Authored by Tom Ozimek via The Epoch Times (emphasis ours),
In a groundbreaking ruling, the highest court in the European Union (EU) has declared that Meta, the parent company of Facebook, cannot utilize personal data collected from its own platforms or external sources for targeted advertising without complying with strict limitations and regulations set forth by the EU’s privacy laws.
The decision, which has been praised by privacy advocates, was handed down on Oct. 4 by the Court of Justice of the European Union in response to a legal action initiated by Austrian activist Max Schrems, a vocal supporter of stricter enforcement of the EU’s General Data Protection Regulation (GDPR).
Schrems accused Facebook of using his sensitive personal data to target him with ads in violation of the GDPR, specifically the data minimization rule that mandates companies to limit the collection and storage of personal data to what is strictly necessary.
The court ruled in favor of Schrems, stating that Meta’s data practices contravened GDPR principles. According to the court, Meta aggregated and processed large amounts of user data for advertising purposes without appropriate restrictions on time or the type of data involved.
The judges emphasized in their ruling that the relevant provisions of the GDPR “must be interpreted as meaning that the principle of data minimization outlined therein prohibits any personal data obtained by a controller, such as the operator of an online social network platform, from the data subject or third parties and collected either on or outside that platform, from being aggregated, analyzed, and processed for targeted advertising purposes without limitations on time and without distinguishing the type of data.”
The court’s decision underscored the stance that even users who consent to personalized ads cannot have their data processed indefinitely, as Meta had been doing.
Katharina Raabe-Stuppnig, Schrems’ attorney, expressed contentment with the ruling, while highlighting the broader implications of the judgment for the online advertising sector, pointing out that other companies that do not adhere to strict data deletion practices will also be impacted.
“Meta has essentially been amassing a vast data pool on users for two decades now, and it continues to grow every day. However, EU law mandates ‘data minimization,'” she stated in a commentary. “Following this ruling, only a fraction of Meta’s data pool will be permitted for advertising—even when users consent to ads. This ruling also applies to any other online advertising company that lacks rigorous data deletion practices.”
In response to the court’s ruling, Meta released a statement indicating that it is reviewing the judgment while reiterating its commitment to privacy.
“Every individual using Facebook has access to an array of settings and tools that enable them to control how we utilize their information,” the company noted, emphasizing that it “takes privacy very seriously.”
The ruling represents another setback for Meta in Europe, where it has encountered numerous legal and regulatory hurdles in recent times. The tech giant has been the subject of multiple investigations, particularly regarding compliance with the GDPR.
The EU’s scrutiny extends beyond data privacy to encompass concerns about how digital platforms’ algorithms and system designs influence behavior. Meta’s recommender systems, which drive its ad-focused business model, are under examination for potentially promoting addictive behaviors, especially among minors.
Loading…