Authored by Tom Ozimek via The Epoch Times (emphasis ours),
In a landmark decision, the top court in the European Union (EU) has ruled that Facebook parent company Meta cannot use personal data gathered from its own platforms or from external sources for targeted advertising without adhering to strict limits and restrictions under the bloc’s privacy laws.
The ruling, hailed as a victory by privacy advocates, was issued on Oct. 4 by the Court of Justice of the European Union, in response to a lawsuit brought by Austrian activist Max Schrems, who has long campaigned for stricter enforcement of the EU’s General Data Protection Regulation (GDPR).
Schrems accused Facebook of processing his sensitive personal data to serve him with targeted ads in violation of the GDPR, specifically the data minimization rule, which requires companies to limit the amount of personal data collected and stored to what is strictly necessary.
The court sided with Schrems, stating that Facebook parent Meta’s data practices violated GDPR principles. Meta, according to the court, aggregated and processed vast amounts of user data for advertising purposes without appropriate restrictions on time or the type of data involved.
The judges wrote in their ruling that the relevant provisions of the GDPR “must be interpreted as meaning that the principle of data minimisation provided for therein precludes any personal data obtained by a controller, such as the operator of an online social network platform, from the data subject or third parties and collected either on or outside that platform, from being aggregated, analysed and processed for the purposes of targeted advertising without restriction as to time and without distinction as to type of data.”
The court’s decision highlighted the determination that even users who consent to personalized ads cannot have their data processed indefinitely, as Meta had been doing.
Katharina Raabe-Stuppnig, Schrems’ lawyer, expressed satisfaction with the ruling, while emphasizing the wider implications of the decision for the online advertising industry, noting that other companies operating without stringent data deletion practices will also be affected.
“Meta has basically been building a huge data pool on users for 20 years now, and it is growing every day. However, EU law requires ‘data minimisation,’” she said in a statement. “Following this ruling only a small part of Meta’s data pool will be allowed to be used for advertising—even when users consent to ads. This ruling also applies to any other online advertisement company, that does not have stringent data deletion practices.”
In response to the court’s decision, Meta issued a statement saying it was reviewing the judgment while reaffirming its stated commitment to privacy.
“Everyone using Facebook has access to a wide range of settings and tools that allow people to manage how we use their information,” the company said in a statement, adding that it “takes privacy very seriously.”
The ruling is the latest setback for Meta in Europe, where it has faced numerous legal and regulatory challenges in recent years. The tech giant has been at the center of multiple investigations, particularly around compliance with the GDPR.
The EU’s focus extends beyond data privacy to include concerns about how digital platforms’ algorithms and system designs impact behavior. Meta’s recommender systems, which power its advertising-driven business model, are under scrutiny for potentially fostering addictive behaviors, particularly in minors.
Authored by Tom Ozimek via The Epoch Times (emphasis ours),
In a landmark decision, the top court in the European Union (EU) has ruled that Facebook parent company Meta cannot use personal data gathered from its own platforms or from external sources for targeted advertising without adhering to strict limits and restrictions under the bloc’s privacy laws.
The ruling, hailed as a victory by privacy advocates, was issued on Oct. 4 by the Court of Justice of the European Union, in response to a lawsuit brought by Austrian activist Max Schrems, who has long campaigned for stricter enforcement of the EU’s General Data Protection Regulation (GDPR).
Schrems accused Facebook of processing his sensitive personal data to serve him with targeted ads in violation of the GDPR, specifically the data minimization rule, which requires companies to limit the amount of personal data collected and stored to what is strictly necessary.
The court sided with Schrems, stating that Facebook parent Meta’s data practices violated GDPR principles. Meta, according to the court, aggregated and processed vast amounts of user data for advertising purposes without appropriate restrictions on time or the type of data involved.
The judges wrote in their ruling that the relevant provisions of the GDPR “must be interpreted as meaning that the principle of data minimisation provided for therein precludes any personal data obtained by a controller, such as the operator of an online social network platform, from the data subject or third parties and collected either on or outside that platform, from being aggregated, analysed and processed for the purposes of targeted advertising without restriction as to time and without distinction as to type of data.”
The court’s decision highlighted the determination that even users who consent to personalized ads cannot have their data processed indefinitely, as Meta had been doing.
Katharina Raabe-Stuppnig, Schrems’ lawyer, expressed satisfaction with the ruling, while emphasizing the wider implications of the decision for the online advertising industry, noting that other companies operating without stringent data deletion practices will also be affected.
“Meta has basically been building a huge data pool on users for 20 years now, and it is growing every day. However, EU law requires ‘data minimisation,’” she said in a statement. “Following this ruling only a small part of Meta’s data pool will be allowed to be used for advertising—even when users consent to ads. This ruling also applies to any other online advertisement company, that does not have stringent data deletion practices.”
In response to the court’s decision, Meta issued a statement saying it was reviewing the judgment while reaffirming its stated commitment to privacy.
“Everyone using Facebook has access to a wide range of settings and tools that allow people to manage how we use their information,” the company said in a statement, adding that it “takes privacy very seriously.”
The ruling is the latest setback for Meta in Europe, where it has faced numerous legal and regulatory challenges in recent years. The tech giant has been at the center of multiple investigations, particularly around compliance with the GDPR.
The EU’s focus extends beyond data privacy to include concerns about how digital platforms’ algorithms and system designs impact behavior. Meta’s recommender systems, which power its advertising-driven business model, are under scrutiny for potentially fostering addictive behaviors, particularly in minors.
Loading…