Norway regulator to fine Meta over privacy breaches unless action taken

Facebook and Instagram owner told it cannot harvest user data and target advertising

Facebook and Instagram owner Meta Platforms will be fined one million Norwegian crowns (€88,000) per day over privacy breaches unless it takes remedial action, Norway’s data protection authority said on Monday, in a move that could have wider European implications.

Regulator Datatilsynet said it would charge the fine every day from August 4th until November 3rd unless Meta takes action.

It said Meta cannot harvest user data in Norway, such as users' physical locations, and use it to target advertising at them, called behavioural advertising, a business model common to Big Tech.

“It is so clear that this is illegal that we need to intervene now and immediately. We cannot wait any longer,” Tobias Judin, head of Datatilsynet’s international section, said.


Meta said it would review Datatilsynet's decision and that there would be no immediate impact on its services.

Datatilsynet has referred its move to the European Data Protection Board, which, if the latter agrees, could make the fine permanent and widen the decision's territorial scope in Europe.

"It would put additional pressure on Meta," said Judin.

Datatilsynet's decision comes days after the European Union's top court ruled Meta cannot harvest user data for behavioural advertising.

In December Irish Data Protection Commission (DPC), where Meta has its European headquarters, said the firm had to stop the practice.

"We continue to constructively engage with the Irish DPC, our lead regulator in the EU, regarding our compliance with its decision," Meta said.

"The debate around legal bases has been ongoing for some time and businesses continue to face a lack of regulatory certainty in this area."

Norway is not a member of the European Union but is part of the European single market. - Reuters