Facebook is being forced to shell out €150,000 to France's data protection regulator for failing to prevent its users' data being accessed by advertisers. France then demanded Facebook stop tracking users without consent and cease moving personal data to the US.
"We are disappointed with today's news and respectfully disagree with the CNIL's findings", said a Facebook spokesman, adding they were pleased, however, that the watchdog had taken into consideration information provided by the company during the investigation. Belgium, Germany, the Netherlands, and Spain also have ongoing investigations at various stages.
Five European privacy gendarmes created a contact group relating to Facebook when the social network changed its policy a few years ago.
Though the fine is a drop in the bucket for the company, which has a market cap of about $435 billion, the fine is the largest CNIL can levy, suggesting Facebook's violation is serious. It said the social network was able to track websites that users were visiting when they left Facebook, and that this was unclear to the users themselves. The watchdog also said the company did "not demonstrate the need" to retain user IP addresses "all along the life of their account". Due to disobedience, French Watch Dogs have fined Facebook.
From the end of May 2018, the General Data Protection Regulation (GDPR) will introduce a new set of privacy rules across the EU's 28 states, which will raise the fines to €20 million or four percent of the worldwide revenue.
Those concerns were echoed by the Dutch Data Protection Authority. Users may not fully understand that their data is systematically collected when they surf the internet.
Facebook has defeated a lawsuit accusing it of violating users' privacy by gleaning data from health sites in order to send people targeted ads. The new European Union data protection law, set to become enforceable in 2018, lets companies be fined up to 4 percent of their global turnover for violating the new regulation. French and Dutch officials said that Facebook broke European rules surrounding privacy and data protection.