Norway prohibits Meta from using targeted advertising

Datatilsynet, the Norwegian data protection regulator, has imposed a temporary ban on Meta. On Facebook and Instagram, Norwegian users may no longer be the target of targeted advertising for the time being. According to POLITICO, the ban, which was sent to Meta on July 14, will take effect on August 4. Datatilsynet believes that the data collected for the use of targeted advertising is obtained illegally and constitutes an invasion of privacy.

And they do so in a way that is very intrusive and anything but transparent, according to Datatilsynet. According to the regulator, Meta must limit itself to information that users have consciously released themselves. For example, on the part of their profile where they describe themselves. Meta can work out early under the ban, but only if the company gives users the option to turn off targeted advertising and legally collects the required data.

If Meta remains in default, fines of one million Norwegian kroner will follow for each day that the company is in breach. Converted, this is about 89,000 euros. Facebook and Instagram are not at risk of being banned in Norway. Datatilsynet explicitly states that it will not block entire platforms.

Meta also in violation according to the EU

Not only the Norwegian regulator thinks Meta data for targeted advertising is collected illegally. Last May, Meta was hit with a huge fine of 1.2 billion euros. The sender was the European supervisory authority that supervises compliance with the General Data Protection Regulation (GDPR). The regulator concluded that personal data of European Facebook users was being processed illegally. This data is also stored on American servers, a transfer that is illegal according to the GDPR.

Meta has been given 6 months to ensure that data processing and storage conform to the GDPR. The regulator considers the violation so serious that it has imposed a record fine. These are tough times for Facebook parent company Meta. The Irish regulator has also criticized the revenue model. That’s bad news for Meta, as Meta’s European branch is headquartered in Dublin. This makes the Irish supervisor within Europe the main responsible party. In January, the Irish Data Protection Commission handed out a fine of 390 million euros for breaching privacy legislation.

Targeted advertising is central to the Meta revenue model

The adage “If you don’t pay, you are the commodity.” may not be as universally applicable as some think it is, in the case of Facebook it certainly is. The fact that social media websites and apps collect data about their users can and should no longer surprise anyone. No company grows as big as Meta without a well-functioning revenue model. Meta places advertisements on its platforms and gets paid a lot for it. In order to link advertisements to the most suitable users as efficiently as possible, companies such as Meta use the data they collect. They also sell access to this data to third parties.

That such trade is big business should come as no surprise to anyone either. In 2020, e-commerce made up about 19% of global retail sales. Logically, in a market of such size, huge amounts of money will also be spent on advertising: $491 billion worldwide in 2021. In 2022, this will be even more. To use every dollar as efficiently as possible, complete profiles are drawn up for each user. For example, as an advertiser you can target your ads specifically at people of a certain income level, ethnic background, political or religious beliefs and so on.

It makes sense that as a company you would rather not market soft drinks with sugar, but rather a sugar-free variant to people with diabetes. But is it ethical to collect such information without explicit permission and to use this information to influence purchasing behavior without users’ knowledge?

Supervisors are calling on Meta to adjust the revenue model

The Irish and Norwegian regulators therefore clearly believe that this should not be possible. The Norwegian regulator is the first to impose such a ban. Previously, Meta only received fines. The Norwegian regulator mentions the earlier Irish fine in its own opinion: “The fact that Meta continues to fail to comply with the GDPR even after the Irish fine requires us to take immediate action to protect the rights and freedoms of European residents.”

Norway is now going to the highest European court to make the temporary ban binding. Meta naturally challenges every fine and ban and has not yet taken any action to comply with the GDPR. It will also certainly be difficult for Meta to adjust such a pillar of its own revenue model. But the European regulators are clearly deadly serious. Meta will therefore have to make adjustments left or right to the way it now does business in Europe.