French data watchdog CNIL has fined Facebook 150,000 euros ($166,000) for failure to protect its users' data from being accessed by advertisers.
CNIL said its fine was part of a wider European probe also being carried out in Belgium, the Netherlands, Spain and Germany into some of Facebook's practices.
Of course, the 150,000 euros fine is not considered a big one for Facebook - a company which has quarterly revenue of about $8 billion and a stock market capitalization which stands at around $435 billion. The fine represents about 25 minutes' profit for the company.
The investigations conducted by the CNIL revealed that Facebook proceeded to a "massive compilation" of personal data of Internet users in order to display targeted advertising. It has also been noticed that Facebook collected data on browsing activity of internet users on third-party websites, via the "datr" cookie, without their knowledge.
Considering the failures stated, the Chair of the CNIL issued, the 26 January 2016, a formal notice to Facebook Inc. and Facebook Ireland to comply within three months with the French Data Protection Act. The formal notice was renewed once at the request of Facebook.
CNIL said it received "unsatisfactory" responses by both companies to its formal notice.
In future, though, similar infringements could result in much stiffer penalties. Today, businesses operating across the European Union must deal with privacy laws on a country-by-country basis, answering to each of the national regulators, few of which are able to impose dissuasive fines.
From May 25, 2018, though, the General Data Protection Regulation (GDPR) will introduce a single set of privacy rules across the EU's 28 member states, and raise the fines to €20 million ($22 million) or 4 percent of worldwide revenue.