At the moment if you read any blog or news website (not this one, of course) it will likely be laden with social media buttons, so that you can share the wonderful content that you just absorbed to your favourite social media platform.
What may not be clear to every user — and what is certainly the case when it comes to Facebook — is that visiting a website with a Facebook like button embedded is nearly as good as visiting Facebook itself. Facebook knows you’ve been there, and Facebook now knows what you’re reading — even if you never touched a social icon. Just like me yesterday when I read a Tech Crunch article about this very story:
Seen at the footer of every Tech Crunch article and every other article everywhere…
What the EU Court of Justice ruled is that if a website has such buttons embedded, they too are responsible for the data that gets shared with Facebook. They also ruled (confusingly) that the website is not necessarily the controller of that data. So it’s like this:
The illegal bit happens in point 2: at no point were you asked if it was okay for the news site to alert Facebook of your presence.
And that is why this ruling is so important. Never mind that it’s taken this long for the courts to catch on; they have made it clear that having a like or share button casually embedded on your site could be a legal problem for millions of website owners out there. That’s massive — those buttons are everywhere and very easy to use.
Note that there are two very important things that have not been scrutinised enough yet in this news story:
This is exactly why the internet needs a clean up — what Facebook and sites that use these buttons must do here is either demonstrate that these embeds are lawful under legitimate interests, or actually allow users the chance to give their consent to their data being processed in this way.