In a significant move, the European Data Protection Board (EDPB) has decided to expand the ban on “behavioral advertising” that was initially imposed by non-EU member Norway on Facebook and Instagram. This expansion now covers all 30 countries within the European Union and the European Economic Area (EEA), Reuters news report said.
The ban on behavioral advertising, which involves targeting users by collecting and utilizing their personal data, has posed a notable setback for Meta Platforms, the U.S. tech giant that owns Facebook and Instagram. Meta has consistently opposed efforts to limit the practice of behavioral advertising, which has been a major part of its business model.
As a result of this development, Meta faces the risk of substantial fines, potentially up to 4 percent of its global turnover, as indicated by the Norwegian data regulator. Meta Platforms has generated revenue of $117 billion in 2022.
The decision by the EDPB is an instruction to the Irish data regulator, where Meta’s European headquarters are located, to enforce a permanent ban on the company’s use of behavioral advertising within two weeks.
The EDPB stated, “On 27 October, the EDPB adopted an urgent binding decision to impose a ban on the processing of personal data for behavioral advertising on the legal bases of contract and legitimate interest across the entire European Economic Area.”
Meta responded by announcing plans to provide users in the EU and EEA with the opportunity to give their consent for such advertising and will introduce a subscription model in November to comply with regulatory requirements.
A company spokesperson stated, “EDPB members have been aware of this plan for weeks, and we were already fully engaged with them to arrive at a satisfactory outcome for all parties. This development unjustifiably ignores that careful and robust regulatory process.”
Since August 7, Meta has been subject to daily fines in Norway amounting to 1 million crowns ($90,000) for breaching users’ privacy through the use of their data, including location and browsing behavior, for advertising purposes. This business model is prevalent among major tech companies.
The Norwegian data regulator, Datatilsynet, referred the ongoing fine to the European regulator in September, as it was applicable only within Norway. This fine is set to expire on November 3, but Meta now faces the potential for a much more substantial financial penalty.
Tobias Judin, the head of Datatilsynet’s international section, warned that non-compliance with the EU/EEA-wide ban could result in penalties of up to 4 percent of Meta’s global turnover, in accordance with the General Data Protection Regulation (GDPR), the EU’s rules on information privacy.
Notably, Norway is not a member of the EU but is part of the European single market. The decision affects approximately 250 million Facebook and Instagram users in Europe, as confirmed by Datatilsynet.
