German Officials Outlaw Facebook 'Like' Button

from the are-you-kidding-me? dept

Fri, Aug 19th 2011 10:50am — Mike Masnick

We've talked a few times in the past about ridiculous German laws that seriously restrict online offerings, but the latest may be the most ridiculous of all. Apparently a German "data protection" official has ruled that Facebook's "like" button violates privacy laws in the country.

Thilo Weichert, who works for the data protection centre of the northern German state of Schleswig-Holstein, said the social network�s application allowing internet users to express their appreciation of something online, illegally cobbled together a profile of their web habits.

�Facebook can trace every click on a website, how long I�m on it, what I�m interested in,� he said. According to Weichert, all the information was sent to the US company even if someone was not a Facebook member.

Saying this contravened both German and EU privacy laws, Weichert demanded websites in Schleswig-Holstein remove the �like� button from their offerings by the end of September or face a fine of up to €50,000.

Facebook, of course, is claiming that this is ridiculous and it has implemented the "like" button in accordance with Europe's data protection laws. Looking at the details, it seems clear that these officials in Germany seem to think that pretty much all of the internet violates data protection laws. Any ISP can already do exactly what Weichert accuses Facebook of doing, but (like Facebook) they have rules that protect how that data is used in accordance with the law. Just because such information could be abused, it doesn't mean that it is.

But the bigger point is that this is a choice for sites and users and it is not an issue that needs government involvement. Many people like using the "like" button, which is why it's so popular. If it wasn't useful to them, it wouldn't be showing up on sites. Banning it to protect the users who want to use it makes no sense at all.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: germany, like button, privacy
Companies: facebook

48 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 19 Aug 2011 @ 10:58am

After the fact that they will be shutting down their power plans in the future, I really don't expect much from Germany in the terms of sanity. Shame that, I even learned German because I liked the industrious and ingenious nation.
[ link to this | view in chronology ]
- Anonymous Coward, 19 Aug 2011 @ 11:14am
  
  Re:
  
  After the fact that they will be shutting down their power plans in the future, I really don't expect much from Germany in the terms of sanity. Shame that,
  I even learned German because I liked the industrious and ingenious nation.
  
  I think you are unfair to Germany. The nation's constitutional court had the common sense to nullify the EC data retention law.
  
  The problem of tracking the end user is likely going to be much worse in the US after ISPs begin logging IP addresses for months.
  
  if I had to choose between mandatory data retention over Germany's admittedly silly and overreaching privacy laws, I know what I wouldn't like.
  [ link to this | view in chronology ]
  - Ninja (profile), 19 Aug 2011 @ 11:17am
    
    Re: Re:
    Well, at least they are doing it right in protecting privacy.
    
    (??????????????????)
    [ link to this | view in chronology ]
  - xenomancer (profile), 19 Aug 2011 @ 11:27am
    
    Re: Re:
    "I know what I wouldn't like."
    
    Well, you no longer have the choice to like something in Germany anyway...
    [ link to this | view in chronology ]
btrussell (profile), 19 Aug 2011 @ 11:01am

"Just because such information could be abused, it doesn't mean that it is."

Nope, just that it will be.
[ link to this | view in chronology ]
- ppiiiiiiiiiiiiiiiing, 12 Jan 2013 @ 2:17pm
  
  Re: pinnnnnnnnnnnnnng dissi oi
  pinnnnnnnnnnnggggggggggggggggggggggg
  [ link to this | view in chronology ]
Anonymous Coward, 19 Aug 2011 @ 11:01am

Not so fast
The problem is that European data protection is a dead letter insofar as US corporations are concerned.

Facebook might promise to comply with German law, but any personally sensitive information held by a US corporation may notwithstanding be subject to a national security letter.

