Meta was penalized €390 million (£346 million) for violating EU data laws.
According to the Irish Data Protection Commission (DPC), Meta's request for authorization to utilize users' data for Facebook and Instagram advertisements was illegal.
Both sites' owners, Meta, have three months to alter the way they collect and utilize data for ad targeting.
The ruling does not ban individualized advertising on Meta's platforms, as it emphasizes, but still, the company is "disappointed" and plans to appeal.
According to the authority, Facebook and Instagram are not permitted to "force consent" on users by requiring them to approve how their data is used or leave the platform.
Due to the fact that Facebook and Instagram's European headquarters are in Ireland, the DPC is in charge of verifying that they abide by EU data legislation.
The judgment, according to privacy advocates, is a significant win and mandates that Meta provide consumers genuine control over how their data is used to target online adverts.
It implies that Meta could need to alter how a crucial aspect of its operations.
Over $118 billion (£97.8 billion) of the company's revenue in 2021 will come from advertising.
The amount represents the watchdog's second hefty sanction in recent months.
The DPC penalized it €265 million (£228 million) in November for a data breach that resulted in the online publication of the personal information of hundreds of millions of Facebook users.
The Irish Times reports that Meta laid aside €2 billion (£1.7 billion) for anticipated 2023 European fines.
New law, new complaints.
Max Schrems, a privacy activist, filed complaints in 2018 on behalf of two users in Austria and Belgium, which led to the DPC inquiry. The General Data Protection Regulation (GDPR), a new EU data and privacy regulation, was barely being implemented when the complaint was filed.
Both Facebook and Instagram prompted users to click "I accept" to confirm that they agreed to new terms of service outlining how their data will be used in advertisements in order to comply with GDPR.
Users could not use Facebook or Instagram if they refused.
The complainants said that Meta had violated the GDPR by "forcing" them to consent to the use of their data for targeted advertisements.
The representatives of Meta said that Facebook and Instagram are "inherently personalized" and that targeted advertisements are a "necessary and essential part" of how the platforms function as a result of this personalization.
They said that Meta wasn't offering consumers a choice and that platforms simply couldn't function without exploiting user data for advertising.
However, the DPC discovered such is not the case and that users' agreement was coerced.
The DPC also discovered that Meta was not sufficiently transparent with users on how and why it was utilizing their personal data.
However, the choice was made only after a disagreement with other European data protection agencies.
The European Data Protection Board ultimately reached a resolution on the matter in December.
According to a spokesperson for Meta, the company intends to contest the magnitude of the fines levied "given that regulators disagreed on this issue."
The business contends that rather than imposing its data usage on customers, it offers them a variety of tools to manage how their data is used.
from BBC News - Business https://ift.tt/nC5kfKS
Tags:
News