Protection of users’ privacy in online advertising: dealing with Meta’s data collection practices

20.7.2023

Question for written answer  E-002313/2023
to the Commission
Rule 138
Pirkko Ruohonen-Lerner (ECR)

The Norwegian Data Protection Authority has ordered Meta (Facebook, Instagram) to stop showing personal advertisements to Norwegian users on the basis of their online activity and estimated location. The ban, in force since August, is an attempt to address Meta’s advertising practises, including the processing of sensitive personal data through a system of meddlesome monitoring and profiling. The Court of Justice of the EU had decided previously that Meta had collected users’ data illegally and without their express consent.

• 1.What action does the European Commission possibly intend to take to ensure the protection of the rights and freedoms of European citizens when they are the subjects of targeted online advertising?
• 2.In view of the fact that the Irish Data Protection Commission is currently investigating Meta, which has been ordered to pay a fine of EUR 390 million for breaching privacy, what steps does the European Commission intend to take to ensure that Meta complies with the General Data Protection Regulation and establishes a new legal basis for its business model that respects the privacy of individuals?
• 3.What measures is the European Commission considering to strengthen the rules on data protection and their enforcement mechanisms, to make it possible to prevent the same sort of violations of privacy by other big technology companies and to ensure a greater sense of responsibility and transparency in the digital advertising ecosystem?

Submitted:20.7.2023