Of course, that issue is not isolated to Facebook's Like button.
[ link to this | view in chronology ]
- Ninja (profile), 19 Aug 2011 @ 11:15am
  
  Re: Not so fast
  Facebook itself isn't directly affected. It's other sites that can't use the 'external' like button feature because Facebook records ppl habits with that. Oh wait, ppl throw their personal data willingly towards Facebook... derp
  [ link to this | view in chronology ]
  - Anonymous Coward, 19 Aug 2011 @ 11:24am
    
    Re: Re: Not so fast
    
    Oh wait, ppl throw their personal data willingly towards Facebook... derp
    
    Correction: People throw their personal data willingly towards Facebook and any US agency capable of spelling national security letter. As a noncitizen residing outside the territorial United States, you have no privacy rights at all.
    
    Any foreign website transferring info to any US corporation should at least inform its users that any promised compliance with EC data protection laws is inapplicable to info held by a US corporation.
    [ link to this | view in chronology ]
    - Chronno S. Trigger (profile), 19 Aug 2011 @ 1:11pm
      
      Re: Re: Re: Not so fast
      But isn't that a risk on any website? You go to Google, you're taking the same risk. You go to a China based site, you take the same risk. You go to a German site, you take the same risk.
      
      Basically, what Thilo Weichert is saying is that any website is a privacy risk and should be illegal.
      [ link to this | view in chronology ]
      - Anonymous Coward, 19 Aug 2011 @ 11:06pm
        
        Re: Re: Re: Re: Not so fast
        "Basically, what Thilo Weichert is saying is that any website is a privacy risk and should be illegal."
        
        So, you're saying that's now gotten to the point that ALL websites are using web bugs? Sad, if true.
        [ link to this | view in chronology ]
xenomancer (profile), 19 Aug 2011 @ 11:01am

I "liked" this.
[ link to this | view in chronology ]
Beta (profile), 19 Aug 2011 @ 11:05am

technology as magic
�Facebook can trace every click on a website, how long I�m on it, what I�m interested in,� he said. According to Weichert, all the information was sent to the US company even if someone was not a Facebook member.

If this quote is accurate, either Herr Weichert has a very poor grasp of how the internet works, or I do.
[ link to this | view in chronology ]
- PRMan, 19 Aug 2011 @ 11:38am
  
  Re: technology as magic
  With clever enough Javascript, I could replay every move you made on my website whether you clicked any buttons or not.
  [ link to this | view in chronology ]
- sheenyglass (profile), 19 Aug 2011 @ 11:48am
  
  Re: technology as magic
  "If this quote is accurate, either Herr Weichert has a very poor grasp of how the internet works, or I do."
  
  Ummm...hate to be the bearer of bad news, but:
  
  http://news.cnet.com/8301-13578_3-20006532-38.html
  [ link to this | view in chronology ]
- Scote, 19 Aug 2011 @ 12:04pm
  
  Like button is a script--no clicking needed.
  The like button is a script that every website that has one enables. A script can do exactly what herr Weichert says. It can phone home and tell Facebook exactly how long you visit every page with a like button--and it can associate **you** with an IP or cookies used with a facebook account. So, sorry, it is you who are unfamiliar with the web.
  [ link to this | view in chronology ]
  - Beta (profile), 19 Aug 2011 @ 1:25pm
    
    Re: Like button is a script--no clicking needed.
    A script can do that if I press the button. Or, heck, I can write a script that will do it. In the context above it looked to me as if he were saying that someone else could take a simple action that would tell Facebook about all of his actions, which sounded impossible. Maybe it's obvious to those who are familiar with Facebook (I am not) that that's not what he meant.
    [ link to this | view in chronology ]
    - Anonymous Coward, 20 Aug 2011 @ 8:38am
      
      Re: Re: Like button is a script--no clicking needed.
      A script can do that if I press the button.
      
      Scripts that run when a page is loaded don't require you to "press the button".
      
      Or, heck, I can write a script that will do it.
      
