If web site owners embed a facebook like button, personal data is transferred to facebook and those web sites violate against Europe’s GDPR laws.
To protect myself from other web sites illegal GDRP violations I implemented an access control list for facebook’s network ranges on my ASA firewall.
To get all IP ranges (in this case legacy IPv4 ranges) I am going to query with whois facebook’s Autonomous system number AS32934. The command line below will give me all IPv4 ranges assigned to facebook.
Based on above network list (about 90 network ranges) I can build up an Access Control List like this:
For background information see (in German):
Verbraucherzentrale: EuGH-Generalanwalt äußert sich zum Like-Button… and WBS Rechtsanwaelte: Facebook Like Button vor dem EuGH… or in english The Register: Facebook Like, social sharing buttons on your website may land you in GDPR hot water…