Meta has avoided billion-dollar sanctions for profiling ads using personal data, activists are alarming

For several years, financial penalties for the giants of the technology industry for various types of offenses have been an indispensable element of the industry – to such an extent that companies have started to include the expected expenses for legal repression in their budgets. The amount of fines, due to their size and nature, is controversial. Some believe that they are still too low and as such encourage breaking the law, while others see them as an international attack on business.

The European Center for Digital Rights alarms that Meta, as part of the penalty of January 4, 2023 imposed by the Irish personal data protection authority, avoided more serious consequences than EUR 390 million. Ten times the amount awarded was at stake.

Facebook is planning to enter financial services. To start with, a digital currency – Zuck Buck

To begin with, it should be recalled why European clashes between regulators and Mark Zuckerberg’s company are taking place in Dublin. Ireland is home to many tech giants (for example Apple or Twitter) for tax purposes and therefore has perhaps the busiest data protection authority in the European Union. On January 4 this year, the Data Protection Commission imposed a fine of EUR 390 million for reprehensible practices related to the personalization of ads on Facebook and Instagram (justification is available at the link). This decision ended a several-year-long battle related to the answer to the question whether profiled advertisements – in the manner in which Meta organized them – violate the principles set out in the EU GDPR regulation.

The fate of Facebook in Europe hangs in the balance. If Meta does not work out an agreement with the EU, the service may disappear with us

It has been assumed that consenting to the new regulations of Facebook or Instagram does not constitute a proper legal basis for actions taken by Meta. The Irish authority was assisted in its decision by the European Data Protection Board. On December 5, 2022, the latter also commissioned the DPC to calculate Meta profits related to violations of the GDPR and include them in the financial sanctions imposed. The further actions of Irish officials may be surprising – it was considered that the authority is unable to estimate these profits, and therefore cannot include them in any way in the account. The office did not even ask the company for the amount.

Metadata and data – a treasury of knowledge about us and our habits

NOYB, based on publicly available information, presented calculations (as they declare – they collected them in an hour), according to which the fine for Zuckerberg’s company should increase by approximately EUR 3.97 billion. Such a state of affairs would also be in line with the repressions provided for in the GDPR (the total amount may not exceed 4% of the annual global turnover). In this connection, the question arises about the attitude of the Irish people. Already in the past, it raised many doubts, because it was characterized by instability. This leads to a bizarre situation in which violation of the law – due to the restraint of supervisory authorities – becomes a caricatured cost of doing business, counted in billions of euros. This is a signal that it simply pays to violate the GDPR. NOYB requested clarification from the DCP and wrote to the European Data Protection Board requesting further action.

Source: European Center for Digital Rights (NOYB)