"Facebook’s opt-out system for advertising does not meet the requirements for legally valid consent," said the report by the Centre of Interdisciplinary Law and ICT and Intellectual Property Rights at the University of Leuven, Belgium.
Its policies contain a number of provisions which do not comply with the Unfair Contract Terms Directive, said the report. "These violations were already present in 2013, and they are set to persist in 2015," it said.
The report added that opt-outs for "sponsored stories” or collection of location data are "simply not provided".
One of the recommendations is for Facebook to offer granular in-app settings for sharing of location data, with all parameters turned off by default.
Facebook's current default settings for behavioural profiling and advertising remain problematic, the report added.
The authors also noted the site's ability to monitor and track users’ activities outside Facebook "has increased exponentially".
A Facebook spokesman said: "We recently updated our terms and policies to make them clearer and more concise, to reflect new product features and to highlight how we're expanding people's control over advertising."
"We’re confident the updates comply with applicable laws," the spokesman added, and "as a company with international headquarters in Dublin, we routinely review product and policy updates, including this one with our regulator, the Irish Data Protection Commissioner, who oversees our compliance with the EU Data Protection Directive as implemented under Irish law." ®