This week, Meta was fined €390 million ($410 million) by the European Union for illegally forcing users to accept personalized ads or stop using its services. It now has three months to outline how it will change its practices to comply with EU law.
The General Data Protection Regulations (GDPR) came into force in 2018 and since then, they’ve been a major headache for Meta. Amongst other things, it requires organizations to be transparent about why they are collecting data, have a lawful reason to do so, and get clear, affirmative consent users. This is why so many sites inflict large GDPR popups on visitors, and it’s what has caused Meta its latest issues.
This fine stems from two complaints, one against Facebook and one against Instagram, both filed on May 25, 2018, —the date that GDPR came into operation. In essence, Meta attempted to comply with GDPR by changing the Terms of Service so that personalized ads and other data-driven services were a core part of what the company offered. By clicking “I Accept” on the Terms of Service popup, users weren’t opting into personalized ads, they were agreeing to a contract with Meta that happened to include them. Both complaints argued that by doing this, Meta was forcing users to opt-in to data collection and thus was falling afoul of the requirements of the GDPR.
The specifics of Meta’s legal wangling get into the weeds, but the gist of it is that the Irish Data Protection Commission (which is Meta’s main regulator in Europe as it has its headquarters there) found that the company was in breach of its obligations to be transparent with users about what data it was collecting and why. As a result, it was fined €210 million ($~ 221 million) for Facebook and €180 million ($~ 189 million) for Instagram and it has been given three months to outline how it will comply with the ruling and bring its Terms of Service in line with GDPR.
These latest penalties bring the total that Meta has been fined by the EU in the past 12 months to more than $1 billion. According to the Irish Times, the company has set aside $2 billion to deal with the penalties it expects to receive this year.
While the fines amount to a small chunk of its overall profits, Meta’s revenue fell last quarter for the first time and it laid off more than 11,000 employees worldwide. It also has to contend with declining advertising revenue and major investments in the Metaverse that, so far, does not seem to be paying off.
Meta isn’t the only company having issues with the EU. Over the past few years, the 27-country bloc has been open in its attempt to control how the US tech giants operate within its borders. Amazon, Twitter, and Google have all been hit with fines for breaching the terms of GDPR. A new law that requires all portable electronic devices to use USB-C is forcing Apple to ditch its lightning connector. Over the next two years, the Digital Markets Act (DMA) is going to add a whole host of new obligations to “online gatekeepers”—including forcing Apple to open up its App Store. While the wheels of bureaucracy turn very very slowly, the US tech giants might finally be facing a reckoning in Europe—though expect the legal process to drag out for the next decade.