The EDPB issued an urgent binding decision that essentially bans Meta from using personal data for behavioral advertising in the entire European Economic Area (EEA).

  • @MrOxiMoron
    link
    English
    718 months ago

    Now I would also like a ban on using my personal data to train an AI model. Soon we’ll get ads based on ai prediction based on our personal data as an indirect way to still do the same things.

    • loobkoob
      link
      fedilink
      198 months ago

      Nowadays, you have to assume your personal data being used to train an AI model is the cost of signing up to any free website unless they explicitly tell you otherwise.

      • The Hobbyist
        link
        fedilink
        English
        138 months ago

        Right. That’s the point. Let’s make that illegal. The same way you can’t sign a contract to give away any other rights.

    • r00ty
      link
      fedilink
      28 months ago

      Sounds a bit too close to a black mirror episode to me. The one with the dating site.

      Yeah, if they can, they will.

  • @TheFeatureCreature
    link
    English
    338 months ago

    She also highlighted that Meta has not shown compliance with the orders set by Ireland’s Data Protection Act (IE DPA) last year.

    Because getting caught and fined a couple million isn’t even a minor business expense to these companies. Stop acting surprised when they don’t follow your rules when you fine them 0.007% of their yearly profits.

    Like,

    Despite this, Facebook and Instagram remained operational in Norway, where EU data protection laws prohibit such advertising practices. The platforms faced a daily fine of one million Norwegian kroner (around €89,000).

    Their bean counters probably laughed out loud when they were told about this, and I wouldn’t blame them. This is a joke. They probably spend more on toilet paper for their office workers. Meta has nearly 200 BILLION (with a B!) in assets. Treat them like it.

    • Poggervania
      link
      fedilink
      7
      edit-2
      8 months ago

      I always thought it would be a good idea to fine publicly traded corporations a percentage of their market cap + 10%, going up to maximum of 100% market cap + 10%.

      If Meta is worth $817B USD, then we should treat them like it.

      • @[email protected]
        link
        fedilink
        English
        88 months ago

        GDPR:

        These types of infringements could result in a fine of up to €20 million, or 4% of the firm’s worldwide annual revenue from the preceding financial year, whichever amount is higher.

        4% can be a lot in absolute numbers for these massive corporations. But it’s such a low percentage that it could indeed be included in operational cost and then be ignored.

        • @Armok_the_bunny
          link
          English
          58 months ago

          It helps a lot that that’s revenue and not profit, so it ignores other expenses. Of course, I don’t know how much that matters, but it is still enough to hurt.

          • @[email protected]
            link
            fedilink
            English
            28 months ago

            I’d say that’s a huge problem actually.

            For a normal company, abusing data is a small part of their business and profit is a few percent of revenue, so such a fine would be devastating.

            For some tech companies, profit is in the double digit percent of revenue and half of it comes from breaking the law, so the 4% are a tax they can happily pay and still be more profitable than if they followed the law.

            • @[email protected]
              link
              fedilink
              English
              28 months ago

              Depends. It’s up to 4% of the yearly revenue per court ruling. And not necessarily once per year. If you were to continue to ignore these rulings and continue abusing the data, that can rack up fast. Pay once - that may or may not be a problem. Pay monthly - there goes up to 48% of your yearly revenue.

              • @[email protected]
                link
                fedilink
                English
                28 months ago

                It’d be great if that was how it works, unfortunately it seems like the penalties are closer to once every 3-5 years than monthly, skewing the balance even further to “screw the law, just pay the fee”:(

                • @[email protected]
                  link
                  fedilink
                  English
                  18 months ago

                  They won’t hand out fines every few weeks easily. And usually you cannot get fined twice for the same thing. BUT it was a (albeit able bit exaggerated) projection what could happen, if you constantly ignore the court orders and continue breaking the law. At first, you might get some time to change your processes, get compliant, … but when it won’t stop, you get fined again. And it won’t be lenient the further you stress it. Also that’s just the fine for the GDPR violation itself. Ignoring court orders, violating the law continuously,… will get you other fines - assuming you don’t change you behavior.

                  It will take a while to get there, sure and I think Meta will try to continue processing this data as mich as they can, but the EU doesn’t look like they’re joking too much.

        • Poggervania
          link
          fedilink
          18 months ago

          Oh man that sounds juicy 🤤

          Only change I’d argue for is to go off market cap instead of annual worldwide revenue though because you can say some insanely small amount on paper like 4%, but then that same 4% turns from ~$5B USD with annual revenue to ~$33B USD with market cap. But because we’d also want to actually deter businesses from breaking it and considering it a cost of business, I would think something like a fine of 110% of market cap value would be a huge deterrence.

    • @[email protected]
      link
      fedilink
      English
      08 months ago

      No, the article is just regurgitating old news and the old misleading claim (omitting the critical part that they’re only banned from using data “on the basis of contract and legitimate interest”).

      This “news” is what made Facebook start with the “agree or pay” bullshit.

        • @[email protected]
          link
          fedilink
          English
          08 months ago

          Weird. The article does have today’s date but only mentions the Nov 10 decision. I think maybe what happened today is the publication of the full text of the decision?

  • @[email protected]
    link
    fedilink
    English
    158 months ago

    Same misleading nonsense. If you follow the links it becomes obvious that it’s the old news banning FB from using the data on the basis of contract and legitimate interest - which they’re avoiding by claiming “consent” after people choose that they’d rather not pay a triple-digit amount per year to use the site.