EU Fines Meta $416m

Uploaded on 2023-01-06 in TECHNOLOGY-Key Areas-Social Media, FREE TO VIEW, BUSINESS-Services-Law

On January 4th the Irish Data Protection Commission (DPC)  announced the conclusion of two inquiries into the data processing operations of Meta Platforms Ireland Limited (“Meta Ireland”) in connection with the delivery of its Facebook and Instagram services,” and Meta has been fined €390m ($416 or £346m) for breaking EU data rules.

The DPC announced in Dublin that the way Meta used peoples' data for ads on Facebook and Instagram, which it owns, was unlawful. 

The regulator said that Facebook and Instagram can not employ "force consent" by telling users that they have to accept how their data is used or leave the platform. Right now, Meta has three months to change how it receives and uses data to target ads and Meta says it will appeal, stressing that the decision does not prevent personalised advertising on its platforms. Facebook collected advertising revenue of $118bn (£97.8bn) in 202.

Privacy campaigners say the decision is a major victory and means Meta will have to give users real choice over how their data is used to target online advertisements. 

This recent DPC investigation was started by complaints made in 2018 by privacy campaigner Max Schrems, on behalf of two users in Austria and Belgium. The complaint was brought just as the EU's new data and privacy law, the General Data Protection Regulation (GDPR), came into operation.

Meta's spokespeople say that it plans to challenge the size of the fines imposed, "given that regulators themselves disagreed with each other on this issue". The company argues that far from forcing people to accept how it uses data, it gives consumers a number of tools to control how their data is used. 

In September 2021, Meta was forced to pay out $420 million for how it handled teens’ Instagram data, in March the fine was $17 million for record-keeping problems while in October 2021, Meta was fined around $233 million for various violations.

The latest DPC ruling could damage Meta’s EU profits, because, according to Austrian lawyer Max Schrems who sued Meta in 2018, people now must consent for their data to be used for ads and can also withdraw their consent at any time.

DPC:      BBC:      Gizmodo:     Forbes:      Press United:       Focus Washington:

You Might Also Read: 

The Effects Of GDPR On EU / US Relations:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Multi-Factor Authentication Is No Shortcut To Cyber Resilience
PAM, IAM, Or Both? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Caliber Security Partners

Caliber Security Partners

Caliber Security Partners is a full-service information security company, with a wide range of security services for clients with varying levels of security maturity.

Irish Reporting & Information Security Service (IRISS)

Irish Reporting & Information Security Service (IRISS)

IRISS-CERT is Ireland's first CSIRT (Computer Security Incident Response Team) to provide services to all users within Ireland.

Varonis

Varonis

Varonis provide a security software platform to let organizations track, visualize, analyze and protect their unstructured data.

Lakeside Software

Lakeside Software

Lakeside Software is how organizations with large, complex IT environments can finally get visibility across their entire digital estates and see how to do more with less.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

Ataya & Partners

Ataya & Partners

Ataya & Partners is a consulting company that delivers data protection, cybersecurity and IT & Digital governance services.

RangeForce

RangeForce

RangeForce delivers the only integrated cybersecurity simulation and skills analysis platform that combines a virtual cyber range with hand-on training.

Dice

Dice

Dice is a leading recruitment platform, helping technology professionals manage their careers and employers connect with highly skilled tech talent in specialist areas including cybersecurity.

JobStreet.com

JobStreet.com

JobStreet is one of Asia’s leading online employment marketplaces in Malaysia, Philippines, Singapore, Indonesia and Vietnam.

Aries Security

Aries Security

Aries Security provides a premiere cyber training range and skills assessment suite and develops content for all levels of ability.

Guidepost Solutions

Guidepost Solutions

Guidepost Solutions are a diverse, global team of investigators, experienced security and technology consultants, and compliance and monitoring experts.

Oregon Systems

Oregon Systems

Oregon Systems is a Regional Leader & Distributor with value added services for OT, IoT, IIoT & IT Cybersecurity products, Solutions & professional services throughout the middle-east region.

VLC Solutions

VLC Solutions

VLC Solutions is an independent solutions and technology service provider offering Cloud Services, Cybersecurity, ERP Services, Network Management Services, and Compliance Solutions.

ShellBoxes

ShellBoxes

ShellBoxes are a leading Web3 company focused on providing top-notch blockchain security and development services.

Cranium

Cranium

AI is being implemented into every business process, but nobody knows whether their AI is secure. Our mission is to deliver security and trust to the AI revolution.

Excite Cyber

Excite Cyber

Excite Technology Services (formerly Cipherpoint) is focused on improving the security posture of our customers.