Facebook Like Button and the GDPR: Protecting EU User Data Around The World

Since the introduction of the European Union’s (“EU”) General Data Protection Regulation (“GDPR”), technology giants such as Google and Facebook have found themselves having to grapple with the EU law to avoid tremendous fines for violating users’ privacy. In recent news, the Facebook “Like” button may get a revamp to align with GDPR standards. 

What’s the GDPR?

The GDPR sets guidelines for protecting data and privacy of individual users in the European Union. It also addresses the transfer of any personal data of EU citizens moving outside of the EU.  Basically, any company that controls personal data such as names, email addresses, mailing addresses, and other sensitive data must have “appropriate” technical and organizational measures in place to adequately protect EU users’ sensitive data.

While technology companies had about a year to reformat their platforms to meet GDPR standards before the regulation became effective, many companies are still being dinged by the GDPR over integral parts of their platforms.  Even a feature like the Facebook “Like” button and how it can be used.

The Facebook Like Button Deemed a Violation of GDPR

For instance, in the latest chapter of technology companies versus the GDPR, Facebook’s “Like” button has raised issues about privacy and whether it conforms with the requirements of the GDPR.  According to a recent decision by the EU, the Facebook “Like” button makes third-party websites responsible for processing people’s sensitive data.  The “Like” button of Facebook is a well-recognized feature of Facebook that allows users to click on the “Like” button in order to show appreciation for another user’s post, photograph, or location.  

The issue for the EU Court of Justice was that the “Like” button allows for some third-party companies to use the button to access and analyze user data.  As such, the EU Court of Justice held that both the third parties and Facebook were in violation of the GDPR.

EU Court Ruling Against Facebook Like Button

Although the case dated back to before the GDPR had even been enacted, the decision is in line with the more stringent standards of the GDPR. In response, Facebook has announced that it would look into redesigning the “Like” button to meet the EU’s GDPR regulations. Experts in the privacy law field note that even if Facebook does reformat the “Like” button, smaller third-party companies that use plugins that connect to Facebook must be wary of violating the GDPR even if Facebook’s features in itself do not violate the regulation. Therefore, even small U.S. companies that tread in data collection should be aware of the requirements of the GDPR and seek counsel to help ensure safeguards against GDPR violations.


You may also be interested in:


Sign up for and explore our content and thought leadership here.


About the Firm:

Klemchuk LLP is a litigation, intellectual property, transactional, and international business law firm dedicated to protecting innovation. The firm provides tailored legal solutions to industries including software, technology, retail, real estate, consumer goods, ecommerce, telecommunications, restaurant, energy, media, and professional services. The firm focuses on serving mid-market companies seeking long-term, value-added relationships with a law firm. Learn more about experiencing law practiced differently and our local counsel practice.

The firm publishes Intellectual Property Trends (latest developments in IP law), Conversations with Innovators (interviews with thought leaders), Leaders in Law (insights from law leaders), Culture Counts (thoughts on law firm culture and business), and Legal Insights (in-depth analysis of IP, litigation, and transactional law).