Meta has been fined for its management of Facebook and Instagram, which could develop important administrative consequences in the EU.
In 2018, the debut of the General Data Protection Regulation (GDPR) in the European Union promised to create a systemic shock that was expected to upend the digital world to its foundations. In the space of five years something has actually changed, nevertheless many of the impositions related to the EU code are regularly disregarded, above all by those companies that prove to be more influential and which can therefore afford to endure years of trials and investigations. However, on Wednesday January 4th, something seems to have changed: the European authorities targeted Meta with severe measures, requiring the tech company to bring its data collection methods into compliance within three months.
Ireland’s Great Rock
To understand how much this revolution represents a historic turning point, one must take note of the vital role that Ireland has willy-nilly won itself within the legal branch that watches over the technology industry. According to the GDPR, the supervision of any violations perpetrated by digital companies falls within those countries that host their administrative offices. Thanks to a particularly favorable tax landscape for businesses, over the years Ireland has ended up hosting a substantial portion of the Big Tech companies present on European soil, with the result that the Data Protection Commission (DPC) of Dublin has taken charge of a job of important proportions, running aground.
The Irish Council for Civil Liberties (ICCL) estimated that from 2018 to 2021 the DPC responded to only 2% of the important cases submitted to it, a statistic disputed by Irish bureaucrats, who claimed that 65% of complaints have been resolved in the analyzed time frame. 86% of these in the form of "friendly resolutions", i.e. closed by concession of the companies themselves. Officially, the inefficiency of the Data Protection Commission is caused by a systemic staff shortage that has never been remedied, however there are elements that lead to think the nation has found itself in a position of conflict of interests, inextricably linking their economic condition to the favor and satisfaction of Big Tech. An indication of this reading can be found when, in 2016, the EU Commission had condemned Apple to refund 13 billion euros of unpaid taxes to Ireland: at the time it was Dublin itself that appeal against the Union in order to favor the important technological company.
Understanding the situation, the various Member States circumvented the Irish sloth by leveraging as they can on the more obsolete ePrivacy Directive, however this code is not able to fully replace the GDPR, so certain substantial elements have remained bogged down in the Irish limbo for a long time with poor prospects. One of the topics that has irreparably got stuck in the bureaucratic machine is that of data collection and management by Meta, a company that between Facebook, Instagram and Whatsapp boasts a treasure trove of users from which to steal a virtually infinite amount of information.
Max Schrems on
In 2018, as soon as the GDPR entered into force, the Austrian lawyer Max Schrems promptly took up the arms made available to him by law to ask that the company founded and led by Mark Zuckerberg stick to the legal tracks that determine which are the rules by which to deliver targeted advertising to the European public. Meta has long tried to demonstrate that the codes in question could lend themselves to a flexible interpretation, that users should not be subjected to an informed choice, but that their informed consent was enough to steal the information protected by the EU. Meanwhile internal documents intercepted in April 2022 by VICE painted an awkward picture for the company, revealing how Big Tech had little interest in complying with the law, since giving up the profiling of its users would necessarily end up undermine the economic return guaranteed by the advertising activity.
In relation to the specific issue, the DPC had decided to fine Meta for an amount between 28 and 36 million euros, but Brussels did not agree and intervened to ask for a more severe punishment, with the result that the sanction increased to a total of 390 million euros, 210 for Facebook and 180 for Instagram. However, the impact of the EU extends far beyond the purely financial side. The European Data Protection Board (EDPB), the European agency that deals with data protection by companies, entered into open conflict with the Data Protection Commission, arguing that the contractual framework of informed consent could not be considered valid and that the company must therefore fix its "processing operations" within three months. Or at least devise some new loophole that guarantees it to adamantly preserve the status quo established in its years of activity.
“We strongly disagree with the DPC’s final decision, given the nature of our services we believe we fully comply with the GDPR in relying on contractual necessity to manage targeted advertisements,” announced a Meta spokesperson. “Accordingly, we will appeal the content of the decision". However, the Data Protection Commission also has a poisoned tooth, which, having forced its hand, now claims to take the EDPB before the Court of Justice EU complaining that the European Union has in fact overstepped its authority. In parallel with Facebook and Instagram, European supervision will soon have to issue a decision also with regard to the messaging app Whatsapp, however the approach that is being outlined could easily also influence any entity competing with those belonging to the ’umbrella of Meta. Targeted advertising is, moreover, the main livelihood of all social media companies, from TikTok to Google, so the fate of this specific battle can only influence all the legislative decisions that will be taken in the future by the European institutions, outlining a prospect that could see the end of the surveillance economy.
Original article published on Money.it Italy 2023-01-08 15:36:00. Original title: L’Europa contro Meta: l’economia della sorveglianza verso il declino?