Facebook Hits Back At Belgian Privacy Report

A damning privacy report commissioned by the Belgian data protection agency seems to have touched a nerve with Facebook.

The social networking giant has officially responded to the report, saying it was “wrong multiple times.”

User Consent

The central conclusion of the report is that Facebook tracks the web browsing habits of everyone who visits its website, irrespective of whether they are Facebook users or not. It alleges that people are still tracked, even if they have explicitly opted out of tracking.

The report was from researchers at the Centre of Interdisciplinary Law and ICT (ICRI) and the Computer Security and Industrial Cryptography department (Cosic) at the University of Leuven, as well as the media, information and telecommunication department (Smit) at Vrije Universiteit Brussels.

The report concluded that Facebook is tracking web browsing habits without user consent, in order to help it better target its advertising.

It said the issue resolves around Facebook’s use of social plug-ins namely its “like” buttons, which are now found on millions of non-Facebook websites. Essentially, Facebook places tracking cookies on users’ computers if they visit any page on the facebook.com domain, including fan pages or other pages that do not require a Facebook account to visit.

And when a user visits a third-party website that has a Facebook like button there, it detects and sends information back to Facebook – even if the user does not interact with the Like button, login, or other extension of the social media site.

Facebook Response

And Facebook has now responded to the report officially with a blog posting from Richard Allan, VP of Policy, Europe.

“Over the past week, a team of privacy experts and engineers at Facebook analysed the claims presented in a recent report authored by a group of researchers in Belgium,” wrote Allan. “Our findings: The report gets it wrong multiple times in asserting how Facebook uses information to provide our service to more than a billion people around the world.”

He then responded on a point-by-point basis to the main problems Facebook has with the report.

He said that Facebook is transparent about the way it uses cookies, and he insisted that Facebook respects people’s opt-out decisions, for example opting out of social ads or location.

But Allan did admit there was a bug with some cookies being sent to non-Facebook users. And he insisted that Facebook does not wants to use Social Plugins to add cookies to the browsers of people who don’t use Facebook.

“We don’t, and this is not our practice,” said Allan. “However, the researchers did find a bug that may have sent cookies to some people when they weren’t on Facebook. This was not our intention – a fix for this is already under way.”

Privacy Expectations

Facebook is facing a number of privacy challenges in Europe at the moment. Matters were not helped in early 2010, when Facebook’s Mark Zuckerberg, said that people no longer had an expectation of privacy thanks to the increasing uptake of social networking.

The social network is also defending itself against a lawsuit this week from Austrian law graduate Max Schrems. That lawsuit alleges that the company undertakes “illegal” tracking of user data under EU law. This includes Facebook’s monitoring of users when they use the social network’s “like” buttons.

Facebook has already been in court in Ireland over its data-sharing policies, and now Europe’s highest court, the European Court of Justice (ECJ), is to decide on the current data sharing agreement between America and Europe.

Facebook has (albeit reluctantly) admitted in the past that it shares the data of EU citizens with the American NSA. It said it only complies with requests when forced to by American law.

Do you value your privacy? Try our privacy quiz!