Facebook faces fines of €250,000 per day if it fails to stop tracking non-members who visit its site by Thursday.
The ruling was handed down by a Belgian court that said Facebook’s use of a tracking cookie, called datr, was illegal when used on those who have not signed up to the social networking service as they have not given their express consent to be tracked.
The case against Facebook was brought by the Belgian Privacy Commission in October, but Facebook chief security officer, Alex Stamos, claimed at the time the use of the cookie was in users’ best interests.
“If the court blocks us from using the datr cookie in Belgium, we would lose one of our best signals to demonstrate that someone is coming to our site legitimately,” he wrote last month.
“In practice, that means we would have to treat any visit to our service from Belgium as an untrusted login and deploy a range of other verification methods for people to prove that they are the legitimate owners of their accounts.
“It would also make Belgian devices more attractive to spammers and others who traffic in compromised accounts on underground forums.”
However, Belgian secretary of state for the protection of privacy Bart Tommelein welcomed the ruling, claiming it was a matter of common sense.
“Facebook can not follow people on the internet who are not members of Facebook, which is very logical because they can not have given permission to follow them,” an emailed statement read, according to Reuters.
Reuters also reported that Facebook has already said it will appeal.
“We’ve used the datr cookie for more than five years to keep Facebook secure for 1.5 billion people around the world,” said a Facebook spokesperson.
“We will appeal this decision and are working to minimise any disruption to people’s access to Facebook in Belgium.”
V3 contacted the UK’s data protection watchdog, the Information Commissioner’s Office (ICO), to see if the ruling would prompt it to evaluate Facebook’s use of the datr cookie, but had received no reply at the time of publication.
The incident is the latest legal clash for Facebook in Europe after it was caught at the centre of the safe harbour data transfer saga in October. The safe harbour framework was annulled last month, forcing technology giants such as Microsoft and Amazon Web Services to open data centres in Europe in which to host data on EU citizens.