Facebook fined for breaching EU Privacy Law

What’s in today’s article?

• Why in news?
• What Is the General Data Protection Regulation (GDPR)?
• What is GDPR compliance?
• News Summary: Facebook fined for breaching EU Privacy Law 
• Why did the ruling come from the Irish regulator?
• What is the significance of this ruling?

What Is the General Data Protection Regulation (GDPR)?

• GDPR is a legal framework that sets guidelines for the collection and processing of personal information from individuals of the European Union (EU).
  • The law was approved in 2016 but didn’t go into effect until May 2018.
• It imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU.

What is GDPR compliance? 

• Under the terms of GDPR, not only do organisations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it are obliged to protect it from misuse and exploitation.
• Companies are also required to respect the rights of data owners – or face penalties for not doing so.

‹ ›

News Summary: How much fine Meta has been slapped with by the Irish Data Protection Commission?

• Meta Platforms was hit with €390 million ($414 million) in fines by the Irish Data Protection Commission (DPC) for breaking EU data rules.
• The authorities had concluded that the way Meta asked permission to use peoples’ data for ads on Facebook and Instagram was unlawful.

Why did the ruling come from the Irish regulator?

• As per the GDPR, cross-border cases are to be handled by the data-protection authority in the country where the company is based.
• As a result, the Irish DPC is the lead regulatory authority for Meta and a number of other US tech majors that have their headquarters in Ireland.

What is the significance of this ruling?

• The outcome of the case buttresses the overarching theme of the EU’s GDPR: 
  • the right of the individual over her data; and 
  • the need for a person to give explicit consent before their data can be processed.
• The DPC’s decision could imply that Meta would have to tweak its apps to ensure that they do not leverage personal data for advertising.
• That could be a big blow to the company in terms of how its advertising model works: 
  • Meta earlier relied on a user’s consent to process this information for the purposes of behavioural ads.
  • However, it tweaked the terms of service for both Facebook and Instagram on the processing of the information after the GDPR kicked in.
  • But these changes, activists allege, essentially forced users to accept the processing of their information for ad targeting for essentially using the platforms.
• Given that the EU is the de facto global technology regulator, the rulings based on the GDPR’s broader tenets could have resonance across geographies, including India.
• In India, the government is currently working on a policy framework for the tech sector, which includes: 
  • the new personal data protection bill, 
  • a comprehensive digital India Act that would eventually replace the existing IT Act, and 
  • the new telecom Bill.

Q1) What is the European Union and what does it do?

The modern European Union, founded in 1992, attempts to integrate European economies and prevent future conflicts. It consists of seven major institutions and dozens of smaller bodies that make law, coordinate foreign affairs and trade, and manage a common budget.

Q2) What is the aim of GDPR?

At its core, GDPR is a new set of rules designed to give EU citizens more control over their personal data. It aims to simplify the regulatory environment for business so both citizens and businesses in the European Union can fully benefit from the digital economy.

Source: Facebook fined €390 mn for breaching EU privacy law: Why is the ruling significant?  |  GDPR.EU  |  Investopedia