Facebook researchers have found “a bug” that caused it to track people, even if they had never visited its website, the social media giant acknowledged this week.
The bug caused the company to place cookies — a common way to track people’s browsing habits on the Web — on “some” people’s browsers, even if they had never visited Facebook.com to sign up for an account, the social media website's European Public Policy Vice President Richard Allan wrote in a blog post on Wednesday.
The constant tracking was first noticed by a team tasked by Belgian privacy regulators with analyzing the company’s terms and policies.
“It is important to note that tracking of non-users initiates even if one does not visit the Facebook homepage,” the researchers wrote. “In principle, any page belonging to the facebook.com domain will result in the placement of a long-term, identifying cookie (e.g., an event page, a shop page, fan page …).”
The study also found problems with the way Facebook lets people opt out of tracking, keeping their information from being used for advertising and otherwise control their data. Many of those policies violated European privacy rules, it said.
Facebook pushed back on all of the claims, but acknowledged the collection of nonusers’ data.
“The report gets it wrong multiple times in asserting how Facebook uses information to provide our service to more than a billion people around the world,” Allan wrote.
The privacy watchdog has no ability to directly punish Facebook for any perceived violations of the law.
But the criticism comes amid broader European concern over how major U.S. Web companies, such as Facebook and Google, monitor Internet users in order to market ads back to them, which could lead to a prolonged battle between Silicon Valley and European capitals.