According to the Belgian research team, Facebook's problem lies in its tracking techniques which span across tens of millions of other websites on the Internet. For example, the social network places a "datr" cookie on the browser of people who visit one of its domains, whether they are registered Facebook users or not. According to the microblogging company, these cookies serve for security issues, allowing them to identify users in case they lose their passwords, while the "non-users" are being tracked in order to quickly stop DDoS attacks or other types of misconduct. However, the report states that these cookies can uniquely identify each user, track people on every subsequent website which contains a Facebook social plug-in, and continue doing their job even if the user has opted-out of being tracked or deactivated their account.
Furthermore, a big part of the problem is that the cookies are made to track the users by default and keep on doing their job even when they don't have consent, which (unless deemed absolutely necessary) is in violation with the EU law. The study shows that a datr cookie will be transmitted to any EU resident who chooses to opt-out from being tracked, but not to users from the US or Canada (in the same situation). If this is true, it will basically prove that Facebook's claims of using these cookies as a security imperative are bogus. What's even worse is that even if you choose to leave the social network altogether and deactivate your account, you will still be tracked and Facebook will still be able to monitor the ex-user's online activities.
The study will be taken into account by the German, Belgian and Dutch authorities who will then decide on the necessary course of action. According to a spokesperson from the Belgian Privacy Commission, if these findings prove to be true, they will try to find a friendly agreement with Facebook, but if that doesn't work out, they are prepared to drag the social network into a court of law.