      You would probably need to learn how scripts work first.
      [ link to this | view in chronology ]
Blaine (profile), 19 Aug 2011 @ 11:07am

No Click Required
I'm guessing that they are actually talking about the information gathered when loading the FB objects that are located on FB's servers. There is quite a lot of information you can collect whether the button is clicked or not. See web bugs http://en.wikipedia.org/wiki/Web_bug look at the "On web pages" section.

On the other hand this behavior is one of the reasons I use 'ad blocking' and no-script plugins. Part for the annoying ads but also to stop 3rd party tracking.

It's not that FB is tracking every click but they can piece together the sites you visit that have a like button. No click required.
[ link to this | view in chronology ]
- Anonymous Coward, 19 Aug 2011 @ 11:27am
  
  Re: No Click Required
  "On the other hand this behavior is one of the reasons I use 'ad blocking' and no-script plugins. Part for the annoying ads but also to stop 3rd party tracking."
  
  You should add ghostery to your armoury, by the way. It's yet another layer of protection against tracking. And it just sits there in the corner, not bothering anyone while doing it's thing ;)
  [ link to this | view in chronology ]
Ninja (profile), 19 Aug 2011 @ 11:12am

Holy sweet Jesus... I'm speechless. Next: German officials outlaw optic nerves since they send data to 3rd party brains about ppl unrelated.

Srsly, Germany? That much fail?
[ link to this | view in chronology ]
Some Guy, 19 Aug 2011 @ 11:13am

Maybe the problem is that nobody likes Germany?
[ link to this | view in chronology ]
The Devil's Coachman (profile), 19 Aug 2011 @ 11:17am

But....but.....it's for........
The children! Yeah! That's the ticket! The children! How could anyone be against that?
[ link to this | view in chronology ]
McCrea (profile), 19 Aug 2011 @ 11:23am

Criminal Dislike
Mmm, I was hoping to see a ruling such that it's illegal to have a "like" button while omitting a "dislike" button, as any following statistics will be criminally skewed.
[ link to this | view in chronology ]
- Anonymous Coward, 19 Aug 2011 @ 12:59pm
  
  Re: Criminal Dislike
  On the other hand, it will probably be illegal to have dislike buttons soon since being disliked makes people depressed, and we can't let our children be depressed. It's like how everyone in a tournamanet gets a participation trophy.
  [ link to this | view in chronology ]
Anonymous Coward, 19 Aug 2011 @ 11:28am

Although I am in complete agreement with this article, and the point Mike was trying to get across, I must point out one remark:
"Just because such information could be abused, it doesn't mean that it is."
You're right. But I don't think this is a valid argument, and neither do you when it comes to other points (how many times have I read a paraphrase of 'it's not about whether or not the law will be abused, but the fact that it could be abused'?)
[ link to this | view in chronology ]
- Jeffrey Nonken (profile), 19 Aug 2011 @ 11:39am
  
  Re:
  As loathe as I am to agree, it was the first thing I thought of when I read that sentence. Mike has expressed the other side of this many times when it comes to laws, and it's just as true here as it is there. If it can be abused, somebody will abuse it.
  
  The fact that it's voluntary on the part of the users? That's a perfectly good point. Laws are imposed upon us, often against our wishes and sometimes to our detriment. This is a feature of a social site that the users can simply ignore if they wish.
  [ link to this | view in chronology ]
  - sheenyglass (profile), 19 Aug 2011 @ 11:50am
    
    Re: Re:
    Its not voluntary if you don't know about it and agree to it. Most facebook users don't know about it (but have probably unwittingly "agreed" to it via the TOS). Non facebook users have most certainly not agreed to it.
    [ link to this | view in chronology ]
  - Anonymous Coward, 19 Aug 2011 @ 11:01pm
    
    Re: Re:
    The fact that it's voluntary on the part of the users?
    
    Except it isn't. Why are you trying to claim something untrue?
    [ link to this | view in chronology ]
Designerfx (profile), 19 Aug 2011 @ 11:31am

the issue lies with facebook
the like button isn't the direct cause, it's more that the facebook "like" button loading allows even non-logged in users to be tracked across sites.
[ link to this | view in chronology ]
Jeffrey Nonken (profile), 19 Aug 2011 @ 11:33am

Oh, fer cryin' out loud...
...Just give Schleswig-Holstein back to Denmark and have done.
[ link to this | view in chronology ]
fb39ca4 (profile), 19 Aug 2011 @ 11:35am

Quick, everyone "like" the like button!
[ link to this | view in chronology ]
Drizzt, 19 Aug 2011 @ 11:38am

So much misinformation...
Even though I'm not in full support of Mr. Weichert's latest move, the way it is reiterated here is at least misleading.
1. The main problem is, that data is sent outside the EU where no real privacy laws are in effect.
2. Data of people who aren't using Facebook is collected too. And that data gets stored for up to two years. Which means whenever I visit a website without NoScript I almost certainly get tracked by one service or another.
3. The announcement of Mr. Weichert only affects Schleswig-Holstein, i.e. only website operators from that state are affected.

The correct solution would be, that Mr. Weichert goes after FB and other services offering tracking and not some random person running a website with some button on it. (Though I personally consider it unfriendly to hand my behavioural data on a silver platter to third parties without my prior consent (unless I get active and use a combination of NoScript and Adblock Plus).)

Still, this article could use some tuning down. Though the way it's written in might be intentional to get more clicks...
[ link to this | view in chronology ]
Bri (profile), 19 Aug 2011 @ 11:39am

oh those germans
From now on I say if the Germans have any complaints about facebook or google that they should just block all IPs from Germany. That's right, completely block access for Germany to ALL of facebook and ALL google products, including search. Problem solved...
[ link to this | view in chronology ]
TriZz (profile), 19 Aug 2011 @ 12:03pm

+1
[ link to this | view in chronology ]
Anonymous Coward, 19 Aug 2011 @ 12:06pm

Would you mind...
if I peeped into your windows or listened in on your phone calls so long as I had some self-imposed rules as to what I would do with the information? I mean, hey, I've got rules, so what's the problem?
[ link to this | view in chronology ]
out_of_the_blue, 19 Aug 2011 @ 12:09pm

Anything that hampers Facebook is to the good.
Facebook is solely an advertising agency. Masses of dolts using it means the leverage will eventually force everyone else into complete exposure on-line. It already has insane influence on hiring and other matters -- such as the LA TImes requires a Facebook account to make comments online, removing a slight value from those of us who despise Facebook, and that trend needs to be stopped.
[ link to this | view in chronology ]
- xenomancer (profile), 19 Aug 2011 @ 12:34pm
  
  Anything that hampers Facebook is FTW.
  FTFY
  [ link to this | view in chronology ]
Anonymous Coward, 19 Aug 2011 @ 12:36pm

The issue is that the like button is basically not only a "like" button, but also serves are the secondary purpose of tracking your surfing habits. Even if you don't click a like, Facebook knows where you have been, identifiable to your individual account (as long as you are logged in).

That is clearly a violation of privacy, because you don't get a simple way to opt out, no warning that you are being tracked, etc.
[ link to this | view in chronology ]
ScytheNoire, 19 Aug 2011 @ 2:29pm

What about all the other sites that have "like" options like StumbleUpon, Tumblr, Google+1, Reddit, Digg, etc. This is just a horrible ruling even though I do hate Facebook for their privacy policy.
[ link to this | view in chronology ]
Anonymous Coward, 19 Aug 2011 @ 2:30pm

Yes let's give them information the could use in hopes that they find the goodness in their hearts not to use it. It's great to be spied on with your express disagreement. God bless the USA and its mockery of privacy.
[ link to this | view in chronology ]
Semi, 20 Aug 2011 @ 3:03am

It's Techdirt, who should do their homework
Ifind most of the articles here quite factual and preciae, but here techdirt should have done more research:

1. Yes, the like button tracks everyone, without even being clicked.
2. Yes, any site can track what a user does on the site, but cannot track what the user does on other sites. Facebook however can and does track you across million sites, without your knowledge or agreement. Hell, you do not even have to be a facebook user

so, do you really want any company to track u across millions of sites, without your agreement and even knowledge? I sure use facebook, but I am not sure, I would like any comoany to know, that e.g I am homosexual, spend 2 hours to watch porn and blog on the anonym alkoholics forum 3 times a week :).

Sorry for the spelling, th e mobile issoooo small
[ link to this | view in chronology ]
Q�r Tharkasd�ttir, 20 Aug 2011 @ 3:12am

For once...
... I do agree with the comments that criticise Mike Masnick's view of things. Use Firefox with NoScript, making sure Facebook is "forbidden", AdBlock+, and a few cookie-cleaning add-ons for good measure. If you do need to go on Facebook (which I don't, why should I support a CIA-sponsored endeavour?) or other sites with similar interest in your whereabouts, use a different browser.
[ link to this | view in chronology ]
- Anonymous Coward, 20 Aug 2011 @ 8:45am
  
  Re: For once...
  I do agree with the comments that criticise Mike Masnick's view of things.
  
  Me too! I agree with anything that criticizes the Masnick!
  [ link to this | view in chronology ]
Andreas, 20 Aug 2011 @ 5:26am

german officials... not so much. although this person has some position, he is in power of nothing but talking to the media. and that's what he does, trolling around like it's 1699. i don't get why so many people keep falling for these nonsense press releases. don't feed the trolls.
[ link to this | view in chronology ]
Anonymous Coward, 23 Aug 2011 @ 8:53pm

I thought most people have rights to free speech, privacy, etc. And it's the government's job to protect those rights (rather then take them away as most governments seem to do these days.)

Facebook is well known for compiling huge databases with information on millions of people. Not only to be sold to corporations for advertising but also to be given/sold to the US government. They steal contact numbers from your iphone if you unknowingly let them as well as try to implement facial recognition on the pictures.

I think the government stepping in and banning parts of this is what they are supposed to do.

Also I remember reading an article about the German government not allowing the naked body scanners in their airports. The same ones used in the USA. Stating it's because they are 1. not safe and 2. not effective.

This is one of the few articles on here I would have to disagree with. It's not the users' choice to unknowingly let these corporations gather info on you and sell it to whoever they want. They have a right to privacy and it's the government's job to ensure that.
[ link to this | view in chronology ]
Holger, 4 Sep 2011 @ 7:23pm

Author does not get the point
The "Like" button tracks users even they are not clicking the button and links them to their Facebook profile if they are signed in at Facebook at the time they visit the page that hosts the script with the "Like" button.
Since the user who visits a page cannot see if that page uses the button until he actually visits the site, his movements inside the net will be tracked without his consent. That's not OK because users must be able to have a choice. That choice is taken away, hence the button violates EU Law.

Also possible would be to inform Facebook users at login that their movement inside the internet will be captured for as long as they are logged in.

It is false that Facebook and ISP's would be regulated by the same set of laws. The regulations for ISP's go much further than those for website owners.

As to what Facebook's intend is, the facts are already out.
German Tech website heise.de actually came up with a two step "I like" button. Basically you still have the button on your site, but it is not sending any data to Facebook until you click a second time to activate the tracking.

Now one would think that everyone is happy, but here is what Facebook had to say. They complained about the button and asked the site to remove it because it would not be in line with the platform policy.

Yes, right - Facebook is so famous for not using personal data in order to make their advertisers happy.

If Facebook does not intend to use the data they should be happy with the button and so will be German authorities.
[ link to this | view in chronology ]
Anonymous Coward, 27 Jan 2013 @ 6:36am

it should absolutely be outlawed word wide with heavy prison penalties! It is beyond an invasion of privacy it maliciously attacks users of many web sites throughout the world.
[ link to this | view in chronology ]