11:05 AM
Core System Testing: How to Achieve Success
Oct 06, 2016
Property and Casualty Insurers have been investing in modernizing their core systems to provide fl ...Read More>>

Facebook Faces Trouble In France For Tracking Non-Users

The CNIL, France's data regulation authority, has issued a formal notice to Facebook, warning the social network that it needs to fairly collect data concerning the browsing activity of Internet users who do not have an account.

10 Quirky Tech Job Interview Questions That May Stump You
10 Quirky Tech Job Interview Questions That May Stump You
(Click image for larger view and slideshow.)

The famously frosty French may be Facebook addicts like most of the rest of us, but that doesn't mean it wants the social media giant to be gathering information from non-users.

The country's data regulation authority, Commission nationale de l'informatique et des libertés (CNIL), issued a demand to Facebook to comply within three months with the French Data Protection Act, which means it must stop some personal data transfers to the United States. The social network must also must cease collecting data from non-Facebook members.

The transfer of personal data to the United States on the basis of Safe Harbor was declared invalid by the Court of Justice of the European Union in October.

The CNIL performed on site and online inspections, as well as a documentary audit, in order to verify that Facebook was acting in compliance with the French Data Protection Act, and found several failures.

(Image: Anatolii Babii/iStockphoto)

(Image: Anatolii Babii/iStockphoto)

These include setting cookies that have an advertising purpose without properly informing and obtaining the consent of Internet users, as well as collecting -- without prior information -- data concerning the browsing activity of Internet users who do not have a Facebook account.

The CNIL also charged that Facebook compiles all the information it has on account holders to display targeted advertising. In turn, company provides no tools for account holders to prevent such compilation, which the authority said violates fundamental personal rights and interests, including the right to respect for private life.

"The social network collects data concerning the sexual orientation and the religious and political views without the explicit consent of account holders," a Feb. 8 statement from CNIL added. "In addition, Internet users are not informed on the sign up form with regard to their rights and the processing of their personal data."

The French explained the notice is not a sanction and the procedure would be publicly closed if Facebook complies with the French data protection Act within the time limit of three months.

However, if Facebook and its Ireland-based subsidiary, Facebook Ireland Limited, do not comply with the request, the chairperson of the French data authority could appoint a "rapporteur," who might refer the matter to the CNIL's Select Committee, which could result in a number of different sanctions against Facebook.

"Protecting the privacy of the people who use Facebook is at the heart of everything we do," a CNIL spokeswoman told Reuters. "We look forward to engaging with the CNIL to respond to their concerns."

[Read about Facebook's data center plans for Ireland.]

The CNIL also noted the investigations conducted by the Belgian, German, Spanish, and Dutch data protection authorities are ongoing at the national level and within an international administrative cooperation framework.

Back on our side of the pond, recent privacy efforts have been less robust. The US Federal Communications Commission (FCC) recently rejected a consumer group's request to force websites "like Google, Facebook, YouTube, Pandora, Netflix, and LinkedIn" to honor "Do not track" requests from users.

The petition, filed by California-based nonprofit Consumer Watchdog in June, asked that these kinds of websites should allow people to use their services without giving them derived data in return.

Rising stars wanted. Are you an IT professional under age 30 who's making a major contribution to the field? Do you know someone who fits that description? Submit your entry now for InformationWeek's Pearl Award. Full details and a submission form can be found here.

Nathan Eddy is a freelance writer for InformationWeek. He has written for Popular Mechanics, Sales & Marketing Management Magazine, FierceMarkets, and CRN, among others. In 2012 he made his first documentary film, The Absent Column. He currently lives in Berlin. View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Time to Reconsider Enterprise Email Strategy
Time to Reconsider Enterprise Email Strategy
Cost, time, and risk. It's the demand trifecta vying for the attention of both technology professionals and attorneys charged with balancing the expectations of their clients and business units with the hard reality of the current financial and regulatory climate. Sometimes, organizations assume high levels of risk as a result of their inability to meet the costs involved in data protection. In other instances, it's time that's of the essence, as with a data breach.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.