Meta fined $413 million in EU for breaching GDPR rules

The Irish Data Protection Commission announced on Wednesday that it would fine Meta Ireland totaling $413 million for breaches of EU regulations. GDPR (General Data Protection Regulation) Regarding the management of the Company’s personal information on Facebook and Instagram.

Under the GDPR, companies that process users’ personal information must do so under one of six identified legal bases, including the user’s consent, the need for the performance of a contract, and the need to comply with a legal obligation. Meta, in response to original user complaints filed under the GPDR in 2018, said it would rely on a “contractual” justification rather than “consent” as it had previously done. (The complaints argue that, by requiring users to agree to Meta’s use of personal information for ad targeting purposes, the company was offering users no real choice in the matter.)

The Irish DPC’s preliminary investigation, that regulator said, found no fault with the company’s decision, but instead fined Meta for failing to provide a clear explanation of the legal basis it was required to provide to its users. As part of the process required by the GDPR, however, the DPC’s peer organizations reviewed the draft ruling against Meta and argued that the “contractual” basis for data processing was legally problematic, saying that the use of personalized advertising The provision was not necessary, as a matter of law, for the fulfillment of a contract entered into by Meta and its users.

The DPC said on Wednesday that it disagrees with this, but that the structure of the GDPR – in particular, the review required by the European Data Protection Board – needs to amend its earlier rulings to reflect the view that meta “contracts “Can’t believe it.” justification for the processing of personal information, and amended its proposed penalty accordingly.

However, the DPC pushed against the Data Protection Board’s directive that the Irish data regulator conduct a fresh investigation into Facebook and Instagram data processing, saying the EDPB does not have the authority to do so. The group said it would file a complaint with the European Court of Justice to block the new investigation, arguing that the directive amount had been exceeded by the EDPB.

Meta, separately, expressed “disappointment” with the decisions in a public statement, and said it would appeal “the substance of both the decision and the fine”. While the DPC ruling outlines a three-month timeline for the company to comply with the new regulations, the pending legal action could drag the process too long.

Copyright © 2023 IDG Communications, Inc.

#Meta #fined #million #breaching #GDPR #rules



Leave a Reply

Your email address will not be published. Required fields are marked *