A German data protection authority contends Facebook is tracking users even after they delete their accounts.
Caspar said if users do not give their consent, Facebook should delete information it has stored, in accordance with European privacy regulations.
The agency concluded that Facebook does not need to leave persistent cookies on a person’s computer, some of which remain for up to two years even if they delete their accounts, Caspar said. “Our investigation gave no reason for the setting of cookies,” he said.
But cookies can easily be deleted in Web browsers. Firefox has a setting, for example, to delete cookies once the Web browser is closed, effectively foiling efforts to collect consistent information from a computer.
Other measures can also be used to foil data collection, such as the use VPNs (Virtual Private Networks), which can make a computer appear to have an IP (Internet protocol) address in, say, China, when the computer is actually in the U.K.
Hamburg’s DPA has another outstanding issue with Facebook. It is still awaiting a response from the company about its facial-recognition feature that automatically identifies a person’s friends and suggests their name. The agency believe that users should have to give their consent before Facebook’s systems store and study their faces to enable the feature. The company has until Monday to respond to that complaint.
If the discussions break down, the Hamburg DPA will pursue legal options, Caspar said. The agency has the power to levy fines.