Online websites that embed a Facebook Like button are responsible for the data they send to Facebook and liable for the same penalties under EU data protection laws, the Court of Justice of the European Union (ECJ) said in an opinion published today.
The ruling comes in a years-old lawsuit that began in Germany in 2015, when Verbraucherzentrale NRW, a German consumer group, sought an injunction against Fashion ID, a German fashion retail shop. NRW claimed that by embedding the Facebook Like button on its website, Fashion ID was allowing Facebook to collect data on the site’s visitors without their direct approval… That opinion came today, and according to Europe’s highest court, any website that uses a Facebook Like button, or a similar social plugin, is responsible for the user data the button collects and sends to a third-party firm.
MacDailyNews Take: Good. We support anything that promotes privacy by forcing data collectors to ask users to opt-in – with clear wording about what’s about to happen if the user clicks “I agree.” If sites with Facebook like and share buttons cannot “make sure the data is being stored in accordance with privacy legislation” at Facebook (which of course they cannot), then sites will simply have to pull the buttons, diminishing Facebooks already outsized ability to trample on web users’ privacy. Like most sites, we have a collection of share buttons, Facebook among them, and we’ll pull them if need be in the name of privacy.
Privacy means people know what they’re signing up for, in plain English, and repeatedly. I’m an optimist; I believe people are smart, and some people want to share more data than other people do. Ask them. Ask them every time. Make them tell you to stop asking them if they get tired of your asking them. Let them know precisely what you’re going to do with their data. — Steve Jobs, June 2010