Meta fined $414 million after advertising practices found illegal under EU law

Meta suffered a major defeat on Wednesday that could severely undermine its advertising business on Facebook and Instagram after European Union regulators found it illegally forced users to actually accept personalized ads.

The ruling, including a 390 million euro ($414 million) fine, could force Meta to make costly changes to its advertising business in the European Union, one of its biggest markets.

The decision is one of the most significant judgments since the 27-nation bloc, home to around 450 million people, enacted a landmark data privacy law aimed at restricting the ability of Facebook and other companies to collect information about users without their prior consent. The law came into force in 2018.

The case hinges on how Meta receives legal permission from users to collect their data for personalized advertising. The company’s terms of service agreement – the very long statement that users must agree to in order to access services such as Facebook, Instagram and WhatsApp – includes language that effectively means that users must either authorize the use of their data for personalized ads, or stop using Meta. social media services altogether.

The Irish Data Privacy Board, which is Meta’s main regulator in the European Union because the company’s European headquarters are in Dublin, said EU authorities have determined that placing the legal consent in the terms of service essentially forced users to accept personalized ads, violating EU regulation. law known as the General Data Protection Regulation or GDPR

Meta has three months to explain how he will comply with the ruling. The ruling doesn’t specify what the company should do, but it could lead Meta to allow users to choose whether they want their data used for such targeted promotions.

If a large number of users choose not to share their data, it would cut off one of the most valuable parts of Meta’s business. Information about a user’s digital history – such as videos on Instagram prompting someone to stop scrolling or the types of links a person clicks on while browsing Facebook feeds – is used by marketing to deliver ads in front of people most likely to buy. The practices helped Meta generate $118 billion in revenue in 2021.

The ruling puts 5-7% of Meta’s overall advertising revenue at risk, according to Dan Ives, an analyst at Wedbush Securities. “It could be a major punch,” he said.

The penalty contrasts with regulations in the United States, where there is no federal data privacy law and only a few states like California have taken steps to create rules similar to those in the European Union. But any changes made by Meta as a result of the decision could affect users in the United States; many tech companies apply EU rules globally, as this is easier to implement than limiting them to Europe.

The EU judgment is the latest headwind facing Meta, which was already struggling with a major drop in advertising revenue due to a change made by Apple in 2021 that gave iPhone users the ability to choose whether advertisers could follow them. Meta said last year that Apple’s changes would cost it about $10 billion in 2022, with consumer surveys suggesting a clear majority of users have blocked tracking.

Meta’s struggles come as it tries to branch out from social media into the virtual reality world known as the Metaverse. The company’s stock price has fallen more than 60% in the past year and has laid off thousands of employees.

Wednesday’s announcement relates to two complaints filed against Meta in 2018. Meta said it would appeal the decision, setting up what could be a protracted legal fight that tests the power of the GDPR and the aggressiveness with which regulators use the law to force companies to change their business. practices.

“We strongly believe our approach is GDPR compliant, and so we are disappointed with these decisions,” Facebook said in a statement.

Privacy groups hailed the result as a long-awaited response to companies gobbling up as much data as possible about people online in order to deliver personalized ads. But critics have also seen the more than four years it took to reach a decision as a sign that GDPR enforcement is weak and slow.

“The European enforcement has yet to deliver on the promise of the GDPR,” said Johnny Ryan, a privacy rights campaigner who is a senior researcher at the Irish Council for Civil Liberties. The judgment signals that “Big Tech could be in for a much bumpier ride.”

Within the European Union, there has been disagreement over how to apply the GDPR Irish authorities said they initially ruled that Meta’s use of terms of service for authorization was legal enough to comply with the law, but they were overturned by a council made up of representatives from all EU countries.

“There has been a lack of regulatory clarity on this issue, and the debate between regulators and policymakers around the most appropriate legal basis in a given situation has been going on for some time,” Meta said in its statement.

Helen Dixon, head of Ireland’s Data Protection Commission, said regulators must be an “honest broker” and not give in to demands from privacy campaigners who are demanding decisions that would not withstand legal challenges.

“We won’t get results by simply trying to rewrite GDPR the way we would have liked to see it written,” Ms Dixon said in an interview.

There are signs in the European Union of a broader and intensified effort to crack down on the world’s biggest tech companies. New EU laws were passed last year aimed at ending anti-competitive practices in the tech industry and forcing social media companies to more aggressively police user-generated content on their platforms. Last month, Amazon agreed to make key changes to the way products are sold on its platform as part of a deal with EU regulators to avoid antitrust charges.

In November, Meta was fined around $275 million by Irish authorities for a data breach uncovered last year that led to the personal details of more than 500 million users being published online. from Facebook.

In 2023, the European Union’s highest court, the European Court of Justice, is also expected to rule on cases that may result in further changes to Meta’s data collection practices.

Yet many believe the app hasn’t matched EU policymakers’ rhetoric on tough tech regulation. Max Schrems, an Austrian data protection activist whose nonprofit, NOYB, filed the complaints in 2018 that led to Wednesday’s announcement, said thousands of data protection complaints data still needed to be processed.

“On paper you have all these rights, but in reality enforcement just doesn’t happen,” he said.


Not all news on the site expresses the point of view of the site, but we transmit this news automatically and translate it through programmatic technology on the site and not from a human editor.
Back to top button