Facebook has won an appeal against a Belgian court ruling that could have exposed it to massive fines for alleged violations of users’ privacy.
Last November a court ruled in favour of Belgium’s Commission for the Protection of Privacy (CPP) over Facebook’s use of cookies to track the online activities of both users and non-users alike, including those who had never visited the social network.
Facebook stood to be fined 250,000 euros ($277,800) a day for non-compliance with the ruling, prompting it to block access to the Belgian site for all non-users.
The company said the code in question, known as the “datr” cookie, is used to protect the service’s security, and that blocking all non-users was the only way it could comply with the terms of the ruling without compromising users’ safety.
Facebook appealed on the grounds that the Belgian court doesn’t have jurisdiction over its data centres, which are based in Ireland, and the Brussels Court of Appeal this week ruled in the company’s favour.
“Belgian courts don’t have international jurisdiction over Facebook Ireland, where the data concerning Europe is processed,” the court said in its ruling.
The court also threw out the Belgian commission’s argument that the case was urgent and required an expedited procedure.
The ruling leaves Facebook free to allow access to the Belgian site to non-users, and to continue tracking their activity with the cookie in question.
“We are pleased with the court’s decision and look forward to bringing all our services back online for people in Belgium,” the company stated.
The Belgian regulator said it will consider an appeal, but would focus on a separate case that examines the use of cookie-based tracking for both users and non-users.
“Today’s decision means simply that the Belgian citizen cannot obtain privacy protection through the courts when it comes to foreign players,” said CPP president Willem Debeuckelaere in a statement.. “Belgians are thus exposed to massive violations of privacy.”
The datr cookie is used not only in Facebook’s web pages, but also in the code for displaying “Like” buttons on a wide range of websites, meaning anyone who visits those sites, too, could be tracked.
Facebook’s storage and processing of users’ data has frequently caused concern in Europe, and last year prompted the Court of Justice of the European Union (CJEU) to invalidate the Safe Harbour data-sharing agreement that had authorised Facebook and other companies to transfer users’ data to the US.
That ruling came amid revelations of mass data collections of such data by US authorities for the purposes of surveillance.
Are you a security pro? Try our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…
View Comments
In which language is the Belgian Facebook site and is it purely for Belgian users ? If targeting specific language speaking 'users' does not the web site 'owner' have to protect the data of those users under the data protection laws of the country for which the targeted users are associated ? Does the Data Protection Act cover the use of cookies ?