Are Your Website's Social Plugins Privacy Compliant?

Social plugins such as Facebook's Like button and Twitter's Tweet button are very popular as they allow sites to extend their reach and increase their audience. However, they are also used to track users' online behaviour through cookies, which raises important privacy concerns.

The Belgian Privacy Commission recently issued a recommendation on Facebook plugins, analysing Facebook's tracking of both users and non-users of the popular site, and concluded that Facebook's use of plugins to collect data does not comply with Belgian privacy legislation.

The Privacy Commission is of the opinion that Facebook must obtain (free, specific and informed) consent from both users and non-users before placing or receiving a cookie through its plugins. However, Facebook's current settings do not allow users to give such consent.

The obligation to obtain free, express and informed consent for the processing of personal data collected through social plugins is also applicable to the owners of websites containing such plugins.

In order to obtain appropriate consent, the Privacy Commission recommends that website owners use tools such as Social Share Privacy.

Even though the recommendation is not binding, it provides clear guidance on how to ensure compliance with privacy law when using social plugins. Disregarding it may thus be imprudent.