The European Union has made it clear that Meta’s controversial tactic to gain consent for tracking from regional users of Facebook and Instagram will not be tolerated under the bloc’s updated digital governance and competition rules. The approach, rolled out by Meta last November, forced users to either agree to tracking or pay for a monthly subscription.
Digital EVP and competition chief Margrethe Vestager cast doubt on Meta’s strategy, saying, “I think there are many different ways to monetize the services that you provide. Because one thing are the very targeted advertising that builds on data being consumed. Another way of showing your advertising is to make that contextual. So I think it’s important to continue the conversation with Meta and we will assess also finally, what is the next push in order for them to be compliant with the DMA [Digital Markets Act].” Vestager also expressed concern about a new fee that Apple has announced in response to the DMA, stating, “There are things that we take a keen interest in, for instance, if the new Apple fee structure will de facto not make it in any way attractive to use the benefits of the DMA.”
The EU’s goal for the DMA is to loosen Big Tech’s grip on tipped digital markets and stamp out unfair tactics. As Vestager put it, tech giants “are going to need to abide by both the letter and the spirit of the law.”
Under the DMA, Meta was designated a gatekeeper last September and is responsible for enforcing its rules. Additionally, Meta’s Facebook and Instagram platforms are both designated under the bloc’s Digital Services Act (DSA), which has a subset of extra rules specifically for very large online platforms (VLOPs). The Commission is also responsible for Meta’s compliance with the DSA’s rules for VLOPs.
The DSA and DMA both require platforms to obtain consent for ads processing. However, Meta has been accused of using unfair tactics and economic coercion to force Europeans to hand over their data, a claim that has been supported by privacy rights groups, consumer protection organizations, and some EU lawmakers.
While the Commission initially didn’t seem to take much notice when Meta first launched its controversial paywall, it has since acknowledged the growing outrage and sent a formal request for information (RFI) to Meta regarding its compliance with the DSA.
A Commission spokesperson said, “Due to a current lack of information in the context of the introduction of the [subscription for no ads or SNA] options, the Commission is currently unable to ascertain whether Meta is upholding its obligations under the DSA, in particular concerning transparency about how content is delivered to users and potential effects on systemic risks.” They also noted that the Commission will assess the information provided by Meta.
The spokesperson also highlighted that under the DSA, targeted advertising is prohibited for minors. However, it’s unclear how Meta can verify the age of its users and ensure that minors are not being served the consent paywall, potentially leading to a breach of the DSA.
Privacy rights groups have also filed complaints against Meta, arguing that its pricing for the ad-free subscription is disproportionate to the value it gains per user. They believe that this is a blatant attempt to circumvent EU laws by making privacy an unaffordable luxury, which could be considered manipulation through economic coercion.
In response to discussions with privacy regulators, Meta reportedly offered to lower the cost of its ad-free subscription. However, privacy rights groups argue that the issue lies in the mechanism itself and not the cost, as it prevents users from exercising a free choice, as required by the GDPR.
It may ultimately be up to the Commission to arbitrate this issue. The DMA has even higher penalties for confirmed breaches (up to 10% of global annual turnover) compared to the DSA and GDPR. The Commission’s spokesperson stated that the deadline for designated gatekeepers like Meta to meet all the requirements expired on March 7 and that they will assess the compliance of these companies.
However, the spokesperson did not provide any timeline for potential enforcement. They did state that the Commission “will not hesitate to take formal enforcement action” if needed. The DMA introduces mandatory consent mechanisms for gatekeepers, which implies giving end users a real choice. The phrasing is similar to the definition of consent under the GDPR, meaning that it must be specific, informed, unambiguous, and freely given. Additionally, there should be no obvious power imbalance between the data subject and the controller.
In conclusion, the European Union has made it clear that tech giants like Meta must abide by both the letter and the spirit of the law. The EU will closely monitor any attempts to use economic coercion to circumvent its digital rules, and may use the DSA to put pressure on Meta to comply with its regulations.
[…] fire after users have come forward with claims that their personal data was collected without their consent. This includes their name and the city where they live being added to their […]