Facebook is expected to face another large fine after Europe’s data watchdog imposed binding decisions concerning the treatment of personal data by the owner of Facebook, Instagram and WhatsApp.
The European Data Protection Supervisor (EDPS) said in a statement that the rulings concerned Meta’s use of data for targeted advertising, but did not give details of its ruling or recommended fines.
Authorities in Ireland, where Meta has its European headquarters, have a month to impose the ruling.
Previous interventions by the EDPS have led to large fines on tech platforms, including a 405-million-euro fine on Instagram in September over a breach in the handling of children’s data.
The latest case follows complaints by privacy campaigning group Noyb that Meta’s three apps fail to meet Europe’s strict rules on data protection.
Noyb says they flouted the landmark General Data Protection Regulation (GDPR) that came into force in May 2018 by failing to give users the option of holding back their personal data and blocking targeted advertising.
Facebook argues these are vital to its functioning.
In October 2021, the Irish Data Protection Authority (DPC) recommended a fine of just 28 to 36 million euros for lack of transparency.
But this was rejected as far too low by France’s CNIL (the National Commission for Technology and Freedoms) and other regional watchdogs, who asked the EDPS to investigate the case.
Meta did not respond to requests for comment on Tuesday.
According to the Politico news site, internal documents show that Meta earmarked three billion euros for possible European fines in 2022 and 2023.
As well as the Instagram fine in September, Meta was fined a further 265 million euros last month over a data leak that saw half a billion users’ details published on a hacking website.
That adds to a 60-million-euro fine in France in January over its use of “cookies”, the digital trackers used to target advertising.