According to a confidential EU privacy watchdog decision, Meta cannot run advertising based on personal data and will require users’ consent to do so.
The European Data Protection Board (EDPB), a steering body for the General Data Protection Regulation (GDPR), confirmed it had intervened with three binding decisions in three complaints filed by European privacy campaign group noyb against Meta platforms Facebook, Instagram, and WhatsApp.
This followed complaints about Meta’s forced consent to process users’ personal data that surfaced in May 2018, despite GDPR’s requirement that users be given a free choice over data processing unless it is strictly necessary for the provision of the service. Meta was using the personal information to create user profiles for its behavioral advertising model.
However, the EDPB has not yet released its decision because protocol requires it to forward it to the Irish Data Protection Commission (IDPC), as Meta’s European operations are based in the Emerald Isle. Following this, the IDPC will make the final decision.
The sources for this piece include an article in Reuters.