“Facebook” parent company “Meta” was sentenced to a heavy fine

The Meta group, the parent company of Facebook, was hit with two hefty fines of 390 million euros this Wednesday, January 4, for violating the European data regulation (RGPD), following two other sanctions imposed this fall.

Into the virtual universe, but with real money

The Irish Data Protection Commission (DPC), a regulator acting on behalf of the EU, said in a statement that Meta had breached the law. “Obligations in terms of transparency” and was based on the wrong legal basis “for the processing of personal data for advertising purposes” targeted.

The sanction follows the adoption of three binding decisions by the European Data Protection Board (EDPS), the European regulator for the sector, in early December.

The first two relate to violations of social networks Facebook, for which the fine amounted to 210 million euros, and Instagram, another subsidiary of Meta, with the remaining 180 million euros.

The EDPS’ third decision on WhatsApp was later reported to the Irish regulator and will be the subject of a separate decision next week.

“No company has tried to ignore GDPR so arrogantly”

Privacy association Neub, which launched three complaints against the group on May 25, 2018, the GDPR’s effective date, accused Meta of reinterpreting consent. “Like a simple civil law contract”which does not opt ​​out of targeted advertising.

In October 2021, the Irish authorities initially proposed a draft decision confirming the legal framework used by Facebook and proposing a fine of 26-36 million euros for lack of transparency.

Adam McKay: “Facebook is as bad as pollution, nuclear weapons, food preservatives and marketing”

France’s Cnil and other regulators have stepped up to the plate in the face of this amount, which is widely considered insufficient. They asked the EDPS to review the dispute and the latter agreed with them on the legal basis.

“Instead of having a ‘yes/no’ option for personalized ads, (Meta) simply moved the consent clause into the terms. This is not only unfair, but also clearly illegal.”Austrian lawyer Max Schrems, the founder of Neub company, said in a press release.

“We don’t know of any other company that is trying to flout GDPR in such an arrogant way”he added on Wednesday.

Meta has three months to comply with the law

Neub welcomed a decision this Wednesday that would force Meta to stand down “choice of consent” for the use of personal data of its users, in the absence of the company “can’t use their data for personalized advertising”.

Meta has three months “adapt data processing operations”, DPC said in a press release issued on Wednesday. Meta says to himself “disappointed” stated that he intended to appeal the decisions, “both merit and fines”said in a statement sent to AFP.

“Discussions on Legal Basis” for the processing of personal data “It has been going on for some time and companies are facing a lack of regulatory certainty on the issue”– says the company.

“These decisions do not prevent targeted or personalized advertising” and “Advertisers can continue to use our platforms to reach potential customers, grow their businesses and create new markets”Adds meta.

Different solutions to avoid the decision

The company also believes that the DPC does not require it to establish a consent option and says it is evaluating various solutions to change the legal basis for data processing.

A source close to the meta told AFP it had a legal basis “legitimate interest”Designed by GDPR, investigated by the company.

The Irish constable already fined the Californian giant €405 million in September for failing to handle minors’ data, and €265 million in November for failing to adequately protect its users’ data.