Earlier today Meta, the parent company of Facebook and Instagram, was fined 390 million euros and found guilty under European Union Law of violating the provisions of the General Data Protection Act (GDPR) that regulates the way that companies use consumer data. The decision is likely to be appealed and could have huge ramifications for the way that large social media platforms use consumer data for targeted advertising – a huge source of revenue. The New York Times noted that Meta generated $118 billion in revenue in 2021 from targeted advertising.
From a brand perspective, if your company uses consumer data for targeted advertising it is critical to understand the infrastructure and privacy requirements that the GDPR imposes so that you do not run afoul of the law. Further, the decision also makes it unclear how a company knows if it is in compliance with GDPR rules. Specifically, before this decision, GDPR regulators in Ireland found that Meta’s did not violate the terms of the GDPR by getting permission from users via the company’s terms of use. This decision, by a group of regulators from different countries, is obviously a rebuke of that decision.
