This Independence Day was nothing short of explosive for Meta, and not in the festive sense. The tech behemoth, alongside its industry cohorts, got a shocking present from the European Union’s top court. The verdict? A full-frontal attack on the legal framework that supports Meta’s key business model of targeted advertising.
In essence, the immediate outcome likely spells a German ban on Meta’s routine practice of merging user data from WhatsApp and Instagram, data derived from tracking third-party website visits, and Facebook user data. The goal? Delivering personalized ads on the company’s oldest social network.
But it’s not just about Germany. The ruling from the Court of Justice of the EU (CJEU) could potentially annihilate Meta’s last standing legal defense for providing targeted ads across the EU. With a looming ban on Meta exporting Europeans’ personal data to the U.S., the tech titan’s future in the region appears to be hanging by a thread. Given that a large chunk of Big Tech was banking on the same defense, we could be bracing for a sector-wide quake.
Antitrust Meets Privacy
This legal showdown isn’t exactly fresh news. The roots can be traced back to 2019 when Germany’s antitrust authority, the Bundeskartellamt or Federal Cartel Office, accused Facebook of abusing its market dominance. How so? By collating data from disparate platforms to boost targeted advertising.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
Here’s the twist – Facebook was declared guilty of not procuring voluntary consent from users for this extensive profiling. The authorities argued that even though users technically agreed to these terms of use, they had no other option if they wanted to use the leading social network. Therefore, Facebook was breaching the EU’s General Data Protection Regulation (GDPR) and unlawfully leveraging its market leader status to do so.
This landmark decision was notable as it combined the powers of a competition authority and the EU’s stringent privacy law, typically enforced by data protection authorities. Facebook, of course, appealed, culminating in the recent CJEU ruling.
In this pivotal judgment, the CJEU affirmed that competition watchdogs like the Bundeskartellamt can indeed consider a company’s adherence to other laws, like GDPR, when determining antitrust law infringements. This does come with a caveat: the competition regulator must defer to the privacy regulator with jurisdiction over the company if a ruling has already been made on the issue.
This has substantial implications for future antitrust and privacy law enforcement in the EU, amplifying an emerging trend of regulators viewing Big Tech’s data repositories as a potential competition issue.
However, the true firework in the ruling is its assertion that without explicit consent from users, Meta can’t claim a “legitimate interest” in processing people’s data for personalized ads.
No More ‘Legitimate Interest’?
This is a colossal development. Under GDPR, companies must cite a legal basis – chosen from a list – to process Europeans’ personal data. Over time, regulatory decisions and court rulings have whittled away Facebook/Meta’s viable options. The company’s last stand: claiming a “legitimate interest” in processing personal data for ad targeting. The court dismissed this claim, insisting that Facebook needs genuine user consent for such profiling.
As for Meta’s response? They’re currently assessing the court’s decision, according to a company spokesperson.
Privacy advocates are elated. Max Schrems, the activist lawyer whose enduring case against Facebook/Meta led the CJEU to invalidate multiple EU-U.S. data-sharing agreements, applauded the latest ruling. Schrems remarked, “This clarifies that various legal theories by the industry to bypass the GDPR are null and void.”
Meanwhile, the fate of a new EU-U.S. data-sharing agreement remains uncertain. This agreement could permit Meta to continue exporting personal data to the U.S., albeit without the ability to use it for personalized ads in Europe.
Whether this agreement will receive the green light from EU countries is yet to be seen. Doubts about whether it adequately protects Europeans’ data upon arrival in the U.S. persist, while activists predict that it too will be scuttled by the CJEU. The story continues to unfold, and we at The Internet Patrol will keep you updated.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
