Meta will challenge a hefty €390 million ($413 million) fine imposed by Ireland’s Data Protection Commission (DPC) for breaches of the General Data Protection Regulation (GDPR) is.
The DPC has fined Meta Ireland €210 million for infractions related to Facebook and €180 million for its Instagram service, while several other regulators consulted during the process said: We disagreed with the decision and demanded a higher fine.
The issue revolved around the choice of legal basis on which the social media giant relies when processing its users’ personal information.
Under the GDPR, businesses can choose from six clearly defined legal bases. However, previously Meta relied on user consent (one of these legal bases) for processing personal data such as behavioral advertising, which has since become known as “contractual necessity”. I changed it to something else available.
This effectively meant that if users wanted to access Facebook and Instagram services, they would have to agree to long new terms of service that were displayed. According to the DPC, this has resulted in complaints from one of his users in Belgium and one of his in Austria.
“Complainants argued that, contrary to Meta Ireland’s stated position, Meta Ireland, in fact, seeks to rely on consent to provide a lawful basis for processing user data.” explained.
“They say that by making accessibility to the service contingent on users agreeing to updated terms and conditions, Meta Ireland actually processes personal data for behavioral advertising and other personalized services. Complainants argued that this violated the GDPR. “
The DPC issued the fine after concluding that Meta was not sufficiently transparent with its users in outlining the legal basis on which personal data is processed.
After consultation with the European Data Protection Board (EDPB), the guidance body for the GDPR, Meta Ireland has established a ‘contractual legal basis’ as providing a lawful basis for the processing of personal data for the following purposes: It was also decided not to have the right to rely on grounds. behavioral advertising. “
However, Meta was quick to counter that its approach respects the GDPR and will always be transparent to “regulators and courts” about using contractual necessity as the legal basis for data processing. claimed to keep
“There is a lack of regulatory clarity on this issue, and there has been ongoing debate among regulators and policy makers for some time about which legal basis is most appropriate in a given situation. , has also been debated by the EU Supreme Court, which may reach quite different conclusions.
“That is why we strongly disagree with the DPC’s final decision and believe that, given the nature of our service, we are fully compliant with the GDPR by relying on our contractual need for behavioral advertising. Given that the regulators themselves disagreed on the issue until the final stages of the December process, how has the approach thus far been criticized? It is difficult to understand what the fines imposed.”
Editorial Credit Icon Image: Sergei Elagin / Shutterstock.com
