What’s Next for Meta Company?
Beginning the New Year, Meta’s activities in Europe are being impacted by additional privacy fines and corrective actions. A number of EU General Data Protection Regulation (GDPR) concerns over the company’s use of behavioral advertising prompted the most current wave of action.
The primary data protection watchdog in the region for Facebook owner Meta, the Irish Data Protection Commission (DPC), announced today that it had reached final conclusions in two of these drawn-out investigations against Meta’s social networking site Facebook and its social photo-sharing service Instagram.
sandbox metaverse – metaverse stock
Personal Data
The European Data Protection Board’s decision on these complaints last month that contractual necessity is not an appropriate basis for processing personal data for behavioral ads is confirmed by the European Data Protection Board (DPC) press release, which also reveals financial penalties of €210 million for Facebook and €180 million for Instagram. These new penalties come on top of a slew of privacy fines that Meta received in Europe last year, including a €265 million fine for a Facebook data-scraping breach, a €405 million fine for an Instagram violation of children’s privacy, a €17 million fine for a number of earlier Facebook data breaches, and a €60 million fine for violating Facebook cookie consent. All told, these fines will bring the total amount of (publicly disclosed) EU data protection and privacy.
However, Meta has already received fines totaling more than half of the regional total for last year in the first few days of 2023, and additional penalties may be on the way.
Corrective actions are also being taken, in accordance with the DPC’s PR, and Meta has been given three months to make its processing in line with the GDPR. Therefore, it will have to ask users for their approval rather than relying on the defense of contractual necessity to run behavioral ads. The internet giant is quite likely to dispute the rulings given how crucial Meta’s tracking and targeting ad strategy still is to its business. If it does, this might lead to additional delays as legal challenges to the now-ordered enforcement are heard in court. Therefore, it can be years before Meta submits to correction through EU privacy regulation.
A third ruling against WhatsApp, which is owned by Meta, is still pending at the DPC but is expected to be delivered in the next week or so. (The regulator informs us that this is due to a brief delay in the DPC receiving the binding judgment from the EDPB on that complaint.) Update: Meta responded to the rulings in a blog post and asserts that the legal foundation it chose to process people’s data for advertising purposes “respects GDPR.” Additionally, it states that it intends to appeal the rulings on both the merits and the severity of the fines levied.
In a statement that echoes the DPC’s assertion that ad-supported “personalized” services must be “all or nothing,” Meta writes that “Facebook and Instagram are inherently personalized, and we believe that providing each user with their own unique experience – including the ads they see – is a necessary and essential part of that service.
