Facebook Pixel opt out method : EU GDPR Compliance

[Morgy93]

Do you plan to implement some opt out method for the Facebook Pixel code? Like via cookie or something?

[dmitridr]

No plans, but if you are able to edit your DB, if you delete the row with path facebook_ads_toolbox/fbpixel/id in the table core_config_data in the magento db, it should effectively remove the pixel from your site while keeping the rest of your installation. Hope that helps.

[dmitridr]

Or are you asking about customer-facing opt-out?

[Morgy93]

@dmitridr Yes, by German laws every user needs the ability to opt-out from the Facebook Pixel tracking.

I'd create a new backend setting for a opt-out cookie name and check if this cookie is not 1 and only then display the tracking code - would that be applicable for you as well?

[newsjunk]

Would be a nice option! This is not just required by german law, but by Dutch law and pretty much every EU country. After may 2018 the 'European General Data Protection' will be in effect. With fines upto €1M if you do not comply. Sorry, very dry read, but very important for everyone using FB and e-commerce. https://www.eugdpr.org/

-edit: for us, just no pixel on the frontpage, but a pixel in the checkout process would be sufficient to comply with the law -

[dmitridr]

Thanks for the context both of you. This is troubling.

We can build something quickly for 'no pixel on the frontpage'. But a full compliance by dropping a cookie and adding a customizeable opt-out banner is going to take a lot of time and cause (probably) a lot of bugs. Any suggestions for how to do this easily would be welcome.

[Morgy93]

Like I said, it would be enough to be able to set a cookie name in the backend and then just check if this is not 1 to show the code:

<?php if ($this->getOptOutCookie() != 1) : ?>

insert https://github.com/facebookincubator/facebook-for-magento/blob/master/app/design/frontend/base/default/template/facebook_ads_extension/head.phtml

<?php endif; ?>

One can handle the opt out method on his own then, which is just fine in my case.

[dmitridr]

Hello All,

I have updates on this issue from the broader Facebook org on GDPR. Specific to the FB pixel, Facebook is pursuing a solution at the user level that will require very little action for businesses who installed the pixel. There will be no need to remove the pixel, and the requirements to provide notice to users will be largely the same as they are now.

I'm not allowed to give out any details about our solution at this time, but when it becomes public I'll update this thread and close it.

www.facebook.com/business/GDPR has more information about our general policy here.

[gndk]

@dmitridr any news on that user level solution? or do you mean this: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen "Ads based on partner data" (which includes fb pixel)

[dmitridr]

Yes, though there is another GDPR-specific screen, the user level solution was for Facebook users and managing how their pixel data is used to comply with GDPR, it is my understanding that these users can opt-out on FB itself. Apologies if that was unclear from my previous post. The link I sent earlier, www.facebook.com/business/GDPR, has been updated since my post, as well and should have some more details. This is the company's comprehensive guideline on GDPR for all merchants so I would keep a close eye on that link.

As for the opt-out/opt-in mechanism for the plugin itself: Our company stance has shifted here, and we will not be providing such a mechanism in our plugins themselves, including this one.

[My understanding... is that the opt-out mechanism already exists in FB, and the company views this as the most scalable approach to be compliant, rather than a FB-specific opt-out mechanism on every site with a pixel. Again, this is my opinion as a dev, not an FB official stance.]

That said, we welcome your pull requests for features that would help you build an opt-out/opt-in yourselves if you need to, or use other existing opt-out plugins to connect with ours. For example, the code suggested by @Morgy93 could be helpful, if cleaned up and added in the right place.