Facebook May Track Users Who Leave Service, Data Agency Says

Facebook Inc. may be tracking users’ Internet activity even after they cancel their accounts with the social-networking site, a German privacy watchdog said.

An in-depth probe of the way cookies are installed after a user opens and then closes their Facebook account has made the Hamburg Data Protection agency “suspicious” the company is unlawfully tracking users, the watchdog said on its website today. While rejecting Facebook’s justifications for the use of cookies, the agency welcomed the company’s offer to explain the technical processes.

“Arguments that all users have to remain recognizable after they leave Facebook to guarantee the service’s security can’t stand up,” Johannes Caspar, the Hamburg data protection representative, said on his agency’s website. “The probe raises the suspicion that Facebook is creating user tracking profiles,” which would be unlawful if users aren’t alerted.

The German regulator’s action adds to probes of Facebook by the Irish data-protection agency and Norway’s privacy watchdog. A group of EU regulators has said they will look for possible privacy violations in Facebook’s facial-recognition feature.

The social network “does not track users across the Web,” and instead uses cookies to personalize content or for safety and security reasons, Palo Alto, California-based Facebook said in an e-mailed statement. The company said it deletes account- specific cookies when a user leaves Facebook and doesn’t receive personally identifiable data when logged-out users browse the Web.

Spammers, Phishers

Remaining cookies are used in “identifying spammers and phishers, detecting when somebody unauthorized is trying to access your account, helping you get back into your account if you get hacked,” and blocking underage users from re-registering with a different birth date, Facebook said.

The German privacy regulator said that, while Facebook gave detailed explanations of how it uses cookies -- small data files that track browsing habits -- the company’s arguments don’t justify its practices.

The willingness of the company to “enter into a discussion” on the technical processes was a positive step, the regulator said, and urged Facebook to contribute to a “transparent and public” clarification about the cookies and move toward a solution in line with the law.

Cookies are created for each new Facebook user and some are maintained when a user leaves the service. The cookies are stored for two years and can clearly identify users during that time, said the Hamburg regulator.

To contact the reporter on this story: Stephanie Bodoni in Luxembourg at sbodoni@bloomberg.net

To contact the editor responsible for this story: Anthony Aarons at aaarons@bloomberg.net

Press spacebar to pause and continue. Press esc to stop.

Bloomberg reserves the right to remove comments but is under no obligation to do so, or to explain individual moderation decisions.

Please enable JavaScript to view the comments powered by Disqus.