Meta fined $414M by EU over data-privacy law breach

Kevin Okemwa


Meta’s 2023 is off to a bad start, as it happens, the company has been fined a whopping $414 million by the EU. This happened after the regulatory body found out that the company was forcing users to subscribe to personalized ads which is a breach of the users’ privacy. NOYB, a nonprofit organization under the stewardship of Max Schrems, an Austrian data-protection activist filed similar complaints back in 2018

Back in 2018, a data-privacy law was passed. It restricts Facebook as well as other social media platforms from collecting data about users without their permission. Both Facebook and Instagram which are Meta-owned were found to have breached this law, as such, they were fined $223M and $191M respectively. On top of the fines incurred, Meta is also required to make some changes to its advertising business model which will be significantly costly.

When signing up for services like Facebook, Instagram, and WhatsApp Meat will first require you to accept its terms of service. It is through this avenue that it is able to access your personal data legally, collect it and use it to come up with user-specific ads. It won’t be possible for you to use any of these services without giving consent thus allowing the company to use your personal data which is in violation of the European law, the General Data Protection Regulation.

However, it is not yet clear what Meta needs to do to be compliant with this rule. The company might need to make it an option or entirely scrap it thus allowing users to use its services while simultaneously maintaining their privacy. Though this might have a negative implication for Meta’s advertising business as it will be impossible for marketers to get their products in front of their target audience.

“This is a huge blow to Meta’s profits in the EU. People now need to be asked if they want their data to be used for ads or not. They must have a ‘yes or no’ option and can change their mind at any time. The decision also ensures a level playing field with other advertisers that also need to get opt-in consent,” said Max Schrems, an Austrian privacy activist.

According to Meta:

Facebook and Instagram are inherently personalised, and we believe that providing each user with their own unique experience – including the ads they see – is a necessary and essential part of that service.

While this breach only applies to Europe, it will impact users in other regions like the United States which doesn’t have any federal data privacy law in place in most of its states. Meta has indicated that it is going to contest the rule by the EU both on substance and the level of fines imposed which will in turn prolong the process even more.

“There has been a lack of regulatory clarity on this issue, and the debate among regulators and policymakers around which legal basis is most appropriate in a given situation has been ongoing for some time,” said Meta’s spokesman. He further indicated that this is why the company does not agree with the DPC’s judgment as they believe that they have been compliant with GDPR and haven’t breached any laws.

Last year in December, the European Data Protection Board highlighted that Meta isn’t supposed to rely on contracts as a legal basis for processing user data for targeted ads. And now, the DPC reiterates the same sentiments indicating that “not entitled to rely on the ‘contract’ legal basis in connection with the delivery of behavioural advertising as part of its Facebook and Instagram services, and that its processing of users’ data to date, in purported reliance on the ‘contract’ legal basis, amounts to a contravention of Article 6 of the GDPR.”

This could be the beginning of many changes that are likely to affect how Meta functions and how it handles its users’ data. Share your thoughts with us in the comment section.

via: The New York Times