French regulator CNIL has penalized the US social network for failing to protect its users' data, with the fine being relatively modest, but marking a new phase in the spat between Facebook and the EU.
French data protection watchdog CNIL said Tuesday, it had imposed a fine of 150,000 euros ($166,000) on Facebook and its subsidiary in Ireland, following investigations in Belgium, the Netherlands, Spain, and Germany into some of Facebook's practices.
The coordinated investigations, carried out over the past two years, has found Facebook guilty of breaching privacy rules such as using data relating to sexual preferences "to show targeted advertisements."
Other failings would include "unfair tracking" of people as they browse the internet, without "valid consent or offering users sufficient warning." Moreover, preventing users from blocking the storage of cookies on their phones and computers, and storing, without good reason, all the IP addresses from which users have ever accessed their account.
In a statement on Tuesday, Facebook did not say whether it would now take action as a result of the fine.
"We take note of the CNIL's decision with which we respectfully disagree," Facebook said in a statement emailed to the news agency Reuters.
"At Facebook, putting people in control of their privacy is at the heart of everything we do. Over recent years, we've simplified our policies further to help people understand how we use information to make Facebook better," the statement added.
The European investigations had been launched before the introduction of new EU data protection laws in October 2016, which threaten companies with fines of up to 4 percent of global turnover for data privacy breaches.
Therefore, Facebook - which enjoyed revenues of $28 billion in 2016 - escaped a possible fine of more than $1 billion for now.
The French order was also the first significant action taken against privacy violations in the field of social media following an EU court ruling last year that struck down an agreement that thousands of companies, including Facebook, had relied on to avoid cumbersome EU data transfer rules.
In 2016, the European Court of Justice (ECJ) ruled illegal the so-called transatlantic Safe Harbor pact amid concerns over mass US government snooping.
uhe/kd (Reuters, dpa, AFP)