Facebook plans to circumvent adblockers is illegal in EU

On August 9th 2016, Facebook issued a press release stating they intend to change the way they deal with adblocking on their web site.

Andrew Bosworth, VP of Ads & Business Platform for Facebook states:

“We’ve designed our ad formats, ad performance and controls to address the underlying reasons people have turned to ad blocking software. When we asked people about why they used ad blocking software, the primary reason we heard was to stop annoying, disruptive ads. As we offer people more powerful controls, we’ll also begin showing ads on Facebook desktop for people who currently use ad blocking software.”

(Emphasis added)

However, In February this year, we obtained a letter from the European Commission stating that such activites in Europe would be a breach of Regulation 2002/58/EC (known as the ePrivacy Directive).  The letter was in response to questions we asked the European Commission specifically with regards to the detection and circumvention of adblocking tools and whether or not such activities would be lawful under European laws and regulations.

In our letter we pointed out three issues with regards to the detection and circumvention of adblocking tools by web sites with the second point focused specifically on whether or not deliberate circumvention of an adblocker would be unlawful on the basis that it is a relevant piece of softw3are as per Recital 66 of the Citizens’ Rights Directive; and Commission’s response clearly states:

“Recital 66 indicates that the user’s consent to access and storage of information in their terminal equipment may be expressed by using the appropriate settings of a browser or other application, provided that this is technically possible and effecting, in accordance with the relevant provisions of Directive 95/46/EC” (sic). Thus, Recital 66 is not restrictive to browser settings.”

What this essentially means is that by using an adblocking tool (whether that be a browser plugin or other piece of software) citizens are enforcing their right to refuse the placing of advertising on their terminal equipment and therefore if a publisher chooses to circumvent that choice they would be in breach of the Regulation.

We have also discussed this with the majority of privacy regulators across Europe and there is overwhelming agreement with the opinion of the European Commission.  Dr Simon Rice from the Information Commissioner’s Office in the UK wrote to us in February earlier this year stating:

“Whilst this could still be influenced by the particular implementation of the technology, provided that the user has made an active choice to intentionally install, configure or enable ad-blocking technology then, yes, this could be interpreted by a third-party as a prior indication that they would not consent to the setting of cookies used in the delivery of online advertising.”

“…if someone has installed a relevant ad-blocking browser extension, then clearly the third party has no consent for their cookies via the browser-setting mechanism; indeed there is a clear indication that the person does not consent. Nonetheless, this does not preclude the third party from obtaining clear consent in another way – which could override the general ad-block preference as long as it was fully informed, freely given and specific.”

(It should be noted that the Regulation covers any information, not just cookies, so the advertisements themselves would be covered under exactly the same rules).

In other words, if Facebook wish to circumvent the expressed wishes of consumers who have installed and are using an adblocking technology – they must first obtain their consent to do so and that consent (according to the Information Commissioner’s Office in the UK) must be “fully informed, freely given and specific.”

It is hard to imagine a situation where a European citizen has installed an adblocker specifically to block advertising online to then consent to Facebook circumventing that tool – especially since if the citizen is happy to see advertising on Facebook, they could simply disable the adblocker for Facebook themselves.

If Facebook move ahead with their plans, it would put them in clear breach of European privacy laws, which is becoming a bit of a habit for Facebook who have over the past couple of years been responsible for the destruction of the Safe Harbour agreement (it was Facebook who were the subject of the Court of Justice of the European Union decision) as well as being the focus of multiple regulatory actions, most recently relating to their use of cookies.

It seems Facebook feel that our laws do not apply to them and they are free to ignore them at their leisure – perhaps it is time EU Regulators took a more serious approach to this attitude of non-compliance.

Source: Privacy News