The Belgian Privacy Commission sued Facebook and accused it of acting like the National Security Agency of the United States for spying without authority on European users.
The data protection agency demanded the social media company pay 250,000 euros, or approximately $280,000, daily until it stops breaching data protection rights.
The BPC is seeking an order that forces Facebook to comply with local law, ultimately changing the U.S. company's privacy policies.
Frederic Debussere, a lawyer who represents the BPC, also insists the judge not be intimidated by Facebook.
"Don't be intimidated by Facebook. They will argue our demands cannot be implemented in Belgium alone. Our demands can be perfectly implemented just in this country," Debussere told a court in Brussels.
Despite the accusations, Facebook denies that it did anything to break the law and argues that it fully complies with European data protection laws. The U.S. company also states that its European headquarters is located in Ireland, saying that the Belgian courts have no jurisdiction there, not to mention that the privacy authorities in Ireland approve of Facebook's cookie policy.
"How could Facebook be subject to Belgian law if the management of data gathering is being done by Facebook Ireland and its 900 employees in that country?" Paul Lefebvre, a lawyer who represents Facebook, asked. Facebook has used similar arguments against other countries, including Germany.
The BPC's main concern, however, is how the social media company stores the personal data of more than a million people, not for security but commercial purposes. The Belgian regulator is also troubled at how Facebook monitors the online habits of even non-users, implying that the company's actions violate a fundamental right.
This is not the first time that Facebook has faced a civil lawsuit. Other European countries, such as the Netherlands, have also raised concerns about the company's privacy policies. Facebook states that it will show the court how its technology protects users from malware, spam and other similar attacks and that its practices are in full compliance with European law. However, Facebook urges the BPC to discuss such matters directly instead of resolving the dispute in court, describing the litigation as unnecessary.
Photo: Brian Turner | Flickr