Norway’s data protection authority, Datatilsynet, has taken a strong stance against Meta Platforms, the parent company of social media giants Facebook and Instagram, by imposing a daily fine of one million Norwegian crowns ($98,500) starting from August 14. This decisive move comes in response to identified privacy breaches committed by the tech conglomerate.
The warning shot was fired on July 17 when Datatilsynet notified Meta about the impending fines should the privacy concerns not be adequately addressed. The regulatory body’s determination to hold Meta accountable for its practices reflects the growing emphasis on data privacy and user protection.
At the core of the controversy lies Meta’s practice of harvesting user data, including precise geographical information, within Norway’s borders. This data is then harnessed to fuel targeted behavioral advertising—a practice that has become synonymous with tech industry giants. Datatilsynet, however, underscored that this approach contradicts Norway’s stringent privacy regulations, setting a precedent for other jurisdictions.
Meta was granted until August 4 to demonstrate effective rectification of the identified privacy breaches. However, the company’s response to Datatilsynet’s request for commentary has yet to materialize, raising further concerns about its commitment to aligning with privacy standards.
The daily fine, designed to be enforced until November 3, carries implications that could ripple across the European region. If Datatilsynet’s decision garners the approval of the European Data Protection Board following referral, the penalties could become a permanent fixture, further underscoring the gravity of the situation.
In light of these regulatory actions, Meta recently announced its intention to pivot its approach within the European Union. The company aims to secure explicit user consent before allowing businesses to employ targeted advertising based on user interactions across platforms like Facebook and Instagram. This strategic shift not only addresses regulatory requirements within the EU but also reflects Meta’s responsiveness to evolving privacy expectations.
While Norway is not a formal member of the European Union, its participation in the European single market tightly intertwines its data protection regulations with broader EU policies. As the world continues to grapple with issues of data privacy and tech industry accountability, Datatilsynet’s actions against Meta highlight the far-reaching consequences of privacy breaches in a digital age.
