Belgian Appeal Strikes Down Facebook Privacy Ruling

Facebook has won an appeal against a Belgian court ruling that could have exposed it to massive fines for alleged violations of users’ privacy.

Last November a court ruled in favour of Belgium’s Commission for the Protection of Privacy (CPP) over Facebook’s use of cookies to track the online activities of both users and non-users alike, including those who had never visited the social network.

Daily fines

Facebook stood to be fined 250,000 euros ($277,800) a day for non-compliance with the ruling, prompting it to block access to the Belgian site for all non-users.

The company said the code in question, known as the “datr” cookie, is used to protect the service’s security, and that blocking all non-users was the only way it could comply with the terms of the ruling without compromising users’ safety.

Facebook appealed on the grounds that the Belgian court doesn’t have jurisdiction over its data centres, which are based in Ireland, and the Brussels Court of Appeal this week ruled in the company’s favour.

“Belgian courts don’t have international jurisdiction over Facebook Ireland, where the data concerning Europe is processed,” the court said in its ruling.

‘Massive violations of privacy’

The court also threw out the Belgian commission’s argument that the case was urgent and required an expedited procedure.

The ruling leaves Facebook free to allow access to the Belgian site to non-users, and to continue tracking their activity with the cookie in question.

“We are pleased with the court’s decision and look forward to bringing all our services back online for people in Belgium,” the company stated.

The Belgian regulator said it will consider an appeal, but would focus on a separate case that examines the use of cookie-based tracking for both users and non-users.

“Today’s decision means simply that the Belgian citizen cannot obtain privacy protection through the courts when it comes to foreign players,” said CPP president Willem Debeuckelaere in a statement.. “Belgians are thus exposed to massive violations of privacy.”

The datr cookie is used not only in Facebook’s web pages, but also in the code for displaying “Like” buttons on a wide range of websites, meaning anyone who visits those sites, too, could be tracked.

Facebook’s storage and processing of users’ data has frequently caused concern in Europe, and last year prompted the Court of Justice of the European Union (CJEU) to invalidate the Safe Harbour data-sharing agreement that had authorised Facebook and other companies to transfer users’ data to the US.

That ruling came amid revelations of mass data collections of such data by US authorities for the purposes of surveillance.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

View Comments

  • In which language is the Belgian Facebook site and is it purely for Belgian users ? If targeting specific language speaking 'users' does not the web site 'owner' have to protect the data of those users under the data protection laws of the country for which the targeted users are associated ? Does the Data Protection Act cover the use of cookies ?

Recent Posts

Gloucester City Council Confirms ‘Cyber Incident’

Council IT services hit by so called 'sleeper' malware, with media reports pointing the finger…

17 hours ago

Gigabyte Broadband Pledge At Risk, Warns Spending Watchdog

UK pledge to close the digital divide of broadband services for urban and rural customers…

19 hours ago

UK To Address Marketing Of High Risk Crypto Investments

British financial watchdog says it will curb the marketing of cryptoassets and other high-risk investments,…

22 hours ago

Tesla Driver Charged With Manslaughter After Autopilot Crash

Criminal charges for the first time in fatal crash involving Tesla's Autopilot, as driver is…

23 hours ago