On Wednesday, Ireland's regulators fined Facebook parent Meta hundreds of millions for online privacy violations and banned the company from forcing European users to approve personalized ads based on their online activity.
The Irish Data Protection Commission imposed two fines totaling €390m in its decision in two cases that could alter Meta's business model targeting users with ads based on what they do online.
The watchdog has fined Meta €210m for breaches of strict EU data privacy rules involving Facebook and an additional €180m for breaches involving Instagram.
It is the commission's latest sanction against Meta for breaching data privacy, following four more fines for the company since 2021 totaling more than €900m.
The decision stems from complaints filed in May 2018 when privacy rules in the 27-nation European Union, known as the General Data Protection Regulation, or GDPR, came into effect.
Earlier, Meta relied on getting informed consent from users to process their personal data to serve them personalized, or behavioral, ads.
When the General Data Protection Regulation came into effect, the company changed the legal basis under which it processes user data by adding a clause to the terms of service for ads, effectively forcing users to agree that their data could be used. This violates EU privacy rules.
The Irish watchdog initially sided with Meta but changed its position after sending a draft decision to the EU's Council of Data Protection Regulators, many of whom objected.
The Irish watchdog is the leading European regulator for data privacy on Meta because its regional headquarters are in Dublin.
In its final decision, the Irish watchdog said Meta was "not entitled to rely on the ‘contract’ legal basis to deliver behavioral adverts on Facebook and Instagram."
"We strongly believe our approach respects GDPR, and we’re therefore disappointed by these decisions and intend to appeal both the substance of the rulings and the fines," Meta said in a statement.
The Irish watchdog is Meta’s lead European data privacy regulator because its regional headquarters is in Dublin.
Follow the latest news on Google News
