Meta fined over $400 million for forcing users to accept targeted ads
The decision could mean that the technology giant would need to make costly changes to its advertising-based business in one of its largest markets.
European Union regulators have fined Meta over $400 million for illegally forcing users to accept personalized ads on Facebook and Instagram. The decision could mean the technology giant would need to make costly changes to its advertising-based business in one of its largest markets.
Two fines were imposed by Ireland's Data Protection Commission fined Meta after finding it guilty of breaching the European Union's General Data Protection Regulation and fined it $222.5 million. Another $191.5 million penalty was slapped upon Instagram for a similar breach. Overall, the fines total up to $414 million.
In the Data Protection Commission ruling, Meta has also been given three months to bring its data processing operations into compliance with the General Data Protection Regulation. The investigations against Meta started the day the General Data Protection Regulation came into effect on May 25, 2018.
Two complainants accused Meta of 'forcing' users to consent to the processing of personal data for behavioural advertising and other personalised services. If users wished to continue to have access to the Facebook and Instagram services following the introduction of the GDPR, existing (and new) users were asked to click 'I accept' to indicate their acceptance of the updated Terms of Service. The complainants contended that the services would not be accessible if users declined to do so.
Following its elaborate investigation, the Data Protection Commission found that Meta, which changed its name from Facebook in 2021, was in breach of Article 5(1)(a), which reinforces the principle that users' personal data must be processed lawfully, fairly and in a transparent manner.
The ruling underscored that Meta was in breach of its obligations in relation to transparency. The order notes, 'information in relation to the legal basis relied on by Meta Ireland was not clearly outlined to users, with the result that users had insufficient clarity as to what processing operations were being carried out on their personal data, for what purpose(s), and by reference to which of the six legal bases identified in Article 6 of the GDPR. The DPC considered that a lack of transparency on such fundamental matters contravened Articles 12 and 13(1)(c) of the GDPR.'
Meta said that it planned to appeal the ruling. In a statement, Meta said that the Data Protection Commission's decision does not amount to a ban on personalized advertising. The technology giant further said that businesses could continue using Meta’s platforms to target users with ads.