A Facebook “like” is actually more like “in a [Joint Controller] relationship” status, says the Court of Justice of the EU in a long awaited decision in the Fashion ID matter.

At issue: The legal framework surrounding embedding a Facebook “Like” button on your website.

When a user visits a website on which a Facebook “Like” button is installed, their personal data is transmitted to Facebook Ireland.

This includes:

  • the IP address of the visitor’s computer
  • technical data of the browser (so that the server can determine the format in which the content is delivered to this address)
  • information about the desired content.

The operator of the website is not able to determine the data that the browser transmits or what Facebook does with this data, especially if it decides to store and use it.

The transfer of information happens:

  • whether or not the individual is a member of the social network Facebook
  • whether or not the person has clicked on the “Like” button
  • in many cases, without the individual being aware that the information is being collected or transmitted to Facebook

Key takeaways:

A website operator and Facebook can be joint controllers for the data collected via the website on which the button is installed

The operator of a website that features a Facebook “Like” button can be a controller jointly with Facebook in respect to the collection and transmission to Facebook of the personal data of visitors to its website. However, the responsibility is limited to the operation or the set of personal data processing operations for which it actually determines the purposes and means, namely the collection and communication, by transmission, of the data in question.

Continue Reading EU Court of Justice Issues Long-Awaited Decision on Facebook Likes in Fashion ID Matter

Data-rich companies like Facebook have a unique opportunity to capitalize on the recent surge in regulatory scrutiny and turn it to their advantage.

Savvy tech companies are attuned to public
Continue Reading By Pivoting, Major Tech Companies Could Benefit From Increased Data Regulation