Facebook fined $231,918 by French data watchdog over privacy violations

French and Dutch data protection authorities ruled that Facebook violated national laws on how they handle user data.
French and Dutch data protection authorities ruled that Facebook violated national laws on how they handle user data. PHOTO: REUTERS

LUXEMBOURG (BLOOMBERG, REUTERS) - Facebook Inc was on Tuesday (May 16) slapped with France's maximum privacy fine of 150,000 euros (S$231,918) and warned of further penalties from other European regulators over how it targets advertising and tracks users.

French and Dutch data protection authorities ruled that Facebook violated national laws on how they handle user data. France's CNIL said Facebook isn't allowed to combine user data to display targeted advertising and engages in "illegal tracking" by using cookies to watch what users do on and off the site.

The Netherlands' authority said Facebook has now agreed to stop using people's sexual preferences to show targeted ads - and that it may face further sanctions if it doesn't address other privacy issues.

Spain, Belgium and the German city of Hamburg are also scrutinising the company, which now faces two Spanish probes and lawsuits in Germany and Belgium.

In a statement on Tuesday, Facebook did not say whether it would now take action as a result of the fine. "We take note of the CNIL's decision with which we respectfully disagree," Facebook said in a statement e-mailed to Reuters.

"At Facebook, putting people in control of their privacy is at the heart of everything we do. Over recent years, we've simplified our policies further to help people understand how we use information to make Facebook better," it said.

Facebook's troubles in Europe are building as it faces both EU and German anti-trust investigations, adding to privacy probes across the 28-nation bloc.

Facebook's move to merge data from the WhatsApp messaging service with its own alarmed regulators last year, triggering probes and a pledge from Facebook to stop processing UK data during an investigation there.

The European privacy watchdogs said Facebook argued that only Irish data-protection law applies because it is based there and only the Irish data protection authority could supervise how it handles data.

The other European agencies rejected that, ruling that their national law applies since Facebook has offices across the bloc.

While European watchdogs' fining powers remain minimal - in some cases even non-existent - new EU-wide rules will take effect in May 2018 that could boost sanctions by any of the bloc's national regulators to as much as 4 per cent of a company's annual sales.