Businesses liable for data when using Facebook ‘Like’ button

Europe’s top court has ruled that any business that embeds the Facebook ‘Like’ button on their website allows users’ personal data to be transferred to the U.S. social network and can therefore be held liable for collecting the data.

Plug-ins are a common feature of most commercial websites as online retailers seek to promote their products and services on social networks. But critics are deeply concerned that the data transfer involved may breach privacy laws.

According to news agency Reuters, the ruling from the Luxembourg-based Court of Justice of the European Union (ECJ) came after a German consumer body sued German online fashion retailer Fashion ID for breaching personal data protection rules via its use of the button on its site.

A German court subsequently sought guidance. ECJ judges said websites and Facebook share joint responsibility.

Under EU data privacy rules, a data controller determines why personal data must be collected and processed, as well as how, while a data processor only processes personal data on behalf of the controller and is usually a third-party company.

Judges said:

The operator of a website that features a Facebook ‘Like’ button can be a controller jointly with Facebook in respect of the collection and transmission to Facebook of the personal data of visitors to its website,

The German retailer benefited from a commercial advantage as the ‘Like’ button made its products more visible on Facebook, the court said, though it noted the company is not liable for how Facebook subsequently processes the data.

Facebook said the ruling sheds clarity on the issue. Jack Gilbert, Facebook’s associate general counsel, said in a statement:

We are carefully reviewing the court’s decision and will work closely with our partners to ensure they can continue to benefit from our social plugins and other business tools in full compliance with the law,

The ruling is in line with strict data privacy laws adopted by the 28-country bloc last year, said Nils Rauer, a partner at law firm Pinsent Masons.

Rauer added:

The court was right in assessing whether Fashion ID had an interest in collaborating with Facebook by way of embedding the ‘Like’ Button,” Rauer said, adding plugins will continue to be popular notwithstanding the judgement. …Personally, I do not think that companies will turn away from embedding ‘Like’ buttons due to the judgement. Presumably, they will pay more attention to the embedding process, by way of obtaining dedicated data privacy advice,

Sources: The Express Tribune, Reuters

If you liked this post, check out our Premium Privacy Insights for informative articles on wide-ranging global data privacy issues.

Contact the author
Peter Borner
Executive Chairman and Chief Trust Officer

As Co-founder, Executive Chairman and Chief Trust Officer of The Data Privacy Group, Peter Borner leverages over 30 years of expertise to drive revenue for organisations by prioritising trust. Peter shapes tailored strategies to help businesses reap the rewards of increased customer loyalty, improved reputation, and, ultimately, higher revenue. His approach provides clients with ongoing peace of mind, solidifying their foundation in the realm of digital trust.

Specialises in: Privacy & Data Governance

Peter Borner
Executive Chairman and Chief Trust Officer

As Co-founder, Executive Chairman and Chief Trust Officer of The Data Privacy Group, Peter Borner leverages over 30 years of expertise to drive revenue for organisations by prioritising trust. Peter shapes tailored strategies to help businesses reap the rewards of increased customer loyalty, improved reputation, and, ultimately, higher revenue. His approach provides clients with ongoing peace of mind, solidifying their foundation in the realm of digital trust.

Specialises in: Privacy & Data Governance

Contact Our Team Today
Your confidential, no obligation discussion awaits.