The Irish Knowledge Defense Commission (DPC) has issued a fine of €390 million (around $414 million) to Meta Platforms. This fine is due to handling user data for personalized advertising. This could be a significant blow to the company’s ad-based business model. The privacy regulator has ordered Meta Eire to pay two fines. A €210 million ($222.5 million) fine for violations of the E.U. General Data Protection Regulation (GDPR) related to Facebook and a €180 million ($191 million) fine for similar violations on Instagram. This enforcement action comes after allegations. This includes that the social media company used its Terms of Service to obtain users’ forced consent for targeted advertising. These complaints were made on May 25, 2018, when GDPR took effect in the region.
Know the rules of The Data Protection Commission (DPC) in Ireland
The Data Protection Commission (DPC) in Ireland has ruled that Meta Ireland is no longer allowed to use contracts. These contracts include such as accepting its Terms of Service, as a legal basis for processing personal data for behavioral advertising.
This means that Meta’s advertising practices will be illegal from now on.
What Meta have to do?
However, Meta has three months to bring its data processing operations into compliance. We’ve heard that tailoring advertising to user preferences is important for personalized services. This ruling comes a month after the European Data Protection Board (EDPB) made binding decisions.
Instead of offering a “yes/no” option for personalized ads, Meta simply included a consent clause, said Max Schrems of NOYB. This led to the misuse of data which is becoming quite common these days. Schrems stated that this is “not just unfair but illegal.” Meta has experienced a decrease in advertisement revenue in the past year. This is partly due to Apple’s privacy changes. The company plans to appeal the DPC’s conclusions.
What Meta has to say?
Meta emphasized that these conclusions do not prevent personalized marketing on its platform and only relate to the legal basis Meta uses for certain advertising. The tech giant also argued that the suggestion that it can no longer provide personalized ads to European customers without their opt-in approval is “incorrect,” citing a lack of regulatory clarity on the issue.
Meta has faced several privacy fines in Europe and the U.S. in the past year. This led to a new set of economic penalties for data misuse. In December 2022, the company also agreed to pay $725 million to settle a class-action lawsuit that alleged they gave third parties access to consumer data without proper consent. The lawsuit came to light in 2018. It was the time when Facebook revealed that 87 million users’ data had been improperly shared with Cambridge Analytica. This British political consultancy firm used the gathered information to advise political campaigns.
Apple Fined by Commission Nationale de l’informatique et des libertés (CNIL)
France’s privacy watchdog, the Commission Nationale de l’informatique et des libertés (CNIL), has fined Apple €8 million. This fine was the result of not obtaining consent from iPhone users in iOS 14.6 for using identifiers for targeted advertisements. According to CNIL, users had to go through a lengthy process to disable this setting, as it was not in the integration of the phone’s initialization process. Apple plans to appeal the decision, stating that it allows users to opt-in or opt-out of personalized ads and only relies on first-party data.