Facebook-Parent Meta Faces EU Ban On Personal Data Collection For Targeted Ads

In a significant development, the European data regulator has authorised an extension of the ban initially imposed by non-European Union (EU) member Norway on the practice of "behavioural advertising" on Facebook and Instagram. This ban, which involves targeting users through the collection of their personal data, is set to encompass all 30 countries within the European Union and the European Economic Area, as reported by Reuters on Wednesday.

This decision poses a considerable setback for Meta Platforms, a prominent US tech giant and the parent company of both social media platforms, Facebook and Instagram. Meta Platforms has consistently opposed efforts to restrict the use of behavioural advertising.

The Norwegian data regulator has emphasised that Meta Platforms could face substantial fines amounting to as much as 4 per cent of its global revenue due to this move.

The European Data Protection Board (EDPB) has issued an instruction to the Irish data regulator, where Meta's European headquarters are situated, to enforce a permanent ban on the company's utilisation of behavioural advertising within a two-week timeframe. This directive comes in light of the EDPB's recent binding decision, adopted on October 27, which imposes a ban on the processing of personal data for behavioural advertising across the entire European Economic Area, citing legal bases related to contracts and legitimate interests.

In response to this development, Meta has stated its commitment to offering European Union and European Economic Area users the opportunity to provide their consent and is set to introduce a subscription model in November to comply with regulatory requirements. A spokesperson from the company has emphasised that the EDPB had been aware of these plans for weeks, and they had been engaged in discussions to reach a mutually agreeable resolution.

Notably, since August 7, Meta has been subjected to daily fines in Norway, amounting to 1 million crowns (approximately $90,000), for violating user privacy by leveraging their data, including location and browsing behaviour, for advertising purposes—a common practice among major technology companies.

The Norwegian data regulator, Datatilsynet, had earlier referred the ongoing fine to the European regulator, as the fine was applicable within Norway only and set to expire on November 3. With the imposition of this permanent ban, Meta now faces the potential of more substantial financial penalties. Tobias Judin, the head of Datatilsynet's international section, has explained that any non-compliance with the EU/EEA-wide ban could result in a violation of the General Data Protection Regulation (GDPR), potentially incurring penalties of up to 4 per cent of the company's global revenue. The GDPR stands as the European Union's framework for data protection and privacy.

It's important to note that Norway, although not an EU member, is part of the European single market. The ramifications of this decision are extensive, affecting approximately 250 million Facebook and Instagram users across Europe, according to Datatilsynet.