Meta Platforms, the parent company of Facebook and Instagram, is facing daily fines for violating European data privacy rules in Norway, according to the country’s data regulator. The case has implications beyond Norway and could impact the wider European region.
The data regulator, Datatilsynet, has imposed a fine of one million crowns per day on Meta since August 14th for breaching users’ privacy by collecting their data and using it for targeted advertising. This practice, known as behavioural advertising, is a common business model among Big Tech companies.
Meta is now seeking a temporary injunction against the order, which requires them to pay the daily fine for the next three months. However, the fine remains valid as Meta is not complying with the European General Data Protection Regulation (GDPR), according to Hanne Inger Bjurstroem Jahren, a lawyer representing Datatilsynet.
During the two-day hearing, Bjurstroem Jahren stated, There is no discussion on whether the company is in violation of these rules … Today Meta breaks GDPR rules. This indicates that the company has clearly flouted the regulations.
Meta argued on Tuesday that it has already committed to obtaining users’ consent and accused Datatilsynet of using an unnecessary and expedited process that did not provide them with enough time to respond. However, the regulator contends that Meta has not provided a clear plan for obtaining consent and that users’ rights continue to be violated.
The next step would be for Datatilsynet to refer its decision to the European Data Protection Board, which has the authority to make the fine permanent if it agrees with the Norwegian regulator’s ruling. If this occurs, the decision could have broader implications across Europe. However, Datatilsynet has not yet taken this step.
It is worth noting that Norway is not a member of the European Union but is part of the European single market. This establishes the context in which the case is being pursued.
In conclusion, Meta Platforms is currently facing significant daily fines in Norway for violating European data privacy rules. The outcome of this case could set a precedent for similar actions against Big Tech companies in the future.