Internet. Personal data: Meta faces two new big fines in the EU

New heavy sanction in the EU for the Meta group. The parent company of Facebook was fined this Wednesday two heavy fines totaling 390 million euros for violation of the European data regulation (GDPR). The Irish Data Protection Commission (DPC), a regulator that acts on behalf of the EU, said in a statement that Meta had breached “its transparency obligations” and was relying on an erroneous legal basis “for its processing of personal data for the purposes of targeted advertising.

This sanction follows the adoption in early December of three binding decisions by the European Data Protection Board (EDPS), the European regulator for the sector. The first two concerned offenses related to social networks Facebook, for which the fine amounts to 210 million euros, and Instagram, another subsidiary of Meta, and which is targeted by the remaining 180 million euros. The EDPS’ third decision, regarding WhatsApp, was later notified to the Irish regulator and will be the subject of a separate decision next week.

The privacy association Noyb, which initiated the three complaints against the group, filed on May 25, 2018, the date of entry into force of the GDPR, had accused Meta of reinterpreting the consent “as a simple contract of civil law”, which does not allow you to refuse targeted advertising.

Meta forced to set up “consent option”

In October 2021, the Irish authority had originally proposed a draft decision which validated the legal basis used by Facebook and suggested a fine of 26 to 36 million euros for lack of transparency. The French Cnil and other regulators had stepped up to the plate in the face of this amount deemed largely insufficient. They had asked the EDPS to judge the dispute, and the latter agreed with them on the question of the legal basis.

“Instead of having a ‘yes/no’ option for personalized ads, (Meta) has simply moved the consent clause into the terms and conditions. This is not only unfair but clearly illegal,” commented Austrian jurist Max Schrems, founder of Noyb, in a statement. “We don’t know of any other company that has tried to ignore GDPR in such an arrogant way. The Noyb welcomed this Wednesday a decision which, it believes, will force Meta to set up “a consent option” for the use of the personal data of its users, failing which the company “cannot use their data for personalized advertising”.

Meta has three months to “bring its data processing operations into compliance,” said the DPC in its press release.

The group will appeal

Meta said he was “disappointed” with the decisions and announced his intention to appeal, “both the merits and the fines”, according to a statement sent to AFP. “The debate around the legal bases” for the processing of personal data “has been going on for some time and companies are faced with a lack of regulatory certainty on the issue”, estimates the company. “These decisions do not preclude targeted or personalized advertising” and “advertisers can continue to use our platforms to reach potential customers, grow their business and create new markets,” adds Meta.

The company also believes that the DPC does not require it to set up a consent option and says it is evaluating a variety of solutions to change the legal basis for data processing. A source close to Meta clarified that the legal basis of “legitimate interest”, provided for by the GDPR, was examined by the company.

We wish to say thanks to the writer of this write-up for this amazing web content

Internet. Personal data: Meta faces two new big fines in the EU

You can find our social media accounts as well as other related pages