Meta, Facebook, and Instagram’s parent company was fined $414 million by Ireland’s Data Protection Commission (DPC) for violating EU privacy regulations. The DPC claims that Meta illegally coerced consumers to consent to customized and targeted ads. As a consequence, Meta will pay around $223 million for violating Facebook’s privacy standards and approximately $191 million for its Instagram actions.

The decision comes after Meta was accused of violating the General Data Protection Regulation twice in 2018. (GDPR). The GDPR is a series of legislation that help in the protection of EU individuals’ personal data. It gives EU people greater say over how businesses collect, use, and share their personal data. Furthermore, the GDPR makes it illegal for organizations to keep customer information without the client’s consent. This decision underlines the need to adhere to strong privacy standards and the consequences that businesses may face if they do not.

What Did Meta Allegedly Do Wrong?

According to the DPC, Meta forced customers to accept terms of service that, in practice, encouraged them to sign additional terms and conditions permitting their data to be used for targeted ads in order for them to continue using their accounts. Furthermore, the DPC claims that the language used in the terms of service was ambiguous and did not fully warn users about how their data was being handled.

Meta Disagrees with the Decision

In reaction to the DPC’s decision, Meta announced plans to appeal, claiming that its approach to data protection complies with GDPR. According to the company, tailored advertising is a common feature of social media, and Facebook and Instagram are inherently personalized. Meta writes in a blog post:

“Facebook and Instagram are inherently personalized, and we believe that providing each user with their own unique experience – including the ads they see – is a necessary and essential part of that service. To date, we have relied on a legal basis called ‘Contractual Necessity’ to show people behavioral advertisements based on their activities on our platforms, subject to their safety and privacy settings. It would be highly unusual for a social media service not to be tailored to the individual user.”

Regardless of the ruling, companies can continue to use targeted advertising campaigns on Instagram and Facebook, according to Meta.

“It’s important to note that these decisions do not prevent personalized advertising on our platform.”

What Will Happen Next?

Meta has the legal right to appeal the DPC’s decision and will not be required to make adjustments until a final verdict in court is made. To that end, the DPC provided no precise information regarding the adjustments Meta must make in order to comply with GDPR.