The European data regulator said on Wednesday it has agreed to extend a ban imposed by non-EU member Norway on “behavioral advertising” on Facebook and Instagram to all 30 countries in the European Union and the European Economic Area.
The ban on advertising that targets users by harvesting their data is a blow to US tech giant Meta Platform, the owner of two social media services, which has resisted efforts to curb the practice. The Norwegian data regulator said Meta risked a fine of up to 4 percent of its global turnover.
The decision by the European Data Protection Board (EDPB) is an instruction to the data regulator of Ireland, where Meta’s European headquarters are located, to impose a permanent ban on the company’s use of behavioral advertising within two weeks, EDPB said in a statement to Reuters.
“On 27 October, the EDPB adopted an immediately binding decision banning the processing of personal data for behavioral advertising based on the legal basis of contract and legitimate interest throughout the European Economic Area.”
Meta said on Wednesday it had already said it would give users in the EU and EEA the opportunity to consent, and would introduce a subscription model in November to comply with regulatory requirements.
A company spokesperson said, “EDPB members have been aware of the plan for several weeks and we have already worked fully with them to reach an outcome satisfactory to all parties.” “This development inappropriately ignores that careful and robust regulatory process.”
Since August 7, Meta is being fined 1 million crowns ($90,000) a day in Norway for violating users’ privacy by using their data, such as location or browsing behavior, for advertising, for which Big Tech is a Common business model.
The Norwegian data regulator, Datatilsynet, said in September that it had referred the ongoing fine to the European regulator, because its fine was only valid in Norway. According to Tobias Judin, head of Datatilsynet’s international section, the fine will expire on November 3, but Meta could be at risk of very heavy financial penalties.
“Since we will now get a permanent ban, non-compliance with an EU/EEA-wide ban would in itself be a violation of the GDPR, which could be sanctioned for up to 4 percent of global turnover,” Judin told Reuters.
GDPR, the General Data Protection Regulation, is a European Union regulation on information privacy. Norway is not a member of the European Union but is part of the European single market. Datatilsynet said the decision will affect about 250 million Facebook and Instagram users in Europe.