Personal data: 390 M euros fine for Meta

The Meta group, the parent company of Facebook, received two heavy fines totaling 390 million euros on Wednesday for breaching the European data regulation (GDPR), announced the Irish regulator, which acts on behalf of the Union.

Personal data: 390 M euros fine for Meta

The Meta group, the parent company of Facebook, received two heavy fines totaling 390 million euros on Wednesday for breaching the European data regulation (GDPR), announced the Irish regulator, which acts on behalf of the Union. European.

The Irish Data Protection Commission (DPC) clarified in a statement that Meta had breached “its transparency obligations” and was relying on an incorrect legal basis “for its processing of personal data for advertising purposes. » targeted.

This sanction follows the adoption in early December of three binding decisions by the European Data Protection Board (EDPS), the European regulator for the sector. One of them, concerning WhatsApp, was notified later to the DPC and will be the subject of a decision next week.

The privacy group Noyb, which initiated the three complaints against the group, had accused Meta of reinterpreting consent “as a simple civil law contract”, which does not allow you to opt out of targeted advertising.

In October 2021, the Irish authority had originally proposed a draft decision which validated the legal basis used by Facebook and suggested a fine of 26 to 36 million euros for lack of transparency.

The French CNIL and other regulators had expressed their disagreement with this draft sanction, deemed to be far too weak. They had asked the EDPS to judge the dispute, and the latter agreed with them on the question of the legal basis.

The Noyb association welcomed a decision on Wednesday which it believes will force Meta to implement "a yes/no consent option" for the use of its users' personal data, failing which the company “cannot use their data for personalized advertising”.

Meta said he was "disappointed" with the decisions and indicated his intention to appeal, "both on the merits and on the fines", in a statement sent to AFP.

“The debate around the legal bases” for the processing of personal data “has been going on for some time and companies are faced with a lack of regulatory certainty on the issue”, believes the company.

“These decisions do not preclude targeted or personalized advertising” and “advertisers can continue to use our platforms to reach potential customers, grow their business and create new markets,” adds Meta.

The Irish Constable has already fined the Californian giant in September for 405 million euros for failures in the processing of minors' data, and in November to the tune of 265 million euros for not having sufficiently protected the data. of its users.

NEXT NEWS