On Monday, Facebook said that it would appeal a Belgian court ruling ordering the company to stop using a particular cookie to track people within the country who are not Facebook users.
In July, Belgium’s data protection regulator, the Belgian Privacy Commission, took the United States-based social media giant to court, and accused the company of tracking “so-called non-users” without those individuals’ consent. While the non-users were not Facebook members, they visited various Facebook pages. The commission argued that this practice violated European Union privacy law.
The Belgian court brought the government’s argument and ruled that Facebook was obligated to obtain consent from those whom it collected and gathered the sought-after information.
At issue is the “datr” cookie. When people visit a Facebook.com site or click a Facebook “Like” button on other websites, Facebook installs the datr cookie on the visitors’ Internet browsers. The cookie is installed when an Internet user visits one of these pages, even if they are not Facebook members.
In general, cookies are files that track whether users have visited a certain website before and then notify the site itself. Cookies can track many user activities, such as how long they stayed on a website, what they clicked and what preferences were selected.
In response to the court’s ruling, a Facebook spokesperson stated that, “We’ve used the ‘datr’ cookie for more than five years to keep Facebook secure for 1.5 billion people around the world. We will appeal this decision and are working to minimize any disruption to people’s access to Facebook in Belgium.”
The court said in a statement that, “The judge ruled that this is personal data, which Facebook can only use if the internet user expressly gives their consent, as Belgian privacy law dictates.”
Facebook disagrees with the court’s ruling and says the datr cookie only identifies browsers, not people and helps the company to tell the difference between legitimate visitors and cyber attackers.
The Belgian newspaper, L’Echo, said the court gave Facebook 48 hours to comply or pay a daily fine of $268,975 to the Belgian Privacy Commission.