Irish data authorities have fined Meta $414 million (€390 million) for online privacy violations.
The Facebook parent is also prohibited from forcing European users to agree to personalized ads based on what they do online.
The Data Protection Commission hit Meta with € 210 million euros in fines for breaking the European Union’s strict data privacy laws involving Facebook.
It has also been fined an extra €180 million for infringements involving Instagram.
The case could lead to changes in Meta’s business model of sending targeted ads to users based on their internet activities.
It is the authority’s latest penalty for Meta’s data privacy breaches, following four earlier fines totaling more than €900 million since 2021.
The ruling stems from May 2018 complaints when the 27-nation EU’s privacy rules, known as the General Data Protection Regulation, or GDPR, went into force.
Meta had leaned on obtaining informed consent from users to collect their personal data to send them personalized, or behavioral, ads.
But when GDPR took effect, the company’s legal foundation was altered.
It started processing user data by adding a phrase in the terms of service for advertising, thus forcing users to approve that their data could be used, violating EU privacy laws.
Need Career Advice? Get employment skills advice at all levels of your career
The Irish watchdog initially supported Meta but changed its side after the draft decision was sent to a board of EU data regulators, many of whom opposed it.
It ruled in its final decision that Meta “is not entitled to rely on the ‘contract’ legal basis to deliver behavioral adverts on Facebook and Instagram.”
Meta said: “We strongly believe our approach respects GDPR, and we’re therefore disappointed by these decisions and intend to appeal both the substance of the rulings and the fines.”
Since its regional offices are in Dublin, the Irish authority is Meta’s principal European data privacy regulator.
Source: CBS News