Long data privacy notices aren't foolproof, Euro watchdog tells Meta

2023-01-13 11:30

Lengthy privacy notices included in a social media platform's terms of service can do little to help it comply with transparency requirements under European law, according to recently revealed documents from a case in which Meta was fined €390 million.

The documents have been released by noyb, the privacy law campaign group founded by Max Schrems, the lawyer who has twice successfully challenged US-EU data sharing, including the cases that defeated the US Safe Harbor and Privacy Shield agreements.

Despite nominally winning the case, noyb said it might further pursue its claim because, in its view, Ireland's Data Protection Commission gave Meta too long to comply with the ruling and imposed fines that were too low.

A legal saga between Meta, Ireland and the European Union reached a landmark earlier this month when the DPC meted out a combined €390 million fine for violations of the EU's General Data Protection Regulation, and directed the social media group to "Bring its data processing operations into compliance within a period of 3 months."

The DPC's verdict followed the European Data Protection Board's ruling in December to overturn a previous decision from the DPC that allowed Meta to add data use consent into its terms of service, seemingly in an attempt to bypass the EU's GDPR's requirement for explicit consent.

"The Data Policy and related material sometimes demonstrate an oversupply of very high level, generalised information at the expense of a more concise and meaningful delivery of the essential information necessary for the data subject to understand the processing being undertaken and to exercise his/her rights in a meaningful way," it said.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/01/13/long_data_privacy_meta/

#privacy