The Guardian | Dan Milmo | Jan 4, 2023

Irish regulator fines Facebook owner €390m after EU rejects argument for use of data to drive personalised ads

Campaigners said the move could force the Facebook and Instagram owner to ask users to “opt in” to having their data used for targeted ads.

Ireland’s Data Protection Commission (DPC) has fined Meta a total of €390m (£343m), after the EU’s data authority rejected the company’s argument that users agree to receive ads based on their personal data when they enter into a “contract” with its social media platforms via the terms and conditions they sign.

See:  EU PSD2 and Open Finance – call for evidence

The DPC had initially backed Meta’s legal argument that the “contract” approach did not breach the EU’s general data protection regulation (GDPR), but it said on Wednesday it had to follow the binding recommendations of the bloc’s European Data Protection Board, which is comprised of all EU privacy regulators.

“This is a huge blow to Meta’s profits in the EU,” he said. “People now need to be asked if they want their data to be used for ads or not. They must have a ‘yes or no’ option and can change their mind at any time. The decision also ensures a level playing field with other advertisers that also need to get opt-in consent.”

Meta said in a statement it would appeal against the decision and that it was “incorrect” that personalised ads could no longer be offered without users’ consent following the DPC announcement.