Meta Violates GDPR with Non-Compliant Targeted Ad Practices, Earns Over $400 Million in Fines

Meta has been once again hitting with a major GDPR violation. As of January 4, 2023, Meta has earned itself a fine of more than $400 million for its latest data privacy misstep. The EU’s Ireland-based Data Protection Commission levied two sets of fines after ruling that EU-based users have been illegally forced to accept personalized, targeted ads from Meta – Facebook, and Instagram.

This is one of the most severe GDPR rulings ever since it GDPR was first instituted in 2018, but it’s certainly not Meta’s first-ever dent in the pocket violating the regulation.

Facts about Meta’s 2023 GDPR Targeted Ads Violation

Meta started the new year on a sour note, firstly it lost a flagship GDPR case based on its targeted advertising practices and now it has to pay fines of over $400 million, or €390 million. This ruling was made by Ireland’s Data Protection Commission, which is an Ireland-based branch of the European Union’s GDPR regulators.

Take a look at some of the most important facts about this latest violation and ruling:

• Meta has been fined for violating EU user privacy rights, with non-compliant targeted advertising practices on its two platforms – Facebook and Instagram.
• To be more specific, Met is under fire for adding a clause to its advertising terms of services that require users to share their personal data; this is a direct violation of the GDPR-based privacy rights of EU users.
• For violations on Facebook, €210 million in fines were issued, on the other hand, €180 million were issued for Instagram violations.
• This violation case was processed in Ireland as Meta’s regional headquarters is located in Dublin.
• At first, Ireland’s regulator ruled in favor of Meta, but their position changed after an EU board of regulators from the greater EU bloc objected to their ruling.
• Though Meta believes its advertising practices align with GDPR and plans to appeal this ruling.
• Even though the ruling has only just been made, it goes back to 2018, the year GDPR was first put into effect.
• Meta has around three months from the time of this ruling to achieve GDPR compliance.

What this could Mean for Meta?

This latest violation may seem like nothing to the feather of Meta’s non-compliance cap, but it’s much more than that. This case illustrated bigger issues and challenges in the tech giant’s business model.

With this ruling, the longer-term success of Facebook’s and Instagram’s revenue models is in jeopardy. Meta’s child brand – Facebook and Instagram relies heavily on user data collection in order to conduct behavioral analytics and granularly target advertising campaigns.

Much of the revenue from the two websites comes directly from the clicks and engagement-targeted ads that are generated. Thus, to lose a segment of user data as big as the EU’s 27-nation bloc’s population is a major concern for the future of the platform’s continued growth.

Lastly, hefty fines definitely not ideal for a company that is already struggling with massive waves of layoffs and the other pains that come with several quarters of stagnating growth. Still, Meta is one of the largest tech companies in the world, but it is now struggling to keep up with the massive scale and vision it has set out for itself.

Regardless of what the future hold for Meta or its other lofty projects, GDPR and other regulatory compliance efforts should be the company’s first and foremost priority. Neither consumers nor brands would associate themselves with a company that they don’t trust.

Read next: The Future of CTV Lies in New Forms of Audience Engagement