France – The French data protection authority announced Monday that Facebook (NASDAQ: FB) has been requested to stop transferring data from French users to the United States.

Also, the company must change its data collection methods for some users and non-users, who get their browsing activity analyzed to determine their sexual orientation and political views even without been notified, in order to follow French and European rules.

Late Monday, the Commission Nationale de l’Informatique et des Libertés (CNIL) issued an order saying that transfers of personal data between the European Union and the United States are not permitted, since the information could be unprotected from spying agencies.

Image: TechCrunch/Shutterstock
Image: TechCrunch/Shutterstock

The institution has also highlighted Facebook’s data collection methods. It was reported that Belgian, German, Spanish and Dutch data protection authorities have been conducting investigations, and determined that the social network with the most users worldwide, plants cookies even on non-registered users who visit the site.

As a result, browsing data of Internet users who do not own a Facebook account is also collected by the social network, when someone visits a Facebook public page of a friend or an event. The Commission Nationale de l’Informatique et des Libertés (CNIL) mentioned in a press release on Monday that Facebook has also other failures that go against decisions of the Court of Justice of the European Union and French laws.

“The social network collects data concerning the sexual orientation and the religious and political views without the explicit consent of account holders. In addition, Internet users are not informed on the signup form with regard to their rights and the processing of their personal data. Facebook transfers personal data to the United States on the basis of Safe Harbor, although the Court of Justice of the European Union declared invalid such transfers…” wrote the institution.

Moreover, French authorities have said that Facebook must stop collecting users data for advertising purposes without properly informing them, since the social network compiles information in order to display personalized advertising. Such a measure violates the “fundamental rights and the right to respect for private life” of users, because they are not provided with an option to prevent data compilation, said the CNIL.

The CNIL remarked that the objective of the notice was not to decide on the company’s behalf. That being said, Facebook was requested to comply with the law and continue to maintain its business model and innovation capacity but following French and European rules.

Facebook has already more than 1.59 billion monthly active users worldwide and it is the second most popular site in France behind According to the CNIL, the formal notice was published because of the relevance of the violations, since Facebook has more than 30 million users in France.

“Protecting the privacy of the people who use Facebook is at the heart of everything we do. We are confident that we comply with European data protection law and look forward to engaging with the CNIL to respond to their concerns,” said a Facebook spokesperson, according to Fortune.

Source: Commission Nationale de l’Informatique et des Libertés (CNIL) press release