Facebook fined by France over data privacy violations

The French data protection watchdog has fined the social networking site Facebook 150,000 euros (£129,000) for data privacy violations.

Facebook is also being investigated by Belgium, the Netherlands, Germany and Spain for data privacy violations around the tracking of users and non-users and the use of user data for advertising, reports the Guardian.

The French watchdog CNIL hit Facebook with the maximum fine possible at the point at which it started its investigation in 2014. As of October last year, CNIL can now issue fines of up to 3 million Euros.

In a statement, CNIL said: "In particular it has been observed that Facebook proceeded to a massive compilation of personal data of internet users in order to display targeted advertising. It has also been noticed that Facebook collected data on browsing activity of internet users on third-party websites, via the "datr" cookie, without their knowledge."

The fine follows a deadline given to Facebook by the French watchdog last year to stop tracking non-users' web activity without their consent, and an order to stop some transfers of personal data to the US.

Facebook said on its part: "We take note of the CNIL's decision with which we respectfully disagree. At Facebook, putting people in control of their privacy is at the heart of everything we do. Over recent years, we've simplified our policies further to help people understand how we use information to make Facebook better."

Facebook has argued that the Irish data protection authority, not the CNIL or any other EU data regulator, was the competent authority to formulate such orders, as the social media company's European headquarters are located in Dublin.

The French action is just one of the actions that will be taken by the contact group. The Belgian Privacy Commission is renewing its recommendations over Facebook's tracking of users and non-users through cookies, social plug-ins and pixels, for which it is seeking judicial enforcement in October.

Likewise, the Netherlands found that Facebook violated Dutch data protection law for the 9.6 million social network users in the country, over the insufficient information given to users on how Facebook uses their data.

The French fine is the first significant action taken against a company transferring Europeans' data to the US following an EU court ruling last year that struck down an agreement that thousands of companies, including Facebook, had relied on to avoid cumbersome EU data transfer rules.