Slashdot Mirror
Spain Fines Facebook Over Tracking Users Without Consent (tomshardware.com)
Spain's Data Protection Authority has issued a 1.2 million euro fine against Facebook after it found three instances when the company collected data without informing users, as required by European Union privacy laws. Tom's Hardware reports: The AEPD found multiple issues with how Facebook gathered data on Spanish users. One of the issues was that Facebook collects data on ideology, sex, and religious beliefs, as well as personal tastes and web surfing habits without informing the users about how that data will be used. A second issue was that Facebook wasn't obtaining specific and informed consent from the users because the data it was offering them about the collection was not sufficiently clear. The company has been tracking both users and non-users of the service through the Like button across the web without informing them about this sort of tracking, nor about what it plans to do with the data. The company has said that the collection is done for advertising purposes before, but some purposes remain secret, according to the Spanish Data Protection Authority. The AEPD said this sort of collection doesn't comply with the EU's data protection regulations.
Finally, the AEPD also noticed that Facebook has not been completely purging the data about users who had already deleted their accounts and that Facebook was making use of accounts' data that have been deleted for more than 17 months. Considering the data that has remained behind is no longer useful for the purpose for which it was collected, the agency considered this another serious infringement of EU privacy laws.
Finally, the AEPD also noticed that Facebook has not been completely purging the data about users who had already deleted their accounts and that Facebook was making use of accounts' data that have been deleted for more than 17 months. Considering the data that has remained behind is no longer useful for the purpose for which it was collected, the agency considered this another serious infringement of EU privacy laws.
the company has been tracking both users and non-users of the service through the Like button across the web without informing them about this sort of tracking,
Very similar, Google tracking shit ("google-analytics" and far more) is embedded all over the web now. It tracks people who have no Google accounts and do not use Google products or services.
The EU Data Protection Regulation comes into effect in May 2018. A small fine from Spain sets a precedent. A previous conviction for the same crime when more significant fines are levied will be harder to fight in court. The conviction will also set a precedent for all 28 member countries.
I guess the EU is doing something to protect its own commerce and citizens from exploitation by non-EU companies and organizations. Sounds reasonable to me.