and I live in Spain.
I've set-up my Google account to not track *anything* from me at all. Not keep a record of anything I search (Google Search), I see (Google YouTube) or hear (Google Music).
I use Chrome, I've configured:
- AdBlock Plus with many filters and kept up-to-date
- Don't track me Google!, installed
- Do not track
- Privacy Budget
I've a Facebook account which I think I've used only three or four times since creation about 6 years ago; and normally I do never login on it unless extrictly needed (last time was about 6 months ago) and I log-out right after.
I do have an Instagram account, now owned by Facebook, and keep it running always in background mode in my Android; where I do also have an ad-block installed (rooted).
Well, I looked for colagen pils for my mother in Google Search a month ago and what was my surprise that the same day on the evening the very same pils brand I bought appeared as an ad in Instagram (where I only look for calligraphy, medieval illumination and bookbinding).
Facebook? Banned for shiting in privacy.
Informed comment (Score:1)
While I understand it is unfashionable here to know what you're talking about before posting comments --- God forbid reading the fine article .....