A European Union privacy regulator fined Facebook and Instagram parent company Meta over $400 million for illegally forcing users to agree to receive personalised ads based on their online activity.
According to Forbes, the EU agency stated this in its ruling on Wednesday, fining Meta 210 million euros for violating the European Union’s strict data privacy rules involving Facebook and another 180 million euros for breaches involving Instagram.
It is the commission’s fourth fine for Meta’s data privacy violations since 2021, with a total of more than 900 million euros.
The decision is the result of complaints filed in May 2018, when the privacy rules of the EU’s 27 member states, known as the General Data Protection Regulation, or GDPR, went into effect.
In the past, Meta relied on users’ informed consent to process their personal data in order to show them behavioural or personalised ads. By including a clause in the terms of service for advertisements, the company changed the legal basis on which it processes user data when GDPR went into effect, effectively requiring users to consent to the use of their data. That goes against EU privacy laws.
The commission said Meta “is not entitled to rely on the ‘contract’ legal basis to deliver behavioural adverts on Facebook and Instagram.”
Reacting to the ruling, Meta said they are not satisfied with the decision and therefore, they are planning to appeal.
“We strongly believe our approach respects GDPR, and we’re therefore disappointed by these decisions and intend to appeal both the substance of the rulings and the fines,” the company